diff --git a/.github/workflows/build-release.yml b/.github/workflows/build-release.yml
index 01ec836..0dcd28c 100644
--- a/.github/workflows/build-release.yml
+++ b/.github/workflows/build-release.yml
@@ -6,74 +6,7 @@ on:
     types: [published] # build on release
 
 jobs:
-  build-ubuntu:
-    runs-on: ubuntu-latest # use the GitHub hosted runners
-    permissions:
-      contents: write # for uploading the SBOM to the release
-      packages: write # for uploading the finished container
-      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
-      id-token: write # to complete the identity challenge with sigstore/fulcio when running outside of PRs
-    strategy:
-      matrix:
-        runner-image: [ubuntu-focal, rootless-ubuntu-focal, ubuntu-jammy]
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Set version
-        run: echo "VERSION=$(cat ${GITHUB_EVENT_PATH} | jq -r '.release.tag_name')" >> $GITHUB_ENV
-
-      - name: Set short SHA
-        run: echo "SHA_SHORT=${GITHUB_SHA::7}" >> $GITHUB_ENV
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build and push the image
-        uses: docker/build-push-action@v4
-        id: build-and-push
-        with:
-          file: "images/${{ matrix.runner-image }}.Dockerfile"
-          push: true
-          tags: |
-            ghcr.io/some-natalie/kubernoodles/${{ matrix.runner-image }}:latest
-            ghcr.io/some-natalie/kubernoodles/${{ matrix.runner-image }}:${{ env.VERSION }}
-            ghcr.io/some-natalie/kubernoodles/${{ matrix.runner-image }}:${{ env.VERSION }}-${{ env.SHA_SHORT }}
-
-      - name: Run Anchore scan
-        uses: anchore/scan-action@v3
-        id: scan
-        with:
-          image: "ghcr.io/some-natalie/kubernoodles/${{ matrix.runner-image }}:${{ env.VERSION }}"
-          fail-build: false
-
-      - name: Upload Anchore scan report
-        uses: github/codeql-action/upload-sarif@v2
-        with:
-          sarif_file: ${{ steps.scan.outputs.sarif }}
-
-      - name: Generate SBOM for the Ubuntu-based runners
-        uses: anchore/sbom-action@v0
-        with:
-          image: ghcr.io/some-natalie/kubernoodles/${{ matrix.runner-image }}:${{ env.VERSION }}-${{ env.SHA_SHORT }}
-
-      - name: Install cosign
-        uses: sigstore/cosign-installer@main
-
-      - name: Sign the published Docker image
-        env:
-          COSIGN_EXPERIMENTAL: "true"
-        run: cosign sign ghcr.io/some-natalie/kubernoodles/${{ matrix.runner-image }}@${{ steps.build-and-push.outputs.digest }}
-
-  build-podman:
+  build-ubi8:
     runs-on: ubuntu-latest # use the GitHub hosted runners
     permissions:
       contents: write # for uploading the SBOM to the release
@@ -95,9 +28,9 @@ jobs:
         id: build-image
         uses: redhat-actions/buildah-build@v2
         with:
-          image: ghcr.io/some-natalie/kubernoodles/podman
+          image: ghcr.io/some-natalie/kubernoodles/ubi8
           tags: latest ${{ env.VERSION }} ${{ env.VERSION }}-${{ env.SHA_SHORT }}
-          containerfiles: images/podman.Dockerfile
+          containerfiles: images/ubi8.Dockerfile
 
       - name: Push image
         uses: redhat-actions/push-to-registry@v2
@@ -113,7 +46,7 @@ jobs:
         uses: anchore/scan-action@v3
         id: scan
         with:
-          image: "ghcr.io/some-natalie/kubernoodles/podman:${{ env.VERSION }}"
+          image: "ghcr.io/some-natalie/kubernoodles/ubi8:${{ env.VERSION }}"
           fail-build: false
 
       - name: Upload Anchore scan report
@@ -124,7 +57,7 @@ jobs:
       - name: Generate SBOM for the Podman (Fedora 37) runner
         uses: anchore/sbom-action@v0
         with:
-          image: ghcr.io/some-natalie/kubernoodles/podman:${{ env.VERSION }}-${{ env.SHA_SHORT }}
+          image: ghcr.io/some-natalie/kubernoodles/ubi8:${{ env.VERSION }}-${{ env.SHA_SHORT }}
 
       - name: Get image digest
         run: echo "IMAGE_DIGEST=$(cat digest.txt)" >> $GITHUB_ENV
@@ -138,33 +71,4 @@ jobs:
       - name: Sign the published Docker image
         env:
           COSIGN_EXPERIMENTAL: "true"
-        run: cosign sign ghcr.io/some-natalie/kubernoodles/podman@${{ env.IMAGE_DIGEST }}
-
-  deploy:
-    runs-on: ubuntu-latest # use the GitHub hosted runners to deploy the self-hosted runners in GHEC
-    # If using GHES or GHAE, use another deployment, such as having CentOS redeploy Ubuntu and vice versa
-    environment: production
-    needs: [build-podman, build-ubuntu]
-    strategy:
-      matrix:
-        runner-image:
-          [podman, ubuntu-focal, rootless-ubuntu-focal, ubuntu-jammy]
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Write out the kubeconfig info
-        run: |
-          echo ${{ secrets.DEPLOY_ACCOUNT }} | base64 -d > /tmp/config
-
-      - name: Update deployments
-        run: |
-          kubectl delete -f deployments/${{ matrix.runner-image }}.yml
-          sleep 30
-          kubectl apply -f deployments/${{ matrix.runner-image }}.yml
-        env:
-          KUBECONFIG: /tmp/config
-
-      - name: Remove kubeconfig info
-        run: rm -f /tmp/config
+        run: cosign sign ghcr.io/some-natalie/kubernoodles/ubi8@${{ env.IMAGE_DIGEST }}
diff --git a/.github/workflows/test-podman.yml b/.github/workflows/test-podman.yml
deleted file mode 100644
index c144199..0000000
--- a/.github/workflows/test-podman.yml
+++ /dev/null
@@ -1,115 +0,0 @@
-name: Test Podman (Fedora) runner
-
-on:
-  workflow_dispatch:
-  pull_request:
-    branches:
-      - main
-    paths:
-      - "images/podman.Dockerfile"
-      - "images/**.sh"
-      - "images/podman/*"
-      - "images/software/*"
-      - "tests/podman/*"
-      - "tests/sudo-fails/*"
-      - ".github/workflows/test-podman.yml"
-
-jobs:
-  build:
-    name: Build test image
-    runs-on: [self-hosted, podman]
-    permissions:
-      contents: read
-      packages: write
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Build the image
-        id: build-image
-        uses: redhat-actions/buildah-build@v2
-        with:
-          image: ghcr.io/some-natalie/kubernoodles/podman
-          tags: test
-          containerfiles: images/podman.Dockerfile
-
-      - name: Push image
-        uses: redhat-actions/push-to-registry@v2
-        with:
-          image: ${{ steps.build-image.outputs.image }}
-          tags: ${{ steps.build-image.outputs.tags }}
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-  deploy:
-    name: Deploy test image to `test-runners` namespace
-    runs-on: [self-hosted, podman]
-    needs: [build]
-    environment: test
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Write out the kubeconfig info
-        run: |
-          echo ${{ secrets.DEPLOY_ACCOUNT }} | base64 -d > /tmp/config
-
-      - name: Deploy
-        run: |
-          kubectl apply -f deployments/test-podman.yml
-        env:
-          KUBECONFIG: /tmp/config
-
-      - name: Remove kubeconfig info
-        run: rm -f /tmp/config
-
-      - name: Wait 5 minutes to let the new pod come up
-        run: sleep 300
-
-  test:
-    name: Run tests!
