\r\n\n\n### Steps to reproduce\n\n.\n\n### Expected behavior\n\n_No response_\n\n### System Info\n\n```shell\n\"next-d126cf9e35\"\n```\n\n\n### Additional context\n\n_No response_\n\n### Validations\n\n- [X] Read the [docs](https://woodpecker-ci.org/docs/intro).\n- [X] Check that there isn't [already an issue](https://github.com/woodpecker-ci/woodpecker/issues) that reports the same bug to avoid creating a duplicate.\n- [X] Checked that the bug isn't fixed in the `next` version already [https://woodpecker-ci.org/faq#which-version-of-woodpecker-should-i-use]",[2919,2920],{"name":2868,"color":2869},{"name":2885,"color":2886},4677,"`tag` pipelines are missing avatar and commit title","2025-01-12T06:19:42Z","https://github.com/woodpecker-ci/woodpecker/issues/4677",0.7388999,{"description":2927,"labels":2928,"number":2934,"owner":2874,"repository":2875,"state":2876,"title":2935,"updated_at":2936,"url":2937,"score":2938},"### Clear and concise description of the problem\n\nNo documentation on how to setup the CI using binary packages. The docs only explain how to install it using docker.\n\n### Suggested solution\n\nProvide documentation on how to use binary packages and setup the CI e.g. sample system service scripts with the environment variable and database config.\n\n### Alternative\n\n_No response_\n\n### Additional context\n\n_No response_\n\n### Validations\n\n- [X] Read the [Contributing Guidelines](https://github.com/woodpecker-ci/woodpecker/blob/master/CONTRIBUTING.md).\n- [X] Read the [docs](https://woodpecker-ci.org/docs/intro).\n- [X] Check that there isn't already an [issue](https://github.com/woodpecker-ci/woodpecker/issues) that request the same feature to avoid creating a duplicate.",[2929,2930,2931],{"name":2908,"color":2909},{"name":2888,"color":2889},{"name":2932,"color":2933},"good first issue","76ea72",1292,"Add docs on how to setup using the binary packages","2023-03-26T20:17:21Z","https://github.com/woodpecker-ci/woodpecker/issues/1292",0.7412079,{"description":2940,"labels":2941,"number":2946,"owner":2874,"repository":2875,"state":2876,"title":2947,"updated_at":2948,"url":2949,"score":2950},"we currently don't have a concept how to translate/interpreter the services into \"local backend\" and just ignore them.\r\n\r\nwe should have it that way so it works very similar to what the user know with docker or kube backend.",[2942,2943],{"name":2888,"color":2889},{"name":2944,"color":2945},"backend/local","bfdadc",3095,"Implement services for local backend","2025-02-10T13:40:24Z","https://github.com/woodpecker-ci/woodpecker/issues/3095",0.7488925,{"description":2952,"labels":2953,"number":2957,"owner":2874,"repository":2875,"state":2876,"title":2958,"updated_at":2959,"url":2960,"score":2961},"### Clear and concise description of the problem\n\nIt would be great to have a search form available at `/admin`. For instances with more users (e.g. codeberg), the paginated load becomes quite an issue when searching for a particular user/org/repository.\r\n\r\n\n\n### Suggested solution\n\nAdd a search functionality, similar as in https://ci.codeberg.org/repos.\n\n### Alternative\n\n_No response_\n\n### Additional context\n\n_No response_\n\n### Validations\n\n- [X] Checked that the feature isn't part of the `next` version already [https://woodpecker-ci.org/faq#which-version-of-woodpecker-should-i-use]\n- [X] Read the [Contributing Guidelines](https://github.com/woodpecker-ci/woodpecker/blob/main/CONTRIBUTING.md).\n- [X] Read the [docs](https://woodpecker-ci.org/docs/intro).\n- [X] Check that there isn't already an [issue](https://github.com/woodpecker-ci/woodpecker/issues) that request the same feature to avoid creating a duplicate.",[2954,2955,2956],{"name":2871,"color":2872},{"name":2885,"color":2886},{"name":2888,"color":2889},3015,"Admin: Search functionality for users/repos/organizations","2023-12-27T07:56:01Z","https://github.com/woodpecker-ci/woodpecker/issues/3015",0.75388247,{"description":2963,"labels":2964,"number":2969,"owner":2874,"repository":2875,"state":2970,"title":2971,"updated_at":2972,"url":2973,"score":2974},"### Component\n\ncli\n\n### Describe the bug\n\nSince updating to 2.4.x woodpecker-cli runs into a runtime error:\r\n\r\n```\r\npanic: runtime error: invalid memory address or nil pointer dereference\r\n[signal SIGSEGV: segmentation violation code=0x2 addr=0x20 pc=0x1004c71a8]\r\n\r\ngoroutine 1 [running]:\r\ngo.woodpecker-ci.org/woodpecker/v2/cli/internal/config.Load(0x14000591580)\r\n go.woodpecker-ci.org/woodpecker/v2/cli/internal/config/config.go:53 +0x268\r\ngo.woodpecker-ci.org/woodpecker/v2/cli/common.Before(0x14000591580)\r\n go.woodpecker-ci.org/woodpecker/v2/cli/common/hooks.go:53 +0x70\r\ngithub.com/urfave/cli/v2.(*Command).Run(0x14000597760, 0x14000591580, {0x1400014c000, 0xc, 0xc})\r\n github.com/urfave/cli/v2@v2.27.1/command.go:219 +0x3d0\r\ngithub.com/urfave/cli/v2.(*App).RunContext(0x140001d6e00, {0x101e2cca0, 0x102d70660}, {0x1400014c000, 0xc, 0xc})\r\n github.com/urfave/cli/v2@v2.27.1/app.go:337 +0x514\r\ngithub.com/urfave/cli/v2.(*App).Run(...)