\r\n\n\n### Steps to reproduce\n\n.\n\n### Expected behavior\n\n_No response_\n\n### System Info\n\n```shell\n\"next-d126cf9e35\"\n```\n\n\n### Additional context\n\n_No response_\n\n### Validations\n\n- [X] Read the [docs](https://woodpecker-ci.org/docs/intro).\n- [X] Check that there isn't [already an issue](https://github.com/woodpecker-ci/woodpecker/issues) that reports the same bug to avoid creating a duplicate.\n- [X] Checked that the bug isn't fixed in the `next` version already [https://woodpecker-ci.org/faq#which-version-of-woodpecker-should-i-use]",[2956,2957],{"name":2905,"color":2906},{"name":2922,"color":2923},4677,"`tag` pipelines are missing avatar and commit title","2025-01-12T06:19:42Z","https://github.com/woodpecker-ci/woodpecker/issues/4677",0.7388999,{"description":2964,"labels":2965,"number":2971,"owner":2911,"repository":2912,"state":2913,"title":2972,"updated_at":2973,"url":2974,"score":2975},"### Clear and concise description of the problem\n\nNo documentation on how to setup the CI using binary packages. The docs only explain how to install it using docker.\n\n### Suggested solution\n\nProvide documentation on how to use binary packages and setup the CI e.g. sample system service scripts with the environment variable and database config.\n\n### Alternative\n\n_No response_\n\n### Additional context\n\n_No response_\n\n### Validations\n\n- [X] Read the [Contributing Guidelines](https://github.com/woodpecker-ci/woodpecker/blob/master/CONTRIBUTING.md).\n- [X] Read the [docs](https://woodpecker-ci.org/docs/intro).\n- [X] Check that there isn't already an [issue](https://github.com/woodpecker-ci/woodpecker/issues) that request the same feature to avoid creating a duplicate.",[2966,2967,2968],{"name":2945,"color":2946},{"name":2925,"color":2926},{"name":2969,"color":2970},"good first issue","76ea72",1292,"Add docs on how to setup using the binary packages","2023-03-26T20:17:21Z","https://github.com/woodpecker-ci/woodpecker/issues/1292",0.7412079,{"description":2977,"labels":2978,"number":2983,"owner":2911,"repository":2912,"state":2913,"title":2984,"updated_at":2985,"url":2986,"score":2987},"we currently don't have a concept how to translate/interpreter the services into \"local backend\" and just ignore them.\r\n\r\nwe should have it that way so it works very similar to what the user know with docker or kube backend.",[2979,2980],{"name":2925,"color":2926},{"name":2981,"color":2982},"backend/local","bfdadc",3095,"Implement services for local backend","2025-02-10T13:40:24Z","https://github.com/woodpecker-ci/woodpecker/issues/3095",0.7488925,{"description":2989,"labels":2990,"number":2994,"owner":2911,"repository":2912,"state":2913,"title":2995,"updated_at":2996,"url":2997,"score":2998},"### Clear and concise description of the problem\n\nIt would be great to have a search form available at `/admin`. For instances with more users (e.g. codeberg), the paginated load becomes quite an issue when searching for a particular user/org/repository.\r\n\r\n\n\n### Suggested solution\n\nAdd a search functionality, similar as in https://ci.codeberg.org/repos.\n\n### Alternative\n\n_No response_\n\n### Additional context\n\n_No response_\n\n### Validations\n\n- [X] Checked that the feature isn't part of the `next` version already [https://woodpecker-ci.org/faq#which-version-of-woodpecker-should-i-use]\n- [X] Read the [Contributing Guidelines](https://github.com/woodpecker-ci/woodpecker/blob/main/CONTRIBUTING.md).\n- [X] Read the [docs](https://woodpecker-ci.org/docs/intro).\n- [X] Check that there isn't already an [issue](https://github.com/woodpecker-ci/woodpecker/issues) that request the same feature to avoid creating a duplicate.",[2991,2992,2993],{"name":2908,"color":2909},{"name":2922,"color":2923},{"name":2925,"color":2926},3015,"Admin: Search functionality for users/repos/organizations","2023-12-27T07:56:01Z","https://github.com/woodpecker-ci/woodpecker/issues/3015",0.75388247,{"description":3000,"labels":3001,"number":3006,"owner":2911,"repository":2912,"state":3007,"title":3008,"updated_at":3009,"url":3010,"score":3011},"### Component\n\ncli\n\n### Describe the bug\n\nSince updating to 2.4.x woodpecker-cli runs into a runtime error:\r\n\r\n```\r\npanic: runtime error: invalid memory address or nil pointer dereference\r\n[signal SIGSEGV: segmentation violation code=0x2 addr=0x20 pc=0x1004c71a8]\r\n\r\ngoroutine 1 [running]:\r\ngo.woodpecker-ci.org/woodpecker/v2/cli/internal/config.Load(0x14000591580)\r\n go.woodpecker-ci.org/woodpecker/v2/cli/internal/config/config.go:53 +0x268\r\ngo.woodpecker-ci.org/woodpecker/v2/cli/common.Before(0x14000591580)\r\n go.woodpecker-ci.org/woodpecker/v2/cli/common/hooks.go:53 +0x70\r\ngithub.com/urfave/cli/v2.(*Command).Run(0x14000597760, 0x14000591580, {0x1400014c000, 0xc, 0xc})\r\n github.com/urfave/cli/v2@v2.27.1/command.go:219 +0x3d0\r\ngithub.com/urfave/cli/v2.(*App).RunContext(0x140001d6e00, {0x101e2cca0, 0x102d70660}, {0x1400014c000, 0xc, 0xc})\r\n github.com/urfave/cli/v2@v2.27.1/app.go:337 +0x514\r\ngithub.com/urfave/cli/v2.(*App).Run(...)