CI: Update Workflow Runners to Self-Hosted container-registry

[bupd]

• Fixes: Use Self Hosted Runners for all Jobs #316

Description

Updated all 11 runs-on directives across 4 workflow files from ubuntu-latest to the self-hosted container-registry runner for better memory and performance

Additional context

none

---

Summary by cubic

Moved CI jobs to container-registry runners for faster builds and more memory. Release jobs now build via a remote BuildKit with an idempotent Buildx setup on self-hosted; e2e remains on ubuntu-latest.

• Migration
  • Ensure a runner labeled container-registry is online with Docker, Task, and registry credentials (runs-on uses this label only; no “self-hosted”).
  • Allow outbound access to tcp://buildkitd.github-runners.svc:1234; the workflow creates/uses the remote Buildx builder automatically.

^{Written for commit 2a1be02. Summary will update on new commits.}

Summary by CodeRabbit

• Chores
  • Updated continuous integration environments for labeler, lint, and test workflows to enhance reliability and consistency.

[coderabbitai]

📝 Walkthrough

Walkthrough

Updated GitHub Actions workflow configurations across three files to use container-registry self-hosted runners instead of ubuntu-latest for the labeler, lint, and test pipeline jobs. No functional or control flow changes introduced.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflow Runner Updates .github/workflows/labeler.yaml, .github/workflows/lint.yaml, .github/workflows/test.yaml	Changed runner environment from ubuntu-latest to container-registry across labeler job, lint job, and four test jobs (vulnerability-check, test-release, build-satellite, build-ground-control). All other workflow steps and permissions remain unchanged.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: updating workflow runners from ubuntu-latest to a self-hosted container-registry runner across CI workflows.
Linked Issues check	✅ Passed	The PR substantially addresses issue #316 by migrating runs-on directives to self-hosted container-registry runners across Test, Lint, and Release pipelines, though e2e and release jobs were reverted to ubuntu-latest for Docker/buildx support.
Out of Scope Changes check	✅ Passed	All changes are scoped to updating runner configurations in workflow files (.github/workflows/) to address the performance and memory concerns raised in issue #316; no unrelated modifications present.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description check	✅ Passed	The PR description follows the required template with Fixes, Description, and Additional context sections, providing clear details about the changes and migration requirements.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codacy-production]

Codacy's Analysis Summary

0 new issue (≤ 0 issue)
0 new security issue

Review Pull Request in Codacy →

✨ AI Reviewer available: add the codacy-review label to get contextual insights without leaving GitHub.

[cubic-dev-ai]

No issues found across 4 files

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @.github/workflows/labeler.yaml:
- Line 10: The runs-on value in the GitHub Actions job currently uses only
"container-registry" which will cause the job to queue because it needs the
"self-hosted" label; update the job's runs-on to include both labels (e.g.,
["self-hosted", "container-registry"]) in .github/workflows/labeler.yaml, and
add a .github/actionlint.yaml file that registers your custom label (map a key
like self-hosted-runner to labels: - container-registry) so actionlint
recognizes the custom runner label.

[cubic-dev-ai]

1 issue found across 6 files (changes from recent commits).

Prompt for AI agents (all issues)

Check if these issues are valid — if so, understand the root cause of each and fix them.


<file name=".github/actions/publish-and-sign/action.yaml">

<violation number="1" location=".github/actions/publish-and-sign/action.yaml:40">
P2: Make the remote builder creation idempotent; `docker buildx create --name remote` will fail if the builder already exists on a reused self-hosted runner. Check for an existing builder or remove it before creating.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}