-    runs-on: [self-hosted, test-podman]
-    needs: [deploy]
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Print debug info
-        uses: ./tests/debug
-
-      - name: Podman test
-        uses: ./tests/podman
-
-      - name: Sudo fails
-        uses: ./tests/sudo-fails
-
-      - name: Cache test
-        uses: ./tests/cache
-
-  remove-deploy:
-    name: Delete test image deployment
-    runs-on: [self-hosted, podman]
-    needs: [test]
-    environment: test
-    if: always()
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Write out the kubeconfig info
-        run: |
-          echo ${{ secrets.DEPLOY_ACCOUNT }} | base64 -d > /tmp/config
-
-      - name: Deploy
-        run: |
-          kubectl delete -f deployments/test-podman.yml
-        env:
-          KUBECONFIG: /tmp/config
-
-      - name: Remove kubeconfig info
-        run: rm -f /tmp/config
diff --git a/.github/workflows/test-rootless-ubuntu-focal.yml b/.github/workflows/test-rootless-ubuntu-focal.yml
deleted file mode 100644
index a97f82e..0000000
--- a/.github/workflows/test-rootless-ubuntu-focal.yml
+++ /dev/null
@@ -1,130 +0,0 @@
-name: Test rootless Ubuntu Focal runner
-
-on:
-  workflow_dispatch:
-  pull_request:
-    branches:
-      - main
-    paths:
-      - "images/rootless-ubuntu-focal.Dockerfile"
-      - "images/**.sh"
-      - "images/docker/*"
-      - "images/software/*"
-      - "images/supervisor/*"
-      - "tests/container/*"
-      - "tests/docker/*"
-      - "tests/sudo-fails/*"
-      - ".github/workflows/test-rootless-ubuntu-focal.yml"
-
-jobs:
-  build:
-    name: Build test image
-    runs-on: [self-hosted, rootless-focal]
-    permissions:
-      contents: read
-      packages: write
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Setup contexts
-        run: |
-          docker context create mycontext
-          docker context use mycontext
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-        with:
-          buildkitd-flags: --debug
-          driver: docker
-          endpoint: mycontext
-
-      - name: Login to GitHub Packages
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build and push image
-        uses: docker/build-push-action@v4
-        with:
-          file: "images/rootless-ubuntu-focal.Dockerfile"
-          push: true
-          tags: ghcr.io/some-natalie/kubernoodles/rootless-ubuntu-focal:test
-
-  deploy:
-    name: Deploy test image to `test-runners` namespace
-    runs-on: [self-hosted, rootless-focal]
-    needs: [build]
-    environment: test
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Write out the kubeconfig info
-        run: |
-          echo ${{ secrets.DEPLOY_ACCOUNT }} | base64 -d > /tmp/config
-
-      - name: Deploy
-        run: |
-          kubectl apply -f deployments/test-rootless-ubuntu-focal.yml
-        env:
-          KUBECONFIG: /tmp/config
-
-      - name: Remove kubeconfig info
-        run: rm -f /tmp/config
-
-      - name: Wait 5 minutes to let the new pod come up
-        run: sleep 300
-
-  test:
-    name: Run tests!
-
-    runs-on: [self-hosted, test-rootless-ubuntu-focal]
-    needs: [deploy]
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Print debug info
-        uses: ./tests/debug
-
-      - name: Docker test
-        uses: ./tests/docker
-
-      - name: Sudo fails
-        uses: ./tests/sudo-fails
-
-      - name: Container Action test
-        uses: ./tests/container
-
-      - name: Cache test
-        uses: ./tests/cache
-
-  remove-deploy:
-    name: Delete test image deployment
-    runs-on: [self-hosted, rootless-focal]
-    needs: [test]
-    environment: test
-    if: always()
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Write out the kubeconfig info
-        run: |
-          echo ${{ secrets.DEPLOY_ACCOUNT }} | base64 -d > /tmp/config
-
-      - name: Deploy
-        run: |
-          kubectl delete -f deployments/test-rootless-ubuntu-focal.yml
-        env:
-          KUBECONFIG: /tmp/config
-
-      - name: Remove kubeconfig info
-        run: rm -f /tmp/config
diff --git a/.github/workflows/test-ubuntu-focal.yml b/.github/workflows/test-ubuntu-focal.yml
deleted file mode 100644
index c05bded..0000000
--- a/.github/workflows/test-ubuntu-focal.yml
+++ /dev/null
@@ -1,120 +0,0 @@
-name: Test Ubuntu Focal runner
-
-on:
-  workflow_dispatch:
-  pull_request:
-    branches:
-      - main
-    paths:
-      - "images/ubuntu-focal.Dockerfile"
-      - "images/**.sh"
-      - "images/docker/*"
-      - "images/software/*"
-      - "images/supervisor/*"
-      - "tests/container/*"
-      - "tests/docker/*"
-      - "tests/sudo-works/*"
-      - ".github/workflows/test-ubuntu-focal.yml"
-
-jobs:
-  build:
-    name: Build test image
-    runs-on: [self-hosted, focal]
-    permissions:
-      contents: read
-      packages: write
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-
-      - name: Login to GitHub Packages
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build and push image
-        uses: docker/build-push-action@v4
-        with:
-          file: "images/ubuntu-focal.Dockerfile"
-          push: true
-          tags: ghcr.io/some-natalie/kubernoodles/ubuntu-focal:test
-
-  deploy:
-    name: Deploy test image to `test-runners` namespace
-    runs-on: [self-hosted, focal]
-    needs: [build]
-    environment: test
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Write out the kubeconfig info
-        run: |
-          echo ${{ secrets.DEPLOY_ACCOUNT }} | base64 -d > /tmp/config
-
-      - name: Deploy
-        run: |
-          kubectl apply -f deployments/test-ubuntu-focal.yml
-        env:
-          KUBECONFIG: /tmp/config
-
-      - name: Remove kubeconfig info
-        run: rm -f /tmp/config
-
-      - name: Wait 5 minutes to let the new pod come up
-        run: sleep 300
-
-  test:
-    name: Run tests!
