fix(011): drop explicit manifest check, trust mikebom release contract#24
Merged
mlieberman85 merged 1 commit intoJul 11, 2026
Merged
Conversation
Cumulative debug journey (PRs kusari-oss#20, kusari-oss#21, kusari-oss#22, kusari-oss#23) established that explicit ghcr.io manifest verification is infeasible without a cross-org PAT: - `docker manifest inspect` — 401 unauthorized, then 401 denied even with `docker login` using GITHUB_TOKEN. GITHUB_TOKEN's `packages: read` scope only covers this repo's own packages. - `crane manifest` — same issue at a different layer. My "verified locally" claim was a false positive from stale ghcr.io creds in my Docker config. - `gh api /orgs/kusari-oss/packages/container/mikebom/versions` — fails silently on the runner. Cross-org REST-API access to container metadata also requires an explicit cross-org token. Every path back to strict manifest verification requires a cross-org PAT stored as a repo secret. That's a real ongoing cost (rotation, principle of least privilege, another attack surface) for a check that: 1. duplicates what mikebom's release contract already guarantees (release + image published atomically by their release.yml); 2. covers a tiny race window (seconds between release publish and image push); 3. produces the same failure mode (ImagePullBackOff at Job-spawn) when its assumption breaks as we'd get if we skipped it. Drop the check. Trust the mikebom release contract. Contract updated to explicitly document this design decision and the removed `noop_manifest_pending` variant. Reference the hotfix chain (kusari-oss#20 → kusari-oss#23) for future readers investigating the design. If we ever want strict verification back, add a `MIKEBOM_GHCR_TOKEN` repo secret with `read:packages` scope and use `crane manifest`. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The cumulative debug journey across #20/#21/#22/#23 established that explicit ghcr.io manifest verification is infeasible without a cross-org PAT. Each method hit the same underlying wall:
docker manifest inspect(no auth)unauthorized— ghcr.io v2 requires SOME tokendocker manifest inspect(GITHUB_TOKEN auth)denied— token has no cross-org scopecrane manifestgh api /orgs/.../packages/container/.../versionspackages: readscope doesn't map to REST-API cross-org container-metadata readsEvery path back to strict verification requires storing a cross-org PAT as a repo secret. That's a real ongoing cost (rotation, principle of least privilege, another attack surface) for a check that:
Fix
nightly-detect.sh.noop_manifest_pendingvariant. References the hotfix chain (fix(011): manifest-check failure is a soft noop, not a hard fail #20 → fix(011): image existence check via GitHub packages API (drop crane) #23) so future readers understand the reasoning.Test plan
decision=should_bump,current_pin=v0.1.0-alpha.57,latest_mikebom=v0.1.0-alpha.58,next_operator_tag=v0.1.0-alpha.2. Zero side effects (dry-run branch prints "would push", "would open PR").dry_run=trueand exercise the real end-to-end pipeline.🤖 Generated with Claude Code