\r\n github.com/urfave/cli/v2@v2.27.1/app.go:311\r\nmain.main()\r\n go.woodpecker-ci.org/woodpecker/v2/cmd/cli/main.go:26 +0x48\r\n```\r\n\r\nHere is an example. I export the variables first\r\n\r\n```\r\nexport WOODPECKER_PROJECT=\"test/project\"\r\nexport WOODPECKER_SERVER=\"https://our.server\"\r\nexport WOODPECKER_TOKEN=\"asdf\"\r\n```\r\n\r\nThen i run any command, like `woodpecker-cli pipeline ls` and the error occurs.\n\n### System Info\n\n```shell\n{\"source\":\"https://github.com/woodpecker-ci/woodpecker\",\"version\":\"2.4.1\"}\r\n\r\n➜ ~ woodpecker-cli --version\r\nwoodpecker-cli version 2.4.1\n```\n\n\n### Additional context\n\n_No response_\n\n### Validations\n\n- [X] Read the [docs](https://woodpecker-ci.org/docs/intro).\n- [X] Check that there isn't [already an issue](https://github.com/woodpecker-ci/woodpecker/issues) that reports the same bug to avoid creating a duplicate.\n- [X] Checked that the bug isn't fixed in the `next` version already [https://woodpecker-ci.org/faq#which-version-of-woodpecker-should-i-use]",[3002,3003],{"name":2905,"color":2906},{"name":3004,"color":3005},"cli","1d76db",3553,"closed","woodpecker-cli - runtime error: invalid memory address or nil pointer dereference with 2.4.x","2024-04-15T19:18:03Z","https://github.com/woodpecker-ci/woodpecker/issues/3553",0.7104348,{"description":3013,"labels":3014,"number":3018,"owner":2911,"repository":2912,"state":3007,"title":3019,"updated_at":3020,"url":3021,"score":3022},"### Clear and concise description of the problem\r\n\r\nI'm trying to run a container image build step in my pipeline that uses [buildah](https://quay.io/repository/buildah/stable?tab=info). I'm running into a lot of permission errors like this:\r\n\r\n```\r\ntime=\"2023-10-07T19:59:26Z\" level=error msg=\"writing \\\"0 0 4294967295\\\\n\\\" to /proc/17/uid_map: write /proc/17/uid_map: operation not permitted\"\r\ntime=\"2023-10-07T19:59:26Z\" level=error msg=\"(Unable to determine exit status)\"\r\n```\r\n\r\nAfter some experimentation with podman and buildah containers on my cluster, I have determined that I need to configure a few different settings at the Pod level for this to work:\r\n\r\n- `metadata.annotations`: I need to be able to set `container.apparmor.security.beta.kubernetes.io/\u003Ccontainer_name>` to use a custom apparmor profile for my buildah container. I would like to use the `WOODPECKER_BACKEND_K8S_POD_ANNOTATIONS` env variable, but since the container names are randomly generated I'm not sure how to make this work.\r\n- `spec.securityContext`: The only way I have found to make buildah work is to run it as non-root. This means that I need to set `runAsUser`, `runAsGroup`, and `fsGroup` on the Pod level `securityContext` (not the container level).\r\n\r\n### Suggested solution\r\n\r\nAdding support for `securityContext` seems like it should be fairly straightforward. We could just follow that same approach that is currently used for `resources`, `nodeSelector`, etc. [documented here](https://woodpecker-ci.org/docs/next/administration/backends/kubernetes#resources).\r\n\r\nThe AppArmor profile is trickier since the container name needs to be included in the annotation key. I'm imagining a configuration like `backend_options.kubernetes.appArmorProfile` that could take all of the possible values for the annotation [documented here](https://kubernetes.io/docs/tutorials/security/apparmor/). Then, the pod generation logic would just look for this configuration and add the appropriate annotation if it's found.\r\n\r\n### Alternative\r\n\r\nI could disable AppArmor entirely, but that's not really advisable for a production environment. I could also try to find a way to get the buildah container running as root (it should be possible), but again, that's not ideal from a security perspective.\r\n\r\n### Additional context\r\n\r\nThis is somewhat of a follow up from #2510. I'm trying to get Woodpecker to run on my kubeadm/CRI-O based cluster running on Debian which I believe makes me some kind of leprechaun/unicorn/lochness monster. There definitely aren't many of us out there.\r\n\r\n### Validations\r\n\r\n- [X] Checked that the feature isn't part of the `next` version already [https://woodpecker-ci.org/faq#which-version-of-woodpecker-should-i-use]\r\n- [X] Read the [Contributing Guidelines](https://github.com/woodpecker-ci/woodpecker/blob/main/CONTRIBUTING.md).\r\n- [X] Read the [docs](https://woodpecker-ci.org/docs/intro).\r\n- [X] Check that there isn't already an [issue](https://github.com/woodpecker-ci/woodpecker/issues) that request the same feature to avoid creating a duplicate.",[3015,3016],{"name":2925,"color":2926},{"name":3017,"color":2982},"backend/kubernetes",2545,"Support AppArmor annotations and securityContext in kubernetes backend","2024-01-12T22:32:26Z","https://github.com/woodpecker-ci/woodpecker/issues/2545",0.71638906,["Reactive",3024],{},["Set"],["ShallowReactive",3027],{"$fTRc1wZytZ_XrK4EfJfei_Sz-An4H4Yy6syhVxH_PVJc":-1,"$fEpcJlP6SrQQ64_EKwQWoTS6xZcNSmPgz00QTZTrfVk8":-1},"/woodpecker-ci/woodpecker/1943"]