From 1d40f80a6f1dc705e281d8145c24150804634970 Mon Sep 17 00:00:00 2001
From: Benjamin Admin <benjaminadmin@MacBook-Pro.local>
Date: Sun, 14 Jun 2026 22:35:59 +0200
Subject: [PATCH] fix(ci): Python-Jobs nutzen volles python:3.12-Image (git
 vorinstalliert) statt slim+apt-get
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

apt-get install git scheiterte (exit 100) auf dem Runner — Debian-apt-Mirrors
nicht erreichbar — und brach damit den Checkout ALLER python:3.12-slim-Jobs
(validate-canonical-controls, test-python-backend, iace-gt-coverage, …) seit
#863. Dadurch wurde CI nie grün und Orca hat nie deployt. Das volle python:3.12
bringt git mit -> apt-get-Zeile entfällt. (dep-audits nodejs/golang-apt ist
PR-only und ausserhalb des Deploy-Pfads.)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
---
 .gitea/workflows/ci.yaml | 21 +++++++--------------
 1 file changed, 7 insertions(+), 14 deletions(-)

diff --git a/.gitea/workflows/ci.yaml b/.gitea/workflows/ci.yaml
index d096d828..cb369e49 100644
--- a/.gitea/workflows/ci.yaml
+++ b/.gitea/workflows/ci.yaml
@@ -158,11 +158,10 @@ jobs:
     runs-on: docker
     needs: detect-changes
     if: github.event_name == 'pull_request' && needs.detect-changes.outputs.any_python == 'true'
-    container: python:3.12-slim
+    container: python:3.12
     steps:
       - name: Checkout
         run: |
-          apt-get update -qq && apt-get install -y -qq git > /dev/null 2>&1
           git clone --depth 1 --branch ${GITHUB_REF_NAME} ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git .
       - name: Lint (ruff) + type-check (mypy)
         run: |
@@ -236,11 +235,10 @@ jobs:
   dep-audit:
     runs-on: docker
     if: github.event_name == 'pull_request'
-    container: python:3.12-slim
+    container: python:3.12
     steps:
       - name: Checkout
         run: |
-          apt-get update -qq && apt-get install -y -qq git curl > /dev/null 2>&1
           git clone --depth 1 --branch ${GITHUB_REF_NAME} ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git .
       - name: Install Node.js + Go
         run: |
@@ -316,7 +314,7 @@ jobs:
 
   iace-gt-coverage:
     runs-on: docker
-    container: python:3.12-slim
+    container: python:3.12
     needs: detect-changes
     if: needs.detect-changes.outputs.sdk == 'true'
     env:
@@ -326,7 +324,6 @@ jobs:
     steps:
       - name: Checkout
         run: |
-          apt-get update -qq && apt-get install -y -qq git > /dev/null 2>&1
           git clone --depth 1 --branch ${GITHUB_REF_NAME} ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git .
       - name: GT-Bremse measure-coverage report
         run: |
@@ -350,7 +347,7 @@ jobs:
 
   test-python-backend:
     runs-on: docker
-    container: python:3.12-slim
+    container: python:3.12
     needs: detect-changes
     if: needs.detect-changes.outputs.backend == 'true'
     env:
@@ -358,7 +355,6 @@ jobs:
     steps:
       - name: Checkout
         run: |
-          apt-get update -qq && apt-get install -y -qq git > /dev/null 2>&1
           git clone --depth 1 --branch ${GITHUB_REF_NAME} ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git .
       - name: Test backend-compliance
         run: |
@@ -371,7 +367,7 @@ jobs:
 
   test-python-document-crawler:
     runs-on: docker
-    container: python:3.12-slim
+    container: python:3.12
     needs: detect-changes
     if: needs.detect-changes.outputs.crawler == 'true'
     env:
@@ -379,7 +375,6 @@ jobs:
     steps:
       - name: Checkout
         run: |
-          apt-get update -qq && apt-get install -y -qq git > /dev/null 2>&1
           git clone --depth 1 --branch ${GITHUB_REF_NAME} ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git .
       - name: Test document-crawler
         run: |
@@ -392,7 +387,7 @@ jobs:
 
   test-python-dsms-gateway:
     runs-on: docker
-    container: python:3.12-slim
+    container: python:3.12
     needs: detect-changes
     if: needs.detect-changes.outputs.dsms_gateway == 'true'
     env:
@@ -400,7 +395,6 @@ jobs:
     steps:
       - name: Checkout
         run: |
-          apt-get update -qq && apt-get install -y -qq git > /dev/null 2>&1
           git clone --depth 1 --branch ${GITHUB_REF_NAME} ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git .
       - name: Test dsms-gateway
         run: |
@@ -458,11 +452,10 @@ jobs:
   # ── OpenAPI contract validation (always) ─────────────────────────────────
   validate-canonical-controls:
     runs-on: docker
-    container: python:3.12-slim
+    container: python:3.12
     steps:
       - name: Checkout
         run: |
-          apt-get update -qq && apt-get install -y -qq git > /dev/null 2>&1
           git clone --depth 1 --branch ${GITHUB_REF_NAME} ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git .
       - name: Validate controls
         run: python scripts/validate-controls.py