Add custom Alpine CI image with git and yq pre-installed

- Created base-images/alpine-git-yq/Dockerfile with git, yq, curl, bash
- Added build scripts (build-alpine-ci-image.sh and .bat)
- Updated .woodpecker.yaml to use alpine-git-yq:3.19 instead of alpine:3.19
- Removed apk add commands from CI pipeline (packages now pre-installed)
- Added CI_IMAGE_SETUP.md with detailed setup instructions
- Solves Alpine package repository blocking in air-gapped cluster

.woodpecker.yaml

@@ -49,7 +49,7 @@ steps:
 
   update-values-frontend:
     name: Update frontend tag in values.yaml
-    image: harbor.dvirlabs.com/base-images/alpine:3.19
+    image: harbor.dvirlabs.com/base-images/alpine-git-yq:3.19
     when:
       branch: [ master, develop ]
       event: [ push ]
@@ -61,7 +61,6 @@ steps:
       GIT_TOKEN:
         from_secret: GIT_TOKEN
     commands:
-      - apk add --no-cache git yq
       - git config --global user.name "woodpecker-bot"
       - git config --global user.email "ci@dvirlabs.com"
       - git clone "https://$${GIT_USERNAME}:$${GIT_TOKEN}@git.dvirlabs.com/dvirlabs/my-apps.git"
@@ -76,7 +75,7 @@ steps:
 
   update-values-backend:
     name: Update backend tag in values.yaml
-    image: harbor.dvirlabs.com/base-images/alpine:3.19
+    image: harbor.dvirlabs.com/base-images/alpine-git-yq:3.19
     when:
       branch: [ master, develop ]
       event: [ push ]
@@ -88,7 +87,6 @@ steps:
       GIT_TOKEN:
         from_secret: GIT_TOKEN
     commands:
-      - apk add --no-cache git yq
       - git config --global user.name "woodpecker-bot"
       - git config --global user.email "ci@dvirlabs.com"
       - |

CI_IMAGE_SETUP.md

@@ -0,0 +1 @@
+# Air-Gapped CI/CD Image Requirements\n\n## Problem\nYour Woodpecker CI pipeline needs `git` and `yq` but cannot install them via `apk add` because:\n- ❌ Alpine repositories (dl-cdn.alpinelinux.org) are blocked\n- ❌ SSL/TLS handshake failures\n- ❌ Permission denied errors\n\n## Solution\nUse a **pre-built Alpine image** with git and yq already installed.\n\n## Steps to Fix\n\n### 1. Build Custom Image (on a machine WITH internet)\n\n**Requirements:**\n- Machine with internet access\n- Docker installed\n- Access to Docker Hub (to pull alpine:3.19)\n- Access to push to Harbor\n\n**Windows:**\n```bash\n.\\build-alpine-ci-image.bat\n```\n\n**Linux/Mac:**\n```bash\nchmod +x build-alpine-ci-image.sh\n./build-alpine-ci-image.sh\n```\n\n### 2. Verify Image in Harbor\n\nCheck that the image exists:\n```bash\ncurl -u "username:password" https://harbor.dvirlabs.com/api/v2.0/projects/base-images/repositories/alpine-git-yq/artifacts\n```\n\nOr visit: https://harbor.dvirlabs.com → base-images → alpine-git-yq\n\n### 3. Update CI Config (Already Done)\n\nThe `.woodpecker.yaml` has been updated to use:\n```yaml\nimage: harbor.dvirlabs.com/base-images/alpine-git-yq:3.19\n```\n\nInstead of:\n```yaml\nimage: harbor.dvirlabs.com/base-images/alpine:3.19\ncommands:\n  - apk add --no-cache git yq  # ❌ This fails in air-gapped\n```\n\n### 4. Push Updated Config\n\n```bash\ngit add .\ngit commit -m \"Use custom Alpine image with git and yq for CI\"\ngit push\n```\n\n## What's Included\n\nThe custom `alpine-git-yq` image includes:\n- ✅ git\n- ✅ yq (YAML processor)\n- ✅ curl\n- ✅ bash\n\nAll pre-installed and ready to use in your air-gapped cluster!\n\n## If Build Fails\n\n### Error: \"Cannot connect to Docker Hub\"\n**Cause:** No internet access on the build machine.\n**Solution:** Build on a different machine that has internet access.\n\n### Error: \"apk: network error\"\n**Cause:** Building inside the air-gapped cluster.\n**Solution:** Build on a machine outside the cluster with internet access.\n\n### Alternative: Manual Build\n\nIf scripts don't work, build manually:\n\n```bash\ncd base-images/alpine-git-yq\ndocker build -t harbor.dvirlabs.com/base-images/alpine-git-yq:3.19 .\ndocker login harbor.dvirlabs.com\ndocker push harbor.dvirlabs.com/base-images/alpine-git-yq:3.19\n```\n\n## Result\n\nOnce the image is in Harbor, your CI pipeline will:\n1. ✅ Pull alpine-git-yq from Harbor (no external access needed)\n2. ✅ Use git and yq commands directly (already installed)\n3. ✅ Update values.yaml successfully\n4. ✅ Push changes to Git\n\nNo more package installation failures!\n

