vig-os · c-vigo · Mar 23, 2026 · Mar 23, 2026
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -162,6 +162,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - Stop overwriting `CHANGELOG.md` with a minimal stub in `assets/smoke-test/.github/workflows/repository-dispatch.yml`
   - Require the workspace `CHANGELOG.md` from `init-workspace` so downstream `prepare-release` validation matches shipped layout
   - When the first changelog section is `## [X.Y.Z] - …` (TBD or a release date), remap that top version header to `## Unreleased` so downstream `prepare-release` can run
+- **Smoke-test dispatch release validate no longer runs docker inside devcontainer** ([#421](https://github.com/vig-os/devcontainer/issues/421))
+  - Remove redundant `docker manifest inspect` step from `release-core.yml` validate job (container image is already proof of accessibility; `resolve-image` validates on the runner)
+  - Set `GH_REPO` for rollback `gh issue create` in workspace `release.yml` when git checkout is skipped
 
 ### Security
 

diff --git a/assets/workspace/.devcontainer/CHANGELOG.md b/assets/workspace/.devcontainer/CHANGELOG.md
@@ -162,6 +162,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
   - Stop overwriting `CHANGELOG.md` with a minimal stub in `assets/smoke-test/.github/workflows/repository-dispatch.yml`
   - Require the workspace `CHANGELOG.md` from `init-workspace` so downstream `prepare-release` validation matches shipped layout
   - When the first changelog section is `## [X.Y.Z] - …` (TBD or a release date), remap that top version header to `## Unreleased` so downstream `prepare-release` can run
+- **Smoke-test dispatch release validate no longer runs docker inside devcontainer** ([#421](https://github.com/vig-os/devcontainer/issues/421))
+  - Remove redundant `docker manifest inspect` step from `release-core.yml` validate job (container image is already proof of accessibility; `resolve-image` validates on the runner)
+  - Set `GH_REPO` for rollback `gh issue create` in workspace `release.yml` when git checkout is skipped
 
 ### Security
 

diff --git a/assets/workspace/.github/workflows/release-core.yml b/assets/workspace/.github/workflows/release-core.yml
@@ -162,19 +162,6 @@ jobs:
       - name: Fix git safe.directory
         run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
 
-      - name: Validate image accessibility
-        env:
-          IMAGE_TAG: ${{ needs.resolve-image.outputs.image-tag }}
-        run: |
-          set -euo pipefail
-          IMAGE="ghcr.io/vig-os/devcontainer:${IMAGE_TAG}"
-          echo "Validating image availability: $IMAGE"
-          if ! retry --retries 3 --backoff 5 --max-backoff 30 -- docker manifest inspect "$IMAGE" > /dev/null 2>&1; then
-            echo "ERROR: Cannot access image manifest: $IMAGE"
-            echo "Check whether the tag exists and whether this workflow has access to GHCR."
-            exit 1
-          fi
-
       - name: Record pre-finalization SHA
         id: pre_sha
         run: |

diff --git a/assets/workspace/.github/workflows/release.yml b/assets/workspace/.github/workflows/release.yml
@@ -194,6 +194,7 @@ jobs:
           VERSION: ${{ needs.core.outputs.version }}
           PR_NUMBER: ${{ needs.core.outputs.pr_number }}
           GH_TOKEN: ${{ steps.release_app_token.outputs.token }}
+          GH_REPO: ${{ github.repository }}
         run: |
           set -euo pipefail
           WORKFLOW_URL="${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"