Releases: unattended-backpack/magister
Release da41fa5
Release Notes
Description
The last fix was insufficient; it was failing due to not specifying a tmux directory and explicit contemplant home.
Bug Fixes:
- Contemplant spawning (TimTinkers)
Full Changelog: 1764204054-ca87676...da41fa5
PR: #14 by @TimTinkers
Container Images
Images have been pushed to the following container registries; some may be private.
Magister
- GHCR:
ghcr.io/unattended-backpack/magister/magister:da41fa5cad6a8e63d62152d4a52b07526f721273 - DHCR:
unattended/magister:da41fa5cad6a8e63d62152d4a52b07526f721273 - DOCR:
registry.digitalocean.com/sigil/magister:da41fa5cad6a8e63d62152d4a52b07526f721273
docker pull ghcr.io/unattended-backpack/magister/magister@sha256:c43a38d97abce75a34bd08cf7ac0c13eea1593336bc87c4c353051ab85b15a19
docker pull unattended/magister@sha256:96564e03695033da6170ea21bcf672cb42faf09c7d12c125559537d97c4a0b07
docker pull registry.digitalocean.com/sigil/magister@sha256:c43a38d97abce75a34bd08cf7ac0c13eea1593336bc87c4c353051ab85b15a19After pulling from a registry, verify the image ID matches sha256:99e65bf33796ccb7c88acb101a999045db3752a9cc7d84e2fbfd198cf8405928 by running docker inspect magister --format='{{.Id}}'.
Native Binaries
Pre-built native binaries are available as release assets:
- Binary tarballs:
*_da41fa5_*.tar.gz. - SHA256 checksums:
checksums.txt.
All binaries include .asc signature files for GPG verification.
GPG Signature Verification
All release artifacts are signed with GPG, including:
image-digests.txt- A human-readable digest list for all images.magister-ghcr-manifest.json- The complete GHCR magister image manifest.magister-dh-manifest.json- The complete Docker Hub magister image manifest.magister-do-manifest.json- The complete DigitalOcean magister image manifest.*.tar.gz- Native binary tarballs.checksums.txt- SHA256 checksums for binaries.
Download the artifacts and their .asc signature files from the release assets below. To verify authenticity, copy this public key LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tCgptUUlOQkdpYjg2Z0JFQUNUUjhpWmF4THpLdTFDdGU0Q3RtaUZPUjNMOFVBMURUNG9rRi9qKzdjNGRiYmJxcVNjCmJVU0ViYjVWVlp0dE5mVWR6MEd4Qk8zb2RjTWM0RHdDOXZ5ZTlrWkJoVlk3bXRqZHFWNE5ENzd1Um9zVzFReFMKZ3NvZ0c1bVVrV3RFUGgzVmEwdEtjalZnWVBScWNiSzJ6RVZjVW5IRm1Uc0U4ekkvb2VtbTZBdzRERzliK2tSWgoxVGFpSlUrMEhtcEw3TzhZRU00dVhhaVpSY21yNVU0R2xHdEhxZ1dFUGszYmZNWnpucEowY3VBRm1TTlBZYkdaCjVieUYyVnJoTE5uNUw3OXk3WVhDd20vZmxyTVNTclNGa0tYUGtDSWNETHVZajZBUnFBazYvUlIvZC93b1NpZ04KZCt5SVI4UU14QlJnVWV5SGNrdUNWaEVITW5WQnFYYWJNLzgvNTlsQ21oL2ZYZk9nd25xeDZhUkQ0azFabWxMSgphTUxtdkVlaGpZcEZoeU5oWUZhU3VoWkpSeEtaNTFKRVZNcDhCMy8yVmN6cENpUTJZdy9vN2libGE4Zm05QXFJCkU4WVNEWU1JYi96V1FCSE5vL0JaQXZ2VE9yVGRHVlVwZEJYK1RoSGE4UXd0Q0dsOEVRUFh1Qk5NbDFXMGhpKzUKeXlCNURBS2l6MVN2dld0YnR3QnFMQ2VSQm9RY3hGZTVRK05lY2s0azExbkJId0tibk9hd0VSNlNSY2JtNGYzcwo2eXBjeGxVZXF0a0RCT1ordVV2OHk2Qm9JNzhNb0I2WnpIdUs4dWsvckM4bWpMa2tqYXdTZVo0MGR4SzdTbGMwCjJoWGxMMkl1UFdUVmdVQ204ZTZHc2VJNUxWcHRPMnNVWE05SUlUUExIdjFBbmlvRUo4MFIrL0xQM1FBUkFRQUIKdERCVWFXMXZkR2g1SUVOc1lXNWplU0FvVTJsbmFXd2djbVZzWldGelpYTXBJRHgwYVcwdFkyeGhibU41TG1WMAphRDZKQWs0RUV3RUtBRGdXSVFTK0lEZ3Bra0xkUTJkZHNkU2RzWktPM25xZkJRVUNhSnZ6cUFJYkF3VUxDUWdICkFnWVZDZ2tJQ3dJRUZnSURBUUllQVFJWGdBQUtDUkNkc1pLTzNucWZCY0p0RC80aSt1cE1rNHpERE5IMjVpb0oKaDI4a3pMYjlhWk41RTN3NnZZc2V4cVdJdk9aNldURWNDRmNCL3BlelJzMlI3RWZmeE5aeG5ETnhtaTNsM3FJNwpFQjIrUlFDYXBINi9HUnpTaG5mdlRiMVR5VGtETDIvREd3ZWhpRHRZcVNsenE2ZlROSXBncDYvZ3ROVUpnaHB0CkxFenkzaXc1QzRlUGJ4Q0QxcWdyRkhmZnh1THJ5cmxqdFdnT3J2Sm5tVEZrNnJHZ3R2T1NGN0puU0Z4NWZmRUMKV0NBQ3RsYXlaMFp6OS9uVXJjd1VNdUlNOGdJRFQxMWVsTUhySWZBU2tZRjRVUHQyZnB4RUJXdGsxS2xkcGlkLwoxdnJwQmplQjhlK1RRNFVacWFwM1VNZmtRbjNCZGRlUHB6cGY1MUV6c1FyRHM4UTQwN1dhMTZ3Q3FQaXJFUW9HClg4MHRiRmQ5UzZnT2diSVNFK3dlcXRjWXNvbm5OVTE5TmNiVklWQWFJalN4THM3ZTQxZFo1c0N0MHZMWENQS3AKL3YyTE9DYjEwam9jU040Z3RONG9iUW1tUldiallIbllQNEhkMjFIcExHcjhjRmhDNmxwRjJPYjVrZEVOQXFkLwoxTlBTTmt0emFRclpvTnNYbnl6ZmVxMjdLTTZubmh6azBLNURmSEJwWFExbWVtdnJDeHp0WFEyTlBPOEJqQzdXCk5uL2VkWmdZME1lVmNMZ01PS3hLWWk4NGRra0Z0Zk5qandSQmVRUzA3cEcvTkRIVTBHVkEwRDhYUk5jdWxnV3AKVDNoMVJnT1NDQkFvcXdVNDhZYTl1U3pYY1JxN1o5SDd4c2ovSDlWaUc2a3VqVFlNaHMwM2RDV2wwdHpLSzRMcQorNmdQTEJRYUxBVGJFKytnTXM4MFVnaXd2TGtDRFFSb20vT29BUkFBNXQ1bGpvWkY3WWYrNXJTV3NHZHc1TlNXCjc0a2I4RUo1V2t6a2VhYmYyaFN1NWdrcFkxTHF3RFVObFgwUWE0LzJOcmh3dTl3VEJGd3hjRUoycmxpWklndUcKUHNoajRYaWcwaUJaU2NZZW1rVFJ5Q0pwV1NQb2VJc3pGNVFVMDNYR1MwdG02Vm1rcGY1d2NTTThKTFZrSElTTApYKyszY1J2MEVSTEVNSGlWRVAvczNFZEZFT1Y2UExnYUdRUkRaOTg3RDlJZFcwQjNSdVVNQitXNHRnRnRXS0xJCmFFY0tWaks1eUtnaDQ5d3U3dEhkaW81RDB5eVFFUnVEY1NmQU9FV3V1UkJ1bmZwdWtCay9LZ0Fha2tLTnJhWGoKRm5DNEVNbE9PT2tnbitnM1NqZVZCemFpZm9ITEsrSERYbHVLZ3BMQjYxNkl3dEZRMzVUbUVuRTdMS1ZTZUczMwo3QVc0TDRoSVZPK0U3TEVHbVl0Q2ZiTUhycDRiN3k4aFNZdlNKSkYzUmU4UnhmNGtEdm1IeFpVVlFqWC90TTA0CnIvc3g1Y3oySVNlOFNRc1JaRjF0MnZXd2NjTXNxNGFCVUh2R2lNbGpNME1ESVU5RlJZOGROTEJKL05uTmZUU3gKNlp6VHRMUmpvTmRHT0I5VkJ5TGNoSHdjK3U5NVo2TkxQcVA2b3BKdXlIWlJKZGl3NzlBV0JweW92bDBqblRTSQpsbk1pTGJWMVBxVXJoS1BxdHhlc01aUEt1dTM1UVQvTnhSZWhDMHVwNDJkdWlxb3NRSU9VemFjbmpzM2o3bTBLCldMS2F2WlJoamxWOXh1bHhGUVNMTnErQ0pvZXJKaW9ZQS9WYnRLR3pFWkRxWk5wbG45Q011NWM0QTVzS1VFNTIKL1J1WGhXM2hDa0V3Q0ExWUZZc0FFUUVBQVlrQ05nUVlBUW9BSUJZaEJMNGdPQ21TUXQxRFoxMngxSjJ4a283ZQplcDhGQlFKb20vT29BaHNNQUFvSkVKMnhrbzdlZXA4RkFJY1AvaTVKMVBKSkFEbzNTRlVBaVU4MnJvcFdIMDRICm5uRm5KdGR3Tjh3UW4xRHAvdHRLc25ENkROaU92YzlCdjNHZU5nUG9FSGlDdG43T1Fnb0VXTXQ0bnZjejl3MHcKZ1lwTlJIMkFXdHM2UWVlZUY3YzBZRXhIZ3FYUGNPMUdCbngvalVxYWNPUmY3NjF5QmxFWWo3QmhwZWIwNkxTYQpwZmw2SFZXY1FOTktvYzQ4UzFselkwa2ZpS1pRMzdNYVNKNHlOaWlycWMyVjQvTUxYVjRYNzJSdm9qem94SWpNCmZjdDNHelhUOGhSZWkyc2dvMTc3S3kxeDJodDNJTzRUaGF0UzZ5K3ErdFR0RGx6RWdrM3cvQi9ESTBqbjgwVmwKaTVNQTNGTmh0N0JhZDJzd21tMGN0Ty8yRUU1aVlBSUxWRWJwcnhVWVo1SGo4bHFDYTVJSStoUGRjQmRGM1pnbQpiZEtOZERzV3FJSXdrTVJ3cE5SQ2JCUU5IaHhzR0tPYXBnYnEzaC9SMDNCWk56eGpkR2E2T0xuemdtdCtoZm05CmJWS2hwQitoaDBKOVEwOTQ2MXpwV1NTd2pzdnorRG9YTXVRa0dGWTdlVXNnMGdLRXY3a3lETHlBQlJCVko1RVYKcmJFVmxucFJGSURIOHJKcnRETTRoOWNqNlpXVGw4RGJ5bTczeEtjbDJIejErRzZtN3AyVmMyVG5oam1XSThzTgpnT0Y4TElrOVBINUhWSTd4WVY5ZWVmNi8xQ25JdGxPRHhpOEdJZGxzcUd6ZzFVUnNIMTR2NnRDaUZCZFg4THUrCjNjd1U3YlF1Q0d0NzM2UVBLdHZ0aDZrR0k3aytnVCtrejZZL09ML3hTVURTL1JicGRNVldYaThEVmllazF6RDcKLytQTzJ6TG85bnhCdTB2eAo9TWgyVQotLS0tLUVORCBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tCg==% into a public.asc file and verify the signatures:
# Import GPG public key.
cat public.asc | base64 -d | gpg --import
# Verify digest list.
gpg --verify image-digests.txt.asc image-digests.txt
# Verify image manifests.
gpg --verify magister-ghcr-manifest.json.asc magister-ghcr-manifest.json
gpg --verify magister-dh-manifest.json.asc magister-dh-manifest.json
gpg --verify magister-do-manifest.json.asc magister-do-manifest.json
# Verify binary checksums.
gpg --verify checksums.txt.asc checksums.txt
# Verify binaries.
gpg --verify *.tar.gz.ascValid signatures confirm the artifacts were signed by the maintainer. The manifest signatures provide cryptographic proof of the complete image structure, while binary signatures ensure the authenticity of native executables.
Cosign Verification (Optional)
Images are also signed with cosign using GitHub Actions OIDC for automated verification and build provenance:
# Verify GHCR magister image
cosign verify ghcr.io/unattended-backpack/magister/magister@sha256:c43a38d97abce75a34bd08cf7ac0c13eea1593336bc87c4c353051ab85b15a19 \\
--certificate-identity-regexp='^https://github.com/unattended-backpack/.+' \\
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
# Verify Docker Hub magister image
cosign verify unattended/magister@sha256:96564e03695033da6170ea21bcf672cb42faf09c7d12c125559537d97c4a0b07 \\
--certificate-identity-regexp='^https://github.com/unattended-backpack/.+' \\
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
# Verify DigitalOcean magister image
cosign verify registry.digitalocean.com/sigil/magister@sha256:c43a38d97abce75a34bd08cf7ac0c13eea1593336bc87c4c353051ab85b15a19 \\
--certificate-identity-regexp='^https://github.com/unattended-backpack/.+' \\
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
Cosign provides automated verification without manual key management. Signatures prove the images were built by this repository's GitHub Actions workflow and are stored in the Rekor transparency log.
Note: Cosign depends on external infrastructure (GitHub OIDC, Rekor). For maximum trust independence, rely on the GPG-signed manifests as your ultimate root of trust.
Contributors
Assets 14
- 102 Bytes
2025-11-27T06:30:42Z - 833 Bytes
2025-11-27T06:30:43Z - 525 Bytes
2025-11-27T06:30:43Z - 833 Bytes
2025-11-27T06:30:43Z - 3.4 KB
2025-11-27T06:30:44Z - 833 Bytes
2025-11-27T06:30:44Z - 3.41 KB
2025-11-27T06:30:45Z - 833 Bytes
2025-11-27T06:30:45Z - 3.42 KB
2025-11-27T06:30:46Z - 833 Bytes
2025-11-27T06:30:46Z -
2025-11-27T06:21:59Z -
2025-11-27T06:21:59Z - Loading