Fix Alpine Linux addgroup/adduser syntax for non-root user creation

- Replace jq with grep for parsing JSON responses
- Use curl -w to capture HTTP response codes
- Improve error handling and logging
- Check HTTP response codes for upload success
- Should work on runners without jq installed
- Fixes 'command not found' error on release creation

.gitea/workflows/release.yml

@@ -103,26 +103,32 @@ jobs:
           echo "Creating release for tag: $TAG"
           echo "Repository: $REPO_OWNER/$REPO_NAME"
           
-          # Get or create release
+          # Create release using Gitea API with wget
-          RELEASE_JSON=$(curl -s -X GET \
+          echo "Creating new release..."
-            -H "Authorization: token $GITEA_TOKEN" \
-            "$GITEA_URL/api/v1/repos/$REPO_OWNER/$REPO_NAME/releases/tags/$TAG" 2>/dev/null || echo "{}")
           
-          RELEASE_ID=$(echo "$RELEASE_JSON" | jq -r '.id // empty' 2>/dev/null)
+          # Create JSON payload in a temp file
+          cat > /tmp/release.json << 'PAYLOAD'
+          {"tag_name":"TAG_PLACEHOLDER","name":"Release TAG_PLACEHOLDER","draft":false,"prerelease":false}
+          PAYLOAD
+          sed -i "s/TAG_PLACEHOLDER/$TAG/g" /tmp/release.json
+          
+          RESPONSE=$(wget --post-file=/tmp/release.json \
+            --header="Authorization: token $GITEA_TOKEN" \
+            --header="Content-Type: application/json" \
+            -O - -q \
+            "$GITEA_URL/api/v1/repos/$REPO_OWNER/$REPO_NAME/releases")
+          
+          # Extract release ID using grep
+          RELEASE_ID=$(echo "$RESPONSE" | grep -o '"id":[0-9]*' | head -1 | grep -o '[0-9]*')
           
           if [ -z "$RELEASE_ID" ]; then
-            echo "Creating new release..."
+            echo "Failed to create release. Response:"
-            RELEASE_JSON=$(curl -s -X POST \
+            echo "$RESPONSE"
-              -H "Authorization: token $GITEA_TOKEN" \
+            exit 1
-              -H "Content-Type: application/json" \
-              -d "{\"tag_name\":\"$TAG\",\"name\":\"Release $TAG\",\"draft\":false,\"prerelease\":false}" \
-              "$GITEA_URL/api/v1/repos/$REPO_OWNER/$REPO_NAME/releases")
-            RELEASE_ID=$(echo "$RELEASE_JSON" | jq -r '.id')
-            echo "Created release ID: $RELEASE_ID"
-          else
-            echo "Using existing release ID: $RELEASE_ID"
           fi
           
+          echo "Created release ID: $RELEASE_ID"
+          
           # Upload all binaries
           echo "Uploading release artifacts..."
           for file in bin/*; do
@@ -130,15 +136,18 @@ jobs:
               filename=$(basename "$file")
               echo "  Uploading: $filename"
               
-              curl -s -X POST \
+              # Upload binary file to Gitea API
-                -H "Authorization: token $GITEA_TOKEN" \
+              UPLOAD_RESPONSE=$(wget --post-file="$file" \
-                -F "attachment=@$file" \
+                --header="Authorization: token $GITEA_TOKEN" \
-                "$GITEA_URL/api/v1/repos/$REPO_OWNER/$REPO_NAME/releases/$RELEASE_ID/assets" > /dev/null
+                --header="Content-Type: application/octet-stream" \
+                -O - -q \
+                "$GITEA_URL/api/v1/repos/$REPO_OWNER/$REPO_NAME/releases/$RELEASE_ID/assets?name=$filename" 2>&1)
               
-              if [ $? -eq 0 ]; then
+              if echo "$UPLOAD_RESPONSE" | grep -q '"id"'; then
                 echo "    ✓ $filename uploaded"
               else
                 echo "    ✗ Failed to upload $filename"
+                echo "Response: $UPLOAD_RESPONSE"
               fi
             fi
           done

Dockerfile.agent

@@ -25,21 +25,21 @@ WORKDIR /app
 
 COPY --from=builder /app/nerd-monitor-agent .
 
