fix: self hosted runner support without docker

.github/workflows/build.yml

@@ -1,28 +1,17 @@
-name: Docker
+name: CI
 permissions:
   contents: read
-  packages: write
-  attestations: write
-  id-token: write
 
 on:
   push:
     branches:
       - main
-
-    # Publish `v1.2.3` tags as releases.
     tags:
       - v*
 
-  # Run tests for any PRs.
   pull_request:
 
-env:
-  IMAGE_NAME: image-actions
-
 jobs:
-  # Run tests and quality checks.
-  # See also https://docs.docker.com/docker-hub/builds/automated-testing/
   test:
     runs-on: ubuntu-latest
 
@@ -32,63 +21,30 @@ jobs:
       - name: Setup Node.js
         uses: actions/setup-node@v6
         with:
-          node-version: '22'
+          node-version: '24'
           cache: 'npm'
 
       - name: Install dependencies
         run: npm ci
 
-      - name: Run TypeScript checks
-        run: npx tsc --noEmit
+      - name: TypeScript check
+        run: npm run typecheck
 
-      - name: Run linting
+      - name: Lint
         run: npm run lint
 
-      - name: Check formatting
+      - name: Format check
         run: npm run format-check
 
-      - name: Run tests
-        run: |
-          if [ -f docker-compose.test.yml ]; then
-            docker compose --file docker-compose.test.yml build
-            docker compose --file docker-compose.test.yml run test
-          else
-            docker build . --file Dockerfile
-          fi
-  # Push image to GitHub Packages.
-  # See also https://docs.docker.com/docker-hub/builds/
-  push:
-    # Ensure test job passes before pushing image.
-    needs: test
+      - name: Tests
+        run: npm run test
 
-    runs-on: ubuntu-latest
-    if: github.event_name == 'push'
+      - name: Rebuild dist/
+        run: npm run build
 
-    steps:
-      - uses: actions/checkout@v6
-
-      - name: Build image
-        run: docker build . --file Dockerfile --tag $IMAGE_NAME
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v4
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Push image
+      - name: Verify dist/ is committed and up to date
         run: |
-          IMAGE_ID=ghcr.io/${{ github.repository }}/$IMAGE_NAME
-          # Change all uppercase to lowercase
-          IMAGE_ID=$(echo $IMAGE_ID | tr '[A-Z]' '[a-z]')
-          # Strip git ref prefix from version
-          VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')
-          # Strip "v" prefix from tag name
-          [[ "${{ github.ref }}" == "refs/tags/"* ]] && VERSION=$(echo $VERSION | sed -e 's/^v//')
-          # Use Docker `latest` tag convention
-          [ "$VERSION" == "$default-branch" ] && VERSION=latest
-          echo IMAGE_ID=$IMAGE_ID
-          echo VERSION=$VERSION
-          docker tag $IMAGE_NAME $IMAGE_ID:$VERSION
-          docker push $IMAGE_ID:$VERSION
+          if ! git diff --exit-code --stat dist/; then
+            echo "::error::dist/ is out of date. Run 'npm run build' and commit the result."
+            exit 1
+          fi

.github/workflows/image-actions.yml

@@ -21,7 +21,7 @@ jobs:
         uses: actions/checkout@v6
 
       - name: Compress PR Images
-        uses: calibreapp/image-actions@main
+        uses: ./
         with:
           # `GITHUB_TOKEN` is automatically generated by GitHub and scoped only to the repository that is currently running the action. By default, the action can’t update Pull Requests initiated from forked repositories.
           # See https://docs.github.com/en/actions/reference/authentication-in-a-workflow and https://help.github.com/en/articles/virtual-environments-for-github-actions#token-permissions

.prettierignore

@@ -1 +1,2 @@
-src/markdown-templates
+src/markdown-templates
+dist

README.md

@@ -1,4 +1,6 @@
-# Calibre Image Actions
+# Image Actions (Magebit fork)
+
+> Hard fork of [calibreapp/image-actions](https://github.com/calibreapp/image-actions) reworked to run as a pure Node.js action instead of a Docker action. This avoids the `pods/jobs/secrets` permissions that our self-hosted ARC runners (namespace `arc-runners`) don't grant to custom container actions. Functionally identical to upstream; `uses:` reference changes to `magebitcom/image-actions@v1`.
 
 [![License](https://img.shields.io/github/license/calibreapp/image-actions?color=informational)](https://github.com/calibreapp/image-actions/blob/main/LICENSE)
 [![Contributor Covenant](https://img.shields.io/badge/Contributor%20Covenant-2.1-success)](CODE_OF_CONDUCT.md)
@@ -27,7 +29,7 @@ Image Actions offers:
 
 ## 🛠 Usage
 
-1. Create a `.github/workflows/calibreapp-image-actions.yml` file in your repository with the following configuration:
+1. Create a `.github/workflows/image-actions.yml` file in your repository with the following configuration:
 
 ```yml
 name: Compress Images
@@ -46,15 +48,15 @@ jobs:
   build:
     # Only run on Pull Requests within the same repository, and not from forks.
     if: github.event.pull_request.head.repo.full_name == github.repository
-    name: calibreapp/image-actions
+    name: magebitcom/image-actions
     permissions: write-all
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Repo
         uses: actions/checkout@v4
 
       - name: Compress PR Images
-        uses: calibreapp/image-actions@main
+        uses: magebitcom/image-actions@v1
 ```
 