-    runs-on: [self-hosted, test-ubuntu-focal]
-    needs: [deploy]
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Print debug info
-        uses: ./tests/debug
-
-      - name: Docker test
-        uses: ./tests/docker
-
-      - name: Sudo works
-        uses: ./tests/sudo-works
-
-      - name: Container Action test
-        uses: ./tests/container
-
-      - name: Cache test
-        uses: ./tests/cache
-
-  remove-deploy:
-    name: Delete test image deployment
-    runs-on: [self-hosted, focal]
-    needs: [test]
-    environment: test
-    if: always()
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Write out the kubeconfig info
-        run: |
-          echo ${{ secrets.DEPLOY_ACCOUNT }} | base64 -d > /tmp/config
-
-      - name: Deploy
-        run: |
-          kubectl delete -f deployments/test-ubuntu-focal.yml
-        env:
-          KUBECONFIG: /tmp/config
-
-      - name: Remove kubeconfig info
-        run: rm -f /tmp/config
diff --git a/.github/workflows/test-ubuntu-jammy.yml b/.github/workflows/test-ubuntu-jammy.yml
deleted file mode 100644
index d1c2970..0000000
--- a/.github/workflows/test-ubuntu-jammy.yml
+++ /dev/null
@@ -1,120 +0,0 @@
-name: Test Ubuntu Jammy runner
-
-on:
-  workflow_dispatch:
-  pull_request:
-    branches:
-      - main
-    paths:
-      - "images/ubuntu-jammy.Dockerfile"
-      - "images/**.sh"
-      - "images/docker/*"
-      - "images/software/*"
-      - "images/supervisor/*"
-      - "tests/container/*"
-      - "tests/docker/*"
-      - "tests/sudo-works/*"
-      - ".github/workflows/test-ubuntu-jammy.yml"
-
-jobs:
-  build:
-    name: Build test image
-    runs-on: [self-hosted, jammy]
-    permissions:
-      contents: read
-      packages: write
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-
-      - name: Login to GitHub Packages
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build and push image
-        uses: docker/build-push-action@v4
-        with:
-          file: "images/ubuntu-jammy.Dockerfile"
-          push: true
-          tags: ghcr.io/some-natalie/kubernoodles/ubuntu-jammy:test
-
-  deploy:
-    name: Deploy test image to `test-runners` namespace
-    runs-on: [self-hosted, jammy]
-    needs: [build]
-    environment: test
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Write out the kubeconfig info
-        run: |
-          echo ${{ secrets.DEPLOY_ACCOUNT }} | base64 -d > /tmp/config
-
-      - name: Deploy
-        run: |
-          kubectl apply -f deployments/test-ubuntu-jammy.yml
-        env:
-          KUBECONFIG: /tmp/config
-
-      - name: Remove kubeconfig info
-        run: rm -f /tmp/config
-
-      - name: Wait 5 minutes to let the new pod come up
-        run: sleep 300
-
-  test:
-    name: Run tests!
-    runs-on: [self-hosted, test-ubuntu-jammy]
-    needs: [deploy]
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Print debug info
-        uses: ./tests/debug
-
-      - name: Docker test
-        uses: ./tests/docker
-
-      - name: Sudo works
-        uses: ./tests/sudo-works
-
-      - name: Container Action test
-        uses: ./tests/container
-
-      - name: Cache test
-        uses: ./tests/cache
-
-  remove-deploy:
-    name: Delete test image deployment
-    runs-on: [self-hosted, jammy]
-    needs: [test]
-    environment: test
-    if: always()
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Write out the kubeconfig info
-        run: |
-          echo ${{ secrets.DEPLOY_ACCOUNT }} | base64 -d > /tmp/config
-
-      - name: Deploy
-        run: |
-          kubectl delete -f deployments/test-ubuntu-jammy.yml
-        env:
-          KUBECONFIG: /tmp/config
-
-      - name: Remove kubeconfig info
-        run: rm -f /tmp/config
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..260adba
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+# deployment files used for local testing
+deployments/local-*
\ No newline at end of file
diff --git a/README.md b/README.md
index ea13ebc..b881be1 100644
--- a/README.md
+++ b/README.md
@@ -8,7 +8,7 @@
 
 Kubernoodles is a framework for managing custom self-hosted runners for GitHub Actions in Kubernetes at the enterprise-wide scale.  The design goal is to easily bootstrap a system where customized self-hosted runners update, build, test, deploy, and scale themselves with minimal interaction from enterprise admins and maximum input from the developers using it.
 
-This is an _opinionated_ reference implementation, designed to be taken and modified to your liking.  I use this to test GitHub Actions on my personal account, [GitHub Enterprise Cloud](https://github.com) (SaaS), [GitHub Enterprise Server](https://docs.github.com/en/enterprise-server@latest) (self-hosted), and [GitHub AE](https://docs.github.com/en/github-ae@latest) from Docker Desktop, a Raspberry Pi cluster for `arm64`, a managed Kubernetes provider, and other random platforms as needed.  Your implementation may look wildly different, etc.