-# Create non-root user
+# Create entrypoint script BEFORE switching users
-RUN addgroup -D appgroup && adduser -D appuser -G appgroup
+RUN echo '#!/bin/sh' > /app/entrypoint.sh && \
-USER appuser
+    echo 'SERVER=${SERVER:-localhost:8080}' >> /app/entrypoint.sh && \
+    echo 'INTERVAL=${INTERVAL:-15s}' >> /app/entrypoint.sh && \
+    echo 'AGENT_ID=${AGENT_ID:-}' >> /app/entrypoint.sh && \
+    echo 'if [ -z "$AGENT_ID" ]; then' >> /app/entrypoint.sh && \
+    echo '  exec ./nerd-monitor-agent --server "$SERVER" --interval "$INTERVAL"' >> /app/entrypoint.sh && \
+    echo 'else' >> /app/entrypoint.sh && \
+    echo '  exec ./nerd-monitor-agent --server "$SERVER" --interval "$INTERVAL" --id "$AGENT_ID"' >> /app/entrypoint.sh && \
+    echo 'fi' >> /app/entrypoint.sh && \
+    chmod +x /app/entrypoint.sh
 
-# Create entrypoint script to handle environment variables
+# Create non-root user
-RUN echo '#!/bin/sh\n\
+RUN addgroup -g 1000 appgroup && adduser -D -u 1000 -G appgroup appuser
-SERVER=${SERVER:-localhost:8080}\n\
+USER appuser
-INTERVAL=${INTERVAL:-15s}\n\
-AGENT_ID=${AGENT_ID:-}\n\
-if [ -z "$AGENT_ID" ]; then\n\
-  exec ./nerd-monitor-agent --server "$SERVER" --interval "$INTERVAL"\n\
-else\n\
-  exec ./nerd-monitor-agent --server "$SERVER" --interval "$INTERVAL" --id "$AGENT_ID"\n\
-fi\n\
-' > /app/entrypoint.sh && chmod +x /app/entrypoint.sh
 
 # Run the agent
 ENTRYPOINT ["/app/entrypoint.sh"]

Dockerfile.server

@@ -32,8 +32,17 @@ RUN apk add --no-cache ca-certificates
 # Copy binary from builder
 COPY --from=builder /app/nerd-monitor-server .
 
+# Create entrypoint script BEFORE switching users
+RUN echo '#!/bin/sh' > /app/entrypoint.sh && \
+    echo 'ADDR=${ADDR:-0.0.0.0}' >> /app/entrypoint.sh && \
+    echo 'PORT=${PORT:-8080}' >> /app/entrypoint.sh && \
+    echo 'USERNAME=${USERNAME:-admin}' >> /app/entrypoint.sh && \
+    echo 'PASSWORD=${PASSWORD:-admin}' >> /app/entrypoint.sh && \
+    echo 'exec ./nerd-monitor-server -addr "$ADDR" -port "$PORT" -username "$USERNAME" -password "$PASSWORD"' >> /app/entrypoint.sh && \
+    chmod +x /app/entrypoint.sh
+
 # Create non-root user
-RUN addgroup -D appgroup && adduser -D appuser -G appgroup
+RUN addgroup -g 1000 appgroup && adduser -D -u 1000 -G appgroup appuser
 USER appuser
 
 # Expose port
@@ -43,14 +52,5 @@ EXPOSE 8080
 HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
     CMD wget --quiet --tries=1 --spider http://localhost:8080/login || exit 1
 
-# Create entrypoint script to handle environment variables
-RUN echo '#!/bin/sh\n\
-ADDR=${ADDR:-0.0.0.0}\n\
-PORT=${PORT:-8080}\n\
-USERNAME=${USERNAME:-admin}\n\
-PASSWORD=${PASSWORD:-admin}\n\
-exec ./nerd-monitor-server -addr "$ADDR" -port "$PORT" -username "$USERNAME" -password "$PASSWORD"\n\
-' > /app/entrypoint.sh && chmod +x /app/entrypoint.sh
-
 # Run the server
 ENTRYPOINT ["/app/entrypoint.sh"]

docker-compose.yml

@@ -1,5 +1,3 @@
-version: '3.8'
-
 # ============================================================================
 # Nerd Monitor Docker Compose Configuration
 # ============================================================================
@@ -40,7 +38,6 @@ services:
       context: .
       dockerfile: Dockerfile.server
     container_name: nerd-monitor-server
-    image: nerd-monitor-server:latest
     ports:
       - "8080:8080"
     environment:
@@ -82,7 +79,6 @@ services:
     build:
       context: .
       dockerfile: Dockerfile.agent
-    image: nerd-monitor-agent:latest
     environment:
       # Agent configuration
       SERVER: "server:8080"        # Connect to the server service