infra: container-only workflow (packaging image + scripts); README: add No Host Pollution policy

2025-09-12 14:22:56 -05:00
parent 02057f7815
commit c835a8438b
7 changed files with 109 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -21,6 +21,31 @@ Single-branch, streamlined repository for container work at KNEL. The focus is C
 - Commit small, focused changes; push directly to `origin/main`.
 - No integration/feature branch dance; avoid long‑lived branches.

+## No Host Pollution (containers only)
+
+- Host requirements: `docker`, `git` (and optionally `tea`). Nothing else.
+- All packaging work runs inside the packaging container. Do not install build tools on the host.
+- Use the scripts provided:
+  - `scripts/packaging-up.sh` – build/run the packaging container (mounts repo, docker socket)
+  - `scripts/packaging-enter.sh` – open a shell inside the container
+  - `scripts/packaging-exec.sh <cmd>` – run a command inside the container
+  - `scripts/workspace-clone.sh` – run upstream clone inside the container
+  - `scripts/workspace-update.sh` – run upstream update inside the container
+
+The container image includes Docker CLI and Cloudron CLI, and accesses the host Docker via `/var/run/docker.sock`.
+
+Quick start:
+```
+# Start container
+scripts/packaging-up.sh
+
+# Enter container shell
+scripts/packaging-enter.sh
+
+# Clone upstreams inside container
+scripts/workspace-clone.sh
+```
+
 ## Add a new Cloudron package

 1) Create the package folder