+This is an _opinionated_ reference implementation, designed to be taken and modified to your liking.  I use this to test GitHub Actions on my personal account, [GitHub Enterprise Cloud](https://github.com) (SaaS) or [GitHub Enterprise Server](https://docs.github.com/en/enterprise-server@latest) (self-hosted) from Docker Desktop, a Raspberry Pi cluster for `arm64`, a managed Kubernetes provider, and other random platforms as needed.  Your implementation may look wildly different, etc.
 
 :question: Are you a GitHub Enterprise admin that's new to GitHub Actions?  Don't know how to set up self-hosted runners at scale?  Start [here](docs/admin-introduction.md)!
 
@@ -65,8 +65,7 @@ These are all excellent reads and can provide more insight into the customizatio
 
 ### Dependencies of note
 
-- [actions-runner-controller](https://github.com/actions-runner-controller/actions-runner-controller)
-- [cert-manager](https://cert-manager.io)
+- [actions-runner-controller](https://github.com/actions/actions-runner-controller)
 - [Helm](https://helm.sh/)
 - [Yelp dumb-init](https://github.com/Yelp/dumb-init)
 - [Docker engine](https://docs.docker.com/engine/release-notes/) and [Docker Compose](https://docs.docker.com/compose/release-notes/) for Debian-based images
diff --git a/_config.yml b/_config.yml
deleted file mode 100644
index c741881..0000000
--- a/_config.yml
+++ /dev/null
@@ -1 +0,0 @@
-theme: jekyll-theme-slate
\ No newline at end of file
diff --git a/deployments/README.md b/deployments/README.md
index 369ac4c..8e77cc8 100644
--- a/deployments/README.md
+++ b/deployments/README.md
@@ -1,52 +1,6 @@
 # Deployments
 
-This folder contains all the deployment files for the Kubernetes cluster.  A deployment is a discrete group of runners that can have unique hardware, scaling functions, or scope (repository, organization, or enterprise wide.  These are defined by [actions-runner-controller](https://github.com/actions-runner-controller/actions-runner-controller#usage) and there's more information in the linked documentation.
-
-## Example deployment
-
-Here's an example deployment file with comments:
-
-```yaml
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: RunnerDeployment  # manage these as a "set" of runners, not individually
-metadata:
-  name: ubuntu-focal  # give it a name for humans to read
-  namespace: runners  # specify the Kubernetes namespace these live in
-spec:
-  replicas: 2  # I want 2 of these, please :)
-  template:
-    spec:
-      organization: universal-exports-ltd  # attached to this organization
-      group: secret-agent-test  # GitHub can group runners by name for management, so these are in "secret-agent-test"
-      env: []  # envirnoment stuff for Kubernetes can be passed here - read `actions-runner-controller` docs before using this, otherwise leave it empty!
-      ephemeral: true  # throw out the pod and redeploy it fresh after each run
-      image: ghcr.io/some-natalie/kubernoodles/ubuntu-focal:latest  # where is the Docker image to use as a pod
-      imagePullPolicy: IfNotPresent  # pull this image only if it isn't already on the Kubernetes node
-      imagePullSecrets:
-        - name: ghcr  # credentials needed to log in to the image registry, more on this below
-      dockerdWithinRunnerContainer: true  # can this support Docker-in-Docker, implies `privileged: true`, more on this below
-      dockerMTU: 1450  # set the MTU size of the Docker agent in the container, more on this below
-      volumeMounts:  # this uses the read only cache set up in ../cluster-configs/runner-tool-cache.yml, more on this below
-        - mountPath: /opt/hostedtoolcache  # mount path from within the container
-          name: runnertoolcache
-          readOnly: true
-      volumes:
-        - name: runnertoolcache
-          persistentVolumeClaim:
-            claimName: test-tool-cache-pvc  # which persistent volume claim to use
-      resources:
-        limits:  # the max size any individual runner can get to
-          cpu: "4000m"
-          memory: "8Gi"
-        requests:  # the guaranteed amount of compute any individual runner gets
-          cpu: "200m"
-          memory: "200Mi"
-      labels:  # custom labels for GitHub Actions to target, more on this below
-      - dependabot # special label to allow Dependabot to use this for compute, more on this below
-      - docker
-      - ubuntu
-      - focal
-```
+This folder contains all the deployment files for the Kubernetes cluster.  A deployment is a discrete group of runners that can have unique hardware, scaling functions, or scope (repository, organization, or enterprise wide.  These are defined by [actions-runner-controller](https://github.com/actions/actions-runner-controller) and there's more information in the linked documentation.
 
 More details as noted:
 
diff --git a/deployments/ghes/README.md b/deployments/ghes/README.md
deleted file mode 100644
index 8a13369..0000000
--- a/deployments/ghes/README.md
+++ /dev/null
@@ -1,14 +0,0 @@
-# GHES runners
-
-There's nothing special about these runners.  They deploy to a different Kubernetes cluster (the `docker-desktop` environment or the `open-shift` environment) and attach to a different organization in GHES for testing/demonstration.  The [`bootstrap.sh`](bootstrap.sh) script takes a URL and token to set up test environments very quickly.
-
-## Local environments
-
-This bootstrap script has been tested and is used routinely on [Docker Desktop's local Kubernetes cluster](https://docs.docker.com/desktop/kubernetes/), [Azure Kubernetes Service](https://azure.microsoft.com/en-us/products/kubernetes-service/#overview), and [RedHat OpenShift Local](https://access.redhat.com/documentation/en-us/red_hat_openshift_local).
-
-For OpenShift, because these are privileged pods, you must allow this explicitly in the namespaces the pods will run in.
