Oleks
d8de7617fb
ci/woodpecker/push/container Pipeline was successful
cms-plugins is an Astro/emdash web app whose image is built by npm/astro against an upstream package-lock.json (better-sqlite3 native build) and cannot be expressed as Nix on emmett/amd64, so it stays on docker buildx. Apply the cluster #196 OCI escape-hatch: move all build/tag/registry truth into ci/local.sh, parameterized by BUILDKIT_ADDR (local docker-container default, dry-run; CI overrides to the in-cluster native arm64 remote + PUBLISH=1). CI now runs the same script a developer runs, so CI and local can't drift. The three-tag Flux ImagePolicy contract (0.1.<pipeline>, <branch>, <branch>-latest) and the arm64/kotkan targeting are preserved verbatim; the Dockerfile is unchanged.