 2. Open a Pull Request with new or updated imagery. Image Actions will optimise images, and commit them to your branch:
@@ -140,14 +142,14 @@ on:
     - cron: '00 23 * * 0'
 jobs:
   build:
-    name: calibreapp/image-actions
+    name: magebitcom/image-actions
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Repo
         uses: actions/checkout@v3
       - name: Compress Images
         id: calibre
-        uses: calibreapp/image-actions@main
+        uses: magebitcom/image-actions@v1
         with:
           compressOnly: true
       - name: Create New Pull Request If Needed
@@ -168,7 +170,7 @@ By default, GitHub Actions do not have permission to alter forked repositories.
 
 ```yml
       - name: Compress PR Images
-        uses: calibreapp/image-actions@main
+        uses: magebitcom/image-actions@v1
         with:
           # `GITHUB_TOKEN` is automatically generated by GitHub and scoped only to the repository that is currently running the action. By default, the action can’t update Pull Requests initiated from forked repositories.
           # See https://docs.github.com/en/actions/reference/authentication-in-a-workflow and https://help.github.com/en/articles/virtual-environments-for-github-actions#token-permissions
@@ -197,14 +199,14 @@ on:
       - '**.avif'
 jobs:
   build:
-    name: calibreapp/image-actions
+    name: magebitcom/image-actions
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Repo
         uses: actions/checkout@v3
       - name: Compress Images
         id: calibre
-        uses: calibreapp/image-actions@main
+        uses: magebitcom/image-actions@v1
         with:
           compressOnly: true
       - name: Create New Pull Request If Needed
@@ -254,7 +256,7 @@ on:
     - cron: '00 23 * * 0'
 jobs:
   build:
-    name: calibreapp/image-actions
+    name: magebitcom/image-actions
     runs-on: ubuntu-latest
     # Only run on main repo on and PRs that match the main repo.
     if: |
@@ -266,7 +268,7 @@ jobs:
         uses: actions/checkout@v3
       - name: Compress Images
         id: calibre
-        uses: calibreapp/image-actions@main
+        uses: magebitcom/image-actions@v1
         with:
           # For non-Pull Requests, run in compressOnly mode and we'll PR after.
           compressOnly: ${{ github.event_name != 'pull_request' }}

__tests__/get-changed-images_test.js

@@ -1,8 +1,8 @@
 import { beforeEach, afterEach, test, expect, vi } from 'vitest'
 import { Octokit } from '@octokit/action'
 import { context } from '@actions/github'
-import getChangedImages from '../src/get-changed-images.ts'
-import getConfig from '../src/config.ts'
+import getChangedImages from '../src/get-changed-images'
+import getConfig from '../src/config'
 
 vi.mock('@octokit/action')
 vi.mock('@actions/github', () => ({
@@ -18,7 +18,7 @@ vi.mock('@actions/github', () => ({
     }
   }
 }))
-vi.mock('../src/config.ts')
+vi.mock('../src/config')
 
 const mockListFiles = vi.fn()
 const mockGetConfig = vi.fn()

__tests__/get-repository-images_test.js

@@ -1,11 +1,11 @@
 import { beforeEach, afterEach, test, expect, vi } from 'vitest'
 import path from 'path'
 import { glob } from 'glob'
-import getRepositoryImages from '../src/get-repository-images.ts'
-import getConfig from '../src/config.ts'
+import getRepositoryImages from '../src/get-repository-images'
+import getConfig from '../src/config'
 
 vi.mock('glob')
-vi.mock('../src/config.ts')
+vi.mock('../src/config')
 
 const mockGlob = vi.fn()
 const mockGetConfig = vi.fn()

__tests__/github-markdown_test.js

@@ -1,5 +1,5 @@
 import { test, expect } from 'vitest'
-import markdown from '../src/github-markdown.ts'
+import markdown from '../src/github-markdown'
 
 const results = {
   optimisedImages: [

__tests__/image-processing_test.js

@@ -1,16 +1,16 @@
 import path from 'path'
 import { promises as fs } from 'fs'
 import { beforeEach, afterEach, test, expect, vi } from 'vitest'
-import imageProcessing from '../src/image-processing.ts'
-import getRepositoryImages from '../src/get-repository-images.ts'
+import imageProcessing from '../src/image-processing'
+import getRepositoryImages from '../src/get-repository-images'
 
 // Mock the getRepositoryImages function
-vi.mock('../src/get-repository-images.ts', () => ({
+vi.mock('../src/get-repository-images', () => ({
   default: vi.fn()
 }))
 
 // Mock getChangedImages to return null (fallback to repository scan)
-vi.mock('../src/get-changed-images.ts', () => ({
+vi.mock('../src/get-changed-images', () => ({
   default: vi.fn(() => null)
 }))
 

action.yml

@@ -52,8 +52,8 @@ outputs:
     description: "Output param used to store the Markdown summary for subsequent actions to use"
 
 runs:
-  using: "docker"
-  image: "Dockerfile" 
+  using: "node24"
+  main: "dist/index.js"
 
 branding:
   icon: "image"