-
-    ```shell
-    oc adm policy add-scc-to-user privileged -z default -n runners
-    oc adm policy add-scc-to-user privileged -z default -n test-runners
-    ```
diff --git a/deployments/ghes/bootstrap.sh b/deployments/ghes/bootstrap.sh
deleted file mode 100755
index f4e6e4d..0000000
--- a/deployments/ghes/bootstrap.sh
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/bin/bash
-
-# This script is designed to use docker-desktop's cluster to GHES/GHAE real fast :)
-
-# Inputs
-# $1: The GHES server to use (e.g. "https://github.yourcompany.com")
-# $2: The GHES token to use (e.g. "ghp_123456789")
-
-# Remove the trailing slash from the server URL if it exists
-if [[ "$1" == *"/" ]]; then
-    URL="${1::-1}"
-else
-    URL="$1"
-fi
-
-# Setup cert-manager
-kubectl create namespace cert-manager
-helm install cert-manager jetstack/cert-manager --namespace cert-manager --version v1.10.0 --set installCRDs=true
-
-# Setup ARC
-kubectl create namespace actions-runner-system
-helm install -n actions-runner-system actions-runner-controller actions-runner-controller/actions-runner-controller --version=0.21.1
-kubectl set env deploy actions-runner-controller -c manager GITHUB_ENTERPRISE_URL="$URL" --namespace actions-runner-system
-kubectl create secret generic controller-manager -n actions-runner-system --from-literal=github_token="$2"
-kubectl create namespace runners
-kubectl create namespace test-runners
-
-# Don't deploy runners automatically, edit them to test whatever is needed
diff --git a/deployments/ghes/podman.yml b/deployments/ghes/podman.yml
deleted file mode 100644
index 935fbd2..0000000
--- a/deployments/ghes/podman.yml
+++ /dev/null
@@ -1,57 +0,0 @@
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: RunnerDeployment
-metadata:
-  name: podman
-  namespace: runners
-spec:
-  replicas: 2
-  template:
-    spec:
-      enterprise: github
-      # organization: acme
-      # repository: acme/testrepo
-      ephemeral: true
-      image: ghcr.io/some-natalie/kubernoodles/podman:latest # change this to the version you really want!
-      imagePullPolicy: IfNotPresent
-      # imagePullSecrets:
-      #   - name: ghcr
-      dockerdWithinRunnerContainer: true
-      dockerMTU: 1450
-      resources:
-        limits:
-          cpu: "4000m"
-          memory: "8Gi"
-        requests:
-          cpu: "200m"
-          memory: "200Mi"
-      labels:
-        - docker
-        - podman
-        - fedora
-      containers:
-        - name: runner
-          securityContext:
-            privileged: true # making this explicit, as it's implied by `dockerdWithinRunnerContainer`
-      securityContext:
-        runAsUser: 1000
-        seccompProfile:
-          type: RuntimeDefault
-        runAsNonRoot: true
----
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: HorizontalRunnerAutoscaler
-metadata:
-  name: podman-autoscaling
-  namespace: runners
-spec:
-  scaleTargetRef:
-    name: podman
-  minReplicas: 2
-  maxReplicas: 6
-  scaleDownDelaySecondsAfterScaleOut: 60
-  metrics:
-    - type: PercentageRunnersBusy
-      scaleUpThreshold: "0.75"
-      scaleDownThreshold: "0.3"
-      scaleUpFactor: "1.5"
-      scaleDownFactor: "0.7"
diff --git a/deployments/ghes/rootless-ubuntu-focal.yml b/deployments/ghes/rootless-ubuntu-focal.yml
deleted file mode 100644
index 15b9008..0000000
--- a/deployments/ghes/rootless-ubuntu-focal.yml
+++ /dev/null
@@ -1,58 +0,0 @@
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: RunnerDeployment
-metadata:
-  name: rootless-ubuntu-focal
-  namespace: runners
-spec:
-  replicas: 2
-  template:
-    spec:
-      enterprise: github
-      # organization: acme
-      # repository: acme/testrepo
-      ephemeral: true
-      image: ghcr.io/some-natalie/kubernoodles/rootless-ubuntu-focal:latest # change this to the version you really want!
-      imagePullPolicy: IfNotPresent
-      # imagePullSecrets:
-      #   - name: ghcr
-      dockerdWithinRunnerContainer: true
-      dockerMTU: 1450
-      resources:
-        limits:
-          cpu: "4000m"
-          memory: "8Gi"
-        requests:
-          cpu: "200m"
-          memory: "200Mi"
-      labels:
-        - docker
-        - ubuntu
-        - focal
-        - ubuntu-latest # overlaps w/ hosted runners on GHEC, can use in GHES and GHAE
-      containers:
-        - name: runner
-          securityContext:
-            privileged: true # making this explicit, as it's implied by `dockerdWithinRunnerContainer`
-      securityContext:
-        runAsUser: 1000
-        seccompProfile:
-          type: RuntimeDefault
-        runAsNonRoot: true
----
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: HorizontalRunnerAutoscaler
-metadata:
-  name: rootless-ubuntu-focal-autoscaling
-  namespace: runners
-spec:
-  scaleTargetRef:
-    name: ubuntu-focal
-  minReplicas: 2
-  maxReplicas: 6
-  scaleDownDelaySecondsAfterScaleOut: 60
-  metrics:
-    - type: PercentageRunnersBusy
-      scaleUpThreshold: "0.75"
-      scaleDownThreshold: "0.3"
-      scaleUpFactor: "1.5"
-      scaleDownFactor: "0.7"
diff --git a/deployments/ghes/ubuntu-focal.yml b/deployments/ghes/ubuntu-focal.yml
deleted file mode 100644
index 25193ad..0000000
--- a/deployments/ghes/ubuntu-focal.yml
+++ /dev/null
@@ -1,58 +0,0 @@
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: RunnerDeployment
-metadata:
-  name: ubuntu-focal
-  namespace: runners
-spec:
-  replicas: 2
-  template:
-    spec:
-      enterprise: github
-      # organization: acme
-      # repository: acme/testrepo
-      ephemeral: true
-      image: ghcr.io/some-natalie/kubernoodles/ubuntu-focal:latest # change this to the version you really want!
