TazLab K8s: Image Automation Detail
Level 3 (Detail) — All 4 image automation pipelines with exact tag patterns and commit strategy.
Concept
Flux image automation watches Docker Hub for new tags matching a pattern, then automatically commits the updated image reference back to the tazlab-k8s repository. This closes the loop between CI/CD build and GitOps reconciliation.
Architecture
GitHub Action (push) → Docker Hub (tag) → Flux ImageRepository (poll 1m) → ImagePolicy (select latest) → ImageUpdateAutomation (commit to git) → Flux reconcile (deploy)
Each pipeline is defined in infrastructure/automation/<app>/automation.yaml as three Flux CRDs:
- ImageRepository: polls Docker Hub every 1 minute
- ImagePolicy: selects the latest tag by numerical version
- ImageUpdateAutomation: commits the updated image reference to
master
Pipeline Inventory
1. hugo-blog
| Resource | Name | Details |
|---|---|---|
| ImageRepository | hugo-blog | tazzo/tazlab-blog, poll 1m |
| ImagePolicy | hugo-blog | Tag: ^blog-(?P<value>[0-9]+)-.*$, numerical asc |
| ImageUpdateAutomation | hugo-blog | Commit: chore: self-update hugo-blog image [skip ci] |
| Update path | ./apps/base/hugo-blog | |
| Update strategy | Setters |
Upstream: blog-src repository → GitHub Action publish.yml → Docker Hub tazzo/tazlab-blog.
2. hugo-wiki
| Resource | Name | Details |
|---|---|---|
| ImageRepository | hugo-wiki | tazzo/tazlab-wiki, poll 1m |
| ImagePolicy | hugo-wiki | Tag: ^wiki-(?P<value>[0-9]+)-.*$, numerical asc |
| ImageUpdateAutomation | hugo-wiki | Commit: chore: self-update hugo-wiki image [skip ci] |
| Update path | ./apps/base/hugo-wiki | |
| Update strategy | Setters |
Upstream: wiki.tazlab.net repository → GitHub Action publish.yml → Docker Hub tazzo/tazlab-wiki.
3. mnemosyne-mcp
| Resource | Name | Details |
|---|---|---|
| ImageRepository | mnemosyne-mcp | tazzo/mnemosyne-mcp, poll 1m |
| ImagePolicy | mnemosyne-mcp | Tag: ^mcp-(?P<value>[0-9]+)-.*$, numerical asc |
| ImageUpdateAutomation | mnemosyne-mcp | Commit: chore: self-update mnemosyne-mcp image [skip ci] |
| Update path | ./apps/base/mnemosyne-mcp | |
| Update strategy | Setters |
Upstream: mnemosyne-mcp-server repository → GitHub Action publish.yml → Docker Hub tazzo/mnemosyne-mcp.
| Resource | Name | Details |
|---|---|---|
| Update strategy | Setters |
Tag Pattern Reference
| App | Pattern | Extracted value | Example tag |
|---|---|---|---|
| hugo-blog | ^blog-(?P<value>[0-9]+)-.*$ | run_number | blog-45-a1b2c3d |
| hugo-wiki | ^wiki-(?P<value>[0-9]+)-.*$ | run_number | wiki-12-e4f5g6h |
| mnemosyne-mcp | ^mcp-(?P<value>[0-9]+)-.*$ | run_number | mcp-42-7ba6c96d |
All use numerical: order: asc — Flux selects the tag with the highest run number.
Markers in Deployment
Each Deployment manifest has an image line like:
image: tazzo/tazlab-blog:blog-45-a1b2c3d # {"$imagepolicy": "flux-system:hugo-blog"}
The comment after the # is the Flux setter marker. It tells ImageUpdateAutomation which exact line to update. The format is:
# {"$imagepolicy": "<namespace>:<policy-name>"}
Commit Behavior
- Bot:
fluxcdbot@tazlab.net - Branch:
master(direct push) - Message:
chore: self-update <app> image [skip ci] - Strategy: Setters (regex replacement of the image tag after the marker comment)
See Also
- Parent hub: tazlab-k8s
- Sibling topic: Image Automation
- Sibling details: Flux Kustomizations Detail
- Reference: Image Policy Example