chore: add podman-compose to uv config

.github/workflows/podman.yml

@@ -18,28 +18,29 @@ env:
   LOG_LEVEL: DEBUG
 
 jobs:
-  build:
-    runs-on: ubuntu-latest
+  direct:
+    runs-on: ubuntu-24.04
 
-    name: podman-compose integration test
+    name: podman-compose
 
     steps:
       - uses: actions/checkout@v4
 
-      - name: Install ImageBuilder prereqs
-        run: sudo apt-get install -y podman-compose jq
+      - name: Install prereqs
+        run: sudo apt-get install -y jq
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v5
 
       - name: Build the containers
         run: |
-          podman-compose build
+          uv run podman-compose build
 
       - name: Start the containers
         run: |
-          export CONTAINER_SOCKET_PATH="/tmp/podman.sock"
-          podman system service --time=0 "unix://$CONTAINER_SOCKET_PATH" &
-          echo "PUBLIC_PATH=$(pwd)/public" > .env
-          echo "CONTAINER_SOCKET_PATH=$CONTAINER_SOCKET_PATH" >> .env
-          podman-compose up -d
+          podman network create asu-build
+          podman system service --time=0 "unix://$(pwd)/podman.sock" &
+          uv run podman-compose up -d
 
       - name: Let the containers start
         run: sleep 30
@@ -55,7 +56,7 @@ jobs:
             curl 'http://localhost:8000/api/v1/build' \
               --request 'POST' \
               --header 'Content-Type: application/json' \
-              --data @tests/ci/openwrt-one-24.10.0.json | tee response.json | jq
+              --data @tests/ci/openwrt-one-25.12.2.json | tee response.json | jq
             if [ "$(jq -r '.status' response.json)" -eq 200 ]; then
               break
             fi
@@ -64,3 +65,57 @@ jobs:
             fi
             sleep 10
           done
+
+  cached:
+    runs-on: ubuntu-latest
+
+    name: podman-compose with nginx cache
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install prereqs
+        run: sudo apt-get install -y jq
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v5
+
+      - name: Build the containers
+        run: |
+          uv run podman-compose build
+
+      - name: Start the containers with cache
+        run: |
+          podman network create asu-build
+          podman system service --time=0 "unix://$(pwd)/podman.sock" &
+          cp tests/ci/asu-cache.toml asu.toml
+          uv run podman-compose -f podman-compose.yml -f podman-compose.cache.yml up -d
+
+      - name: Let the containers start
+        run: sleep 30
+
+      - name: Test startup
+        run: |
+          curl -s http://localhost:8000/api/v1/stats | tee response.json | jq
+          [ "$(jq -r '.queue_length' response.json)" -eq 0 ] || exit 1
+
+      - name: Test build (first request, cache miss)
+        run: |
+          for i in {1..20}; do
+            curl 'http://localhost:8000/api/v1/build' \
+              --request 'POST' \
+              --header 'Content-Type: application/json' \
+              --data @tests/ci/openwrt-one-25.12.2.json | tee response.json | jq
+            if [ "$(jq -r '.status' response.json)" -eq 200 ]; then
+              break
+            fi
+            if [ $i -eq 20 ]; then
+              exit 1
+            fi
+            sleep 10
+          done
+
+      - name: Verify cache was used
+        run: |
+          uv run podman-compose -f podman-compose.yml -f podman-compose.cache.yml logs cache 2>&1 | tee cache.log
+          grep -q "downloads.openwrt.org" cache.log

.github/workflows/test.yml

@@ -24,8 +24,8 @@ jobs:
       fail-fast: false
       matrix:
         python-version:
-          - "3.11"
-          - "3.12"
+          - "3.13"
+          - "3.14"
 
     name: Python ${{ matrix.python-version }}
 
@@ -37,9 +37,7 @@ jobs:
           python-version: ${{ matrix.python-version }}
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v4
-        with:
-          enable-cache: true
+        uses: astral-sh/setup-uv@v5
 
       - name: Display Python version
         run: python -c "import sys; print(sys.version)"
@@ -55,8 +53,8 @@ jobs:
 
       - name: Test with pytest
         run: |
-          export CONTAINER_SOCKET_PATH="/tmp/podman.sock"
-          podman system service --time=0 "unix://$CONTAINER_SOCKET_PATH" &
+          podman network create asu-build
+          podman system service --time=0 "unix://$(pwd)/podman.sock" &
           uv run coverage run -m pytest -vv --runslow
           uv run coverage xml
 

Containerfile

@@ -1,4 +1,4 @@
-FROM python:3.12-slim
+FROM python:3.14-slim
 
 WORKDIR /app/
 

README.md

@@ -115,10 +115,11 @@ The services are configured via environment variables, which can be set in a
 `.env` file
 
 ```bash
-echo "PUBLIC_PATH=$(pwd)/public" > .env
-echo "CONTAINER_SOCKET_PATH=/run/user/$(id -u)/podman/podman.sock" >> .env
-# optionally allow custom scripts running on first boot
-echo "ALLOW_DEFAULTS=1" >> .env
+# symlink the podman socket into the asu directory
+ln -sf /run/user/$(id -u)/podman/podman.sock podman.sock
+
+# create isolated network for build containers (no access to Redis)
+podman network create asu-build
 ```
 
 Now it's possible to run all services via `podman-compose`:
@@ -187,6 +188,12 @@ curl -LsSf https://astral.sh/uv/install.sh | sh
 uv sync --extra dev
 ```
 
+#### Running Redis
+
+```bash
+podman run -d --name redis -p 6379:6379 redis:alpine
+```
+
 #### Running the server
 
 ```bash

asu.example.toml

@@ -0,0 +1,38 @@
+# ASU Server Configuration
+#
+# Copy to asu.toml and adjust. Environment variables and .env
+# override values set here.
+
+upstream_url = "https://downloads.openwrt.org"
+allow_defaults = false
+log_level = "INFO"
+
+# Container settings
+base_container = "ghcr.io/openwrt/imagebuilder"
+
+# Caching proxy: uncomment to route package downloads through nginx cache
+# upstream_url = "http://cache"
+
+# Build cache TTLs
+build_ttl = "7d"
+build_ttl_unversioned = "24h"
+build_defaults_ttl = "30m"
+build_failure_ttl = "1h"
+max_pending_jobs = 200
+job_timeout = "10m"
+
+# S3 storage (optional, default is local)
+# store_backend = "s3"
+# s3_endpoint = "https://s3.example.com"
+# s3_access_key = ""
+# s3_secret_key = ""
+# s3_bucket = "asu-store"
+# s3_region = "auto"
+# s3_public_url = "https://cdn.example.com"
+
+# Allowed external repository URL prefixes
+# repository_allow_list = [
+#     "https://raw.githubusercontent.com/libremesh/",
+#     "https://feed.libremesh.org/",
+#     "https://buildbot.weimarnetz.de/",
+# ]