-      imagePullPolicy: IfNotPresent
-      # imagePullSecrets:
-      #   - name: ghcr
-      dockerdWithinRunnerContainer: true
-      dockerMTU: 1450
-      resources:
-        limits:
-          cpu: "4000m"
-          memory: "8Gi"
-        requests:
-          cpu: "200m"
-          memory: "200Mi"
-      labels:
-        - docker
-        - ubuntu
-        - focal
-        - ubuntu-latest # overlaps w/ hosted runners on GHEC, can use in GHES and GHAE
-      containers:
-        - name: runner
-          securityContext:
-            privileged: true # making this explicit, as it's implied by `dockerdWithinRunnerContainer`
-      securityContext:
-        runAsUser: 1000
-        seccompProfile:
-          type: RuntimeDefault
-        runAsNonRoot: true
----
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: HorizontalRunnerAutoscaler
-metadata:
-  name: ubuntu-focal-autoscaling
-  namespace: runners
-spec:
-  scaleTargetRef:
-    name: ubuntu-focal
-  minReplicas: 2
-  maxReplicas: 6
-  scaleDownDelaySecondsAfterScaleOut: 60
-  metrics:
-    - type: PercentageRunnersBusy
-      scaleUpThreshold: "0.75"
-      scaleDownThreshold: "0.3"
-      scaleUpFactor: "1.5"
-      scaleDownFactor: "0.7"
diff --git a/deployments/ghes/ubuntu-jammy.yml b/deployments/ghes/ubuntu-jammy.yml
deleted file mode 100644
index d25b643..0000000
--- a/deployments/ghes/ubuntu-jammy.yml
+++ /dev/null
@@ -1,58 +0,0 @@
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: RunnerDeployment
-metadata:
-  name: ubuntu-jammy
-  namespace: runners
-spec:
-  replicas: 2
-  template:
-    spec:
-      enterprise: github
-      # organization: acme
-      # repository: acme/testrepo
-      ephemeral: true
-      image: ghcr.io/some-natalie/kubernoodles/ubuntu-jammy:latest # change this to the version you really want!
-      imagePullPolicy: IfNotPresent
-      # imagePullSecrets:
-      #   - name: ghcr
-      dockerdWithinRunnerContainer: true
-      dockerMTU: 1450
-      resources:
-        limits:
-          cpu: "4000m"
-          memory: "8Gi"
-        requests:
-          cpu: "200m"
-          memory: "200Mi"
-      labels:
-        - docker
-        - ubuntu
-        - jammy
-        - ubuntu-latest # overlaps w/ hosted runners on GHEC, can use in GHES and GHAE
-      containers:
-        - name: runner
-          securityContext:
-            privileged: true # making this explicit, as it's implied by `dockerdWithinRunnerContainer`
-      securityContext:
-        runAsUser: 1000
-        seccompProfile:
-          type: RuntimeDefault
-        runAsNonRoot: true
----
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: HorizontalRunnerAutoscaler
-metadata:
-  name: ubuntu-jammy-autoscaling
-  namespace: runners
-spec:
-  scaleTargetRef:
-    name: ubuntu-jammy
-  minReplicas: 2
-  maxReplicas: 6
-  scaleDownDelaySecondsAfterScaleOut: 60
-  metrics:
-    - type: PercentageRunnersBusy
-      scaleUpThreshold: "0.75"
-      scaleDownThreshold: "0.3"
-      scaleUpFactor: "1.5"
-      scaleDownFactor: "0.7"
diff --git a/deployments/podman.yml b/deployments/podman.yml
deleted file mode 100644
index 4696729..0000000
--- a/deployments/podman.yml
+++ /dev/null
@@ -1,66 +0,0 @@
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: RunnerDeployment
-metadata:
-  name: podman
-  namespace: runners
-spec:
-  replicas: 2
-  template:
-    spec:
-      repository: some-natalie/kubernoodles
-      env:
-        - name: DISABLE_RUNNER_UPDATE # Disables automatic runner updates
-          value: "true"
-      ephemeral: true
-      image: ghcr.io/some-natalie/kubernoodles/podman:latest # change this to the version you really want!
-      imagePullPolicy: Always
-      imagePullSecrets:
-        - name: ghcr
-      dockerdWithinRunnerContainer: true
-      dockerMTU: 1450
-      volumeMounts:
-        - mountPath: /opt/statictoolcache
-          name: runnertoolcache
-          readOnly: true
-      volumes:
-        - name: runnertoolcache
-          persistentVolumeClaim:
-            claimName: prod-tool-cache-pvc
-      resources:
-        limits:
-          cpu: "4000m"
-          memory: "8Gi"
-        requests:
-          cpu: "200m"
-          memory: "200Mi"
-      labels:
-        - docker
-        - podman
-        - fedora
-      containers:
-        - name: runner
-          securityContext:
-            privileged: true # making this explicit, as it's implied by `dockerdWithinRunnerContainer`
-      securityContext:
-        runAsUser: 1000
-        seccompProfile:
-          type: RuntimeDefault
-        runAsNonRoot: true
----
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: HorizontalRunnerAutoscaler
-metadata:
-  name: podman-autoscaling
-  namespace: runners
-spec:
-  scaleTargetRef:
-    name: podman
-  minReplicas: 2
-  maxReplicas: 6
-  scaleDownDelaySecondsAfterScaleOut: 60
-  metrics:
-    - type: PercentageRunnersBusy
-      scaleUpThreshold: "0.75"
-      scaleDownThreshold: "0.3"
-      scaleUpFactor: "1.5"
-      scaleDownFactor: "0.7"
diff --git a/deployments/rootless-ubuntu-focal.yml b/deployments/rootless-ubuntu-focal.yml
deleted file mode 100644
index 7a4a55d..0000000
--- a/deployments/rootless-ubuntu-focal.yml
+++ /dev/null
@@ -1,67 +0,0 @@
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: RunnerDeployment
-metadata:
-  name: rootless-ubuntu-focal
-  namespace: runners
-spec:
-  replicas: 2
-  template:
-    spec:
-      repository: some-natalie/kubernoodles
-      env:
-        - name: DISABLE_RUNNER_UPDATE # Disables automatic runner updates
-          value: "true"
-      ephemeral: true
-      image: ghcr.io/some-natalie/kubernoodles/rootless-ubuntu-focal:latest # change this to the version you really want!
-      imagePullPolicy: Always
-      imagePullSecrets:
-        - name: ghcr
-      dockerdWithinRunnerContainer: true
-      dockerMTU: 1450
-      volumeMounts:
-        - mountPath: /opt/statictoolcache
-          name: runnertoolcache
-          readOnly: true
-      volumes:
-        - name: runnertoolcache
-          persistentVolumeClaim:
-            claimName: prod-tool-cache-pvc
-      resources:
-        limits:
-          cpu: "4000m"
-          memory: "8Gi"
-        requests:
-          cpu: "200m"
-          memory: "200Mi"
-      labels:
-        - docker
-        - rootless-ubuntu
-        - rootless-focal
-      # - ubuntu-latest  # overlaps w/ hosted runners on GHEC, can use in GHES and GHAE
-      containers:
-        - name: runner
-          securityContext:
-            privileged: true # making this explicit, as it's implied by `dockerdWithinRunnerContainer`
-      securityContext:
-        runAsUser: 1000
-        seccompProfile:
-          type: RuntimeDefault
-        runAsNonRoot: true
----
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: HorizontalRunnerAutoscaler
-metadata:
-  name: rootless-ubuntu-focal-autoscaling
-  namespace: runners
-spec:
-  scaleTargetRef:
-    name: rootless-ubuntu-focal
-  minReplicas: 2
-  maxReplicas: 6
-  scaleDownDelaySecondsAfterScaleOut: 60
-  metrics:
-    - type: PercentageRunnersBusy
-      scaleUpThreshold: "0.75"
-      scaleDownThreshold: "0.3"
-      scaleUpFactor: "1.5"
-      scaleDownFactor: "0.7"
diff --git a/deployments/test-podman.yml b/deployments/test-podman.yml
deleted file mode 100644
index 3d0e512..0000000
--- a/deployments/test-podman.yml
+++ /dev/null
@@ -1,46 +0,0 @@
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: RunnerDeployment
-metadata:
-  name: test-podman
-  namespace: test-runners
-spec:
-  replicas: 1
-  template:
-    spec:
-      repository: some-natalie/kubernoodles
-      env:
-        - name: DISABLE_RUNNER_UPDATE # Disables automatic runner updates
-          value: "true"
-      ephemeral: true
-      image: ghcr.io/some-natalie/kubernoodles/podman:test
-      imagePullPolicy: Always
-      imagePullSecrets:
-        - name: ghcr
-      dockerdWithinRunnerContainer: true
-      dockerMTU: 1450
-      volumeMounts:
-        - mountPath: /opt/statictoolcache
-          name: runnertoolcache
-          readOnly: true
-      volumes:
-        - name: runnertoolcache
-          persistentVolumeClaim:
-            claimName: test-tool-cache-pvc
-      resources:
-        limits:
-          cpu: "1000m"
-          memory: "2Gi"
-        requests:
-          cpu: "200m"
-          memory: "200Mi"
-      labels:
-        - test-podman
-      containers:
-        - name: runner
-          securityContext:
-            privileged: true # making this explicit, as it's implied by `dockerdWithinRunnerContainer`
-      securityContext:
-        runAsUser: 1000
-        seccompProfile:
-          type: RuntimeDefault
-        runAsNonRoot: true
diff --git a/deployments/test-rootless-ubuntu-focal.yml b/deployments/test-rootless-ubuntu-focal.yml
deleted file mode 100644
index a514539..0000000
--- a/deployments/test-rootless-ubuntu-focal.yml
+++ /dev/null
@@ -1,48 +0,0 @@
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: RunnerDeployment
-metadata:
-  name: test-rootless-ubuntu-focal
-  namespace: test-runners
-spec:
-  replicas: 1
-  template:
-    spec:
-      repository: some-natalie/kubernoodles
-      env:
-        - name: DISABLE_RUNNER_UPDATE # Disables automatic runner updates
-          value: "true"
-      ephemeral: true
-      image: ghcr.io/some-natalie/kubernoodles/rootless-ubuntu-focal:test
-      imagePullPolicy: Always
-      imagePullSecrets:
-        - name: ghcr
-      dockerdWithinRunnerContainer: true
-      dockerMTU: 1450
-      volumeMounts:
-        - mountPath: /opt/statictoolcache
-          name: runnertoolcache
-          readOnly: true
-      volumes:
-        - name: runnertoolcache
-          persistentVolumeClaim:
-            claimName: test-tool-cache-pvc
-      resources:
-        limits:
-          cpu: "1000m"
-          memory: "2Gi"
-        requests:
-          cpu: "200m"
-          memory: "200Mi"
-      labels:
-        - test-rootless-ubuntu-focal
-      containers:
-        - name: runner
-          securityContext:
-            privileged: true # making this explicit, as it's implied by `dockerdWithinRunnerContainer`
-      securityContext:
-        runAsUser: 1000
-        seccompProfile:
-          type: RuntimeDefault
-        runAsNonRoot: true
-        fsGroup: 1000
-        fsGroupChangePolicy: "Always"
diff --git a/deployments/test-ubuntu-focal.yml b/deployments/test-ubuntu-focal.yml
deleted file mode 100644
index 142d284..0000000
--- a/deployments/test-ubuntu-focal.yml
+++ /dev/null
@@ -1,46 +0,0 @@
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: RunnerDeployment
-metadata:
-  name: test-ubuntu-focal
-  namespace: test-runners
-spec:
-  replicas: 1
-  template:
-    spec:
-      repository: some-natalie/kubernoodles
-      env:
-        - name: DISABLE_RUNNER_UPDATE # Disables automatic runner updates
-          value: "true"
-      ephemeral: true
-      image: ghcr.io/some-natalie/kubernoodles/ubuntu-focal:test
-      imagePullPolicy: Always
-      imagePullSecrets:
-        - name: ghcr
-      dockerdWithinRunnerContainer: true
-      dockerMTU: 1450
-      volumeMounts:
-        - mountPath: /opt/statictoolcache
-          name: runnertoolcache
-          readOnly: true
-      volumes:
-        - name: runnertoolcache
-          persistentVolumeClaim:
-            claimName: test-tool-cache-pvc
-      resources:
-        limits:
-          cpu: "1000m"
-          memory: "2Gi"
-        requests:
-          cpu: "200m"
-          memory: "200Mi"
-      labels:
-        - test-ubuntu-focal
-      containers:
-        - name: runner
-          securityContext:
-            privileged: true # making this explicit, as it's implied by `dockerdWithinRunnerContainer`
-      securityContext:
-        runAsUser: 1000
-        seccompProfile:
-          type: RuntimeDefault
-        runAsNonRoot: true
diff --git a/deployments/test-ubuntu-jammy.yml b/deployments/test-ubuntu-jammy.yml
deleted file mode 100644
index 5e96a69..0000000
--- a/deployments/test-ubuntu-jammy.yml
+++ /dev/null
@@ -1,46 +0,0 @@
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: RunnerDeployment
-metadata:
-  name: test-ubuntu-jammy
-  namespace: test-runners
-spec:
-  replicas: 1
-  template:
-    spec:
-      repository: some-natalie/kubernoodles
-      env:
-        - name: DISABLE_RUNNER_UPDATE # Disables automatic runner updates
-          value: "true"
-      ephemeral: true
-      image: ghcr.io/some-natalie/kubernoodles/ubuntu-jammy:test
-      imagePullPolicy: Always
-      imagePullSecrets:
-        - name: ghcr
-      dockerdWithinRunnerContainer: true
-      dockerMTU: 1450
-      volumeMounts:
-        - mountPath: /opt/statictoolcache
-          name: runnertoolcache
-          readOnly: true
-      volumes:
-        - name: runnertoolcache
-          persistentVolumeClaim:
-            claimName: test-tool-cache-pvc
-      resources:
-        limits:
-          cpu: "1000m"
-          memory: "2Gi"
-        requests:
-          cpu: "200m"
-          memory: "200Mi"
-      labels:
-        - test-ubuntu-jammy
-      containers:
-        - name: runner
-          securityContext:
-            privileged: true # making this explicit, as it's implied by `dockerdWithinRunnerContainer`
-      securityContext:
-        runAsUser: 1000
-        seccompProfile:
-          type: RuntimeDefault
-        runAsNonRoot: true
diff --git a/deployments/ubuntu-focal.yml b/deployments/ubuntu-focal.yml
deleted file mode 100644
index cbacef1..0000000
--- a/deployments/ubuntu-focal.yml
+++ /dev/null
@@ -1,63 +0,0 @@
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: RunnerDeployment
-metadata:
-  name: ubuntu-focal
-  namespace: runners
-spec:
-  replicas: 2
-  template:
-    spec:
-      repository: some-natalie/kubernoodles
-      env:
-        - name: DISABLE_RUNNER_UPDATE # Disables automatic runner updates
-          value: "true"
-      ephemeral: true
-      image: ghcr.io/some-natalie/kubernoodles/ubuntu-focal:latest # change this to the version you really want!