\r\n github.com/urfave/cli/v2@v2.27.1/app.go:311\r\nmain.main()\r\n go.woodpecker-ci.org/woodpecker/v2/cmd/cli/main.go:26 +0x48\r\n```\r\n\r\nHere is an example. I export the variables first\r\n\r\n```\r\nexport WOODPECKER_PROJECT=\"test/project\"\r\nexport WOODPECKER_SERVER=\"https://our.server\"\r\nexport WOODPECKER_TOKEN=\"asdf\"\r\n```\r\n\r\nThen i run any command, like `woodpecker-cli pipeline ls` and the error occurs.\n\n### System Info\n\n```shell\n{\"source\":\"https://github.com/woodpecker-ci/woodpecker\",\"version\":\"2.4.1\"}\r\n\r\n➜ ~ woodpecker-cli --version\r\nwoodpecker-cli version 2.4.1\n```\n\n\n### Additional context\n\n_No response_\n\n### Validations\n\n- [X] Read the [docs](https://woodpecker-ci.org/docs/intro).\n- [X] Check that there isn't [already an issue](https://github.com/woodpecker-ci/woodpecker/issues) that reports the same bug to avoid creating a duplicate.\n- [X] Checked that the bug isn't fixed in the `next` version already [https://woodpecker-ci.org/faq#which-version-of-woodpecker-should-i-use]",[2965,2966],{"name":2868,"color":2869},{"name":2967,"color":2968},"cli","1d76db",3553,"closed","woodpecker-cli - runtime error: invalid memory address or nil pointer dereference with 2.4.x","2024-04-15T19:18:03Z","https://github.com/woodpecker-ci/woodpecker/issues/3553",0.7104348,{"description":2976,"labels":2977,"number":2981,"owner":2874,"repository":2875,"state":2970,"title":2982,"updated_at":2983,"url":2984,"score":2985},"### Clear and concise description of the problem\r\n\r\nI'm trying to run a container image build step in my pipeline that uses [buildah](https://quay.io/repository/buildah/stable?tab=info). I'm running into a lot of permission errors like this:\r\n\r\n```\r\ntime=\"2023-10-07T19:59:26Z\" level=error msg=\"writing \\\"0 0 4294967295\\\\n\\\" to /proc/17/uid_map: write /proc/17/uid_map: operation not permitted\"\r\ntime=\"2023-10-07T19:59:26Z\" level=error msg=\"(Unable to determine exit status)\"\r\n```\r\n\r\nAfter some experimentation with podman and buildah containers on my cluster, I have determined that I need to configure a few different settings at the Pod level for this to work:\r\n\r\n- `metadata.annotations`: I need to be able to set `container.apparmor.security.beta.kubernetes.io/\u003Ccontainer_name>` to use a custom apparmor profile for my buildah container. I would like to use the `WOODPECKER_BACKEND_K8S_POD_ANNOTATIONS` env variable, but since the container names are randomly generated I'm not sure how to make this work.\r\n- `spec.securityContext`: The only way I have found to make buildah work is to run it as non-root. This means that I need to set `runAsUser`, `runAsGroup`, and `fsGroup` on the Pod level `securityContext` (not the container level).\r\n\r\n### Suggested solution\r\n\r\nAdding support for `securityContext` seems like it should be fairly straightforward. We could just follow that same approach that is currently used for `resources`, `nodeSelector`, etc. [documented here](https://woodpecker-ci.org/docs/next/administration/backends/kubernetes#resources).\r\n\r\nThe AppArmor profile is trickier since the container name needs to be included in the annotation key. I'm imagining a configuration like `backend_options.kubernetes.appArmorProfile` that could take all of the possible values for the annotation [documented here](https://kubernetes.io/docs/tutorials/security/apparmor/). Then, the pod generation logic would just look for this configuration and add the appropriate annotation if it's found.\r\n\r\n### Alternative\r\n\r\nI could disable AppArmor entirely, but that's not really advisable for a production environment. I could also try to find a way to get the buildah container running as root (it should be possible), but again, that's not ideal from a security perspective.\r\n\r\n### Additional context\r\n\r\nThis is somewhat of a follow up from #2510. I'm trying to get Woodpecker to run on my kubeadm/CRI-O based cluster running on Debian which I believe makes me some kind of leprechaun/unicorn/lochness monster. There definitely aren't many of us out there.\r\n\r\n### Validations\r\n\r\n- [X] Checked that the feature isn't part of the `next` version already [https://woodpecker-ci.org/faq#which-version-of-woodpecker-should-i-use]\r\n- [X] Read the [Contributing Guidelines](https://github.com/woodpecker-ci/woodpecker/blob/main/CONTRIBUTING.md).\r\n- [X] Read the [docs](https://woodpecker-ci.org/docs/intro).\r\n- [X] Check that there isn't already an [issue](https://github.com/woodpecker-ci/woodpecker/issues) that request the same feature to avoid creating a duplicate.",[2978,2979],{"name":2888,"color":2889},{"name":2980,"color":2945},"backend/kubernetes",2545,"Support AppArmor annotations and securityContext in kubernetes backend","2024-01-12T22:32:26Z","https://github.com/woodpecker-ci/woodpecker/issues/2545",0.71638906,["Reactive",2987],{},["Set"],["ShallowReactive",2990],{"$fTRc1wZytZ_XrK4EfJfei_Sz-An4H4Yy6syhVxH_PVJc":-1,"$fEpcJlP6SrQQ64_EKwQWoTS6xZcNSmPgz00QTZTrfVk8":-1},"/woodpecker-ci/woodpecker/1943"]