base-images/alpine-git-yq/Dockerfile

@@ -0,0 +1,20 @@
+# Alpine with git and yq pre-installed for CI/CD
+# 
+# IMPORTANT: This image MUST be built on a machine with internet access!
+# It needs to download packages from Alpine repositories.
+#
+# Build instructions:
+#   docker build -t harbor.dvirlabs.com/base-images/alpine-git-yq:3.19 .
+#   docker login harbor.dvirlabs.com
+#   docker push harbor.dvirlabs.com/base-images/alpine-git-yq:3.19
+#
+FROM alpine:3.19
+
+# Install git and yq while we have internet access
+# This should be built on a machine with internet and pushed to Harbor
+RUN apk add --no-cache git yq curl bash
+
+# Verify installations
+RUN git --version && yq --version
+
+CMD ["/bin/sh"]

build-alpine-ci-image.bat

@@ -0,0 +1,40 @@
+@echo off
+REM Build and push Alpine with git and yq for CI/CD
+
+set HARBOR_REGISTRY=harbor.dvirlabs.com
+set HARBOR_PROJECT=base-images
+set IMAGE_NAME=alpine-git-yq
+set TAG=3.19
+
+echo.
+echo 🏗️  Building Alpine image with git and yq...
+echo Registry: %HARBOR_REGISTRY%
+echo Image: %HARBOR_PROJECT%/%IMAGE_NAME%:%TAG%
+echo.
+
+REM Build the image
+cd base-images\alpine-git-yq
+docker build -t %HARBOR_REGISTRY%/%HARBOR_PROJECT%/%IMAGE_NAME%:%TAG% .
+docker tag %HARBOR_REGISTRY%/%HARBOR_PROJECT%/%IMAGE_NAME%:%TAG% %HARBOR_REGISTRY%/%HARBOR_PROJECT%/%IMAGE_NAME%:latest
+cd ..\..
+
+echo.
+echo ✅ Image built successfully!
+echo.
+
+REM Login to Harbor
+echo Please login to Harbor:
+docker login %HARBOR_REGISTRY%
+
+REM Push to Harbor
+echo.
+echo 🚀 Pushing to Harbor...
+docker push %HARBOR_REGISTRY%/%HARBOR_PROJECT%/%IMAGE_NAME%:%TAG%
+docker push %HARBOR_REGISTRY%/%HARBOR_PROJECT%/%IMAGE_NAME%:latest
+
+echo.
+echo 🎉 Alpine CI image pushed successfully!
+echo.
+echo Image: %HARBOR_REGISTRY%/%HARBOR_PROJECT%/%IMAGE_NAME%:%TAG%
+echo.
+pause

build-alpine-ci-image.sh

@@ -0,0 +1,39 @@
+#!/bin/bash
+# Build and push Alpine with git and yq for CI/CD
+set -e
+
+HARBOR_REGISTRY="harbor.dvirlabs.com"
+HARBOR_PROJECT="base-images"
+IMAGE_NAME="alpine-git-yq"
+TAG="3.19"
+
+echo "🏗️  Building Alpine image with git and yq..."
+echo "Registry: $HARBOR_REGISTRY"
+echo "Image: $HARBOR_PROJECT/$IMAGE_NAME:$TAG"
+echo ""
+
+# Build the image
+cd base-images/alpine-git-yq
+docker build -t $HARBOR_REGISTRY/$HARBOR_PROJECT/$IMAGE_NAME:$TAG .
+docker tag $HARBOR_REGISTRY/$HARBOR_PROJECT/$IMAGE_NAME:$TAG $HARBOR_REGISTRY/$HARBOR_PROJECT/$IMAGE_NAME:latest
+cd ../..
+
+echo ""
+echo "✅ Image built successfully!"
+echo ""
+
+# Login to Harbor
+echo "Please login to Harbor:"
+docker login $HARBOR_REGISTRY
+
+# Push to Harbor
+echo ""
+echo "🚀 Pushing to Harbor..."
+docker push $HARBOR_REGISTRY/$HARBOR_PROJECT/$IMAGE_NAME:$TAG
+docker push $HARBOR_REGISTRY/$HARBOR_PROJECT/$IMAGE_NAME:latest
+
+echo ""
+echo "🎉 Alpine CI image pushed successfully!"
+echo ""
+echo "Image: $HARBOR_REGISTRY/$HARBOR_PROJECT/$IMAGE_NAME:$TAG"
+echo ""