-      imagePullPolicy: Always
-      imagePullSecrets:
-        - name: ghcr
-      dockerdWithinRunnerContainer: true
-      dockerMTU: 1450
-      volumeMounts:
-        - mountPath: /opt/statictoolcache
-          name: runnertoolcache
-          readOnly: true
-      volumes:
-        - name: runnertoolcache
-          persistentVolumeClaim:
-            claimName: prod-tool-cache-pvc
-      resources:
-        limits:
-          cpu: "4000m"
-          memory: "8Gi"
-        requests:
-          cpu: "200m"
-          memory: "200Mi"
-      labels:
-        - docker
-        - ubuntu
-        - focal
-      # - ubuntu-latest  # overlaps w/ hosted runners on GHEC, can use in GHES and GHAE
-      securityContext:
-        runAsUser: 1000
-        seccompProfile:
-          type: RuntimeDefault
-        runAsNonRoot: true
----
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: HorizontalRunnerAutoscaler
-metadata:
-  name: ubuntu-focal-autoscaling
-  namespace: runners
-spec:
-  scaleTargetRef:
-    name: ubuntu-focal
-  minReplicas: 2
-  maxReplicas: 6
-  scaleDownDelaySecondsAfterScaleOut: 60
-  metrics:
-    - type: PercentageRunnersBusy
-      scaleUpThreshold: "0.75"
-      scaleDownThreshold: "0.3"
-      scaleUpFactor: "1.5"
-      scaleDownFactor: "0.7"
diff --git a/deployments/ubuntu-jammy.yml b/deployments/ubuntu-jammy.yml
deleted file mode 100644
index ffa8ea3..0000000
--- a/deployments/ubuntu-jammy.yml
+++ /dev/null
@@ -1,67 +0,0 @@
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: RunnerDeployment
-metadata:
-  name: ubuntu-jammy
-  namespace: runners
-spec:
-  replicas: 2
-  template:
-    spec:
-      repository: some-natalie/kubernoodles
-      env:
-        - name: DISABLE_RUNNER_UPDATE # Disables automatic runner updates
-          value: "true"
-      ephemeral: true
-      image: ghcr.io/some-natalie/kubernoodles/ubuntu-jammy:latest # change this to the version you really want!
-      imagePullPolicy: Always
-      imagePullSecrets:
-        - name: ghcr
-      dockerdWithinRunnerContainer: true
-      dockerMTU: 1450
-      volumeMounts:
-        - mountPath: /opt/statictoolcache
-          name: runnertoolcache
-          readOnly: true
-      volumes:
-        - name: runnertoolcache
-          persistentVolumeClaim:
-            claimName: prod-tool-cache-pvc
-      resources:
-        limits:
-          cpu: "4000m"
-          memory: "8Gi"
-        requests:
-          cpu: "200m"
-          memory: "200Mi"
-      labels:
-        - docker
-        - ubuntu
-        - jammy
-      # - ubuntu-latest  # overlaps w/ hosted runners on GHEC, can use in GHES and GHAE
-      containers:
-        - name: runner
-          securityContext:
-            privileged: true # making this explicit, as it's implied by `dockerdWithinRunnerContainer`
-      securityContext:
-        runAsUser: 1000
-        seccompProfile:
-          type: RuntimeDefault
-        runAsNonRoot: true
----
-apiVersion: actions.summerwind.dev/v1alpha1
-kind: HorizontalRunnerAutoscaler
-metadata:
-  name: ubuntu-jammy-autoscaling
-  namespace: runners
-spec:
-  scaleTargetRef:
-    name: ubuntu-jammy
-  minReplicas: 2
-  maxReplicas: 6
-  scaleDownDelaySecondsAfterScaleOut: 60
-  metrics:
-    - type: PercentageRunnersBusy
-      scaleUpThreshold: "0.75"
-      scaleDownThreshold: "0.3"
-      scaleUpFactor: "1.5"
-      scaleDownFactor: "0.7"
diff --git a/images/docker/daemon.json b/images/docker/daemon.json
deleted file mode 100644
index fccfbf1..0000000
--- a/images/docker/daemon.json
+++ /dev/null
@@ -1,3 +0,0 @@
-{
-  "mtu": 1400
-}
diff --git a/images/entrypoint.sh b/images/entrypoint.sh
deleted file mode 100755
index c20d3c0..0000000
--- a/images/entrypoint.sh
+++ /dev/null
@@ -1,185 +0,0 @@
-#!/bin/bash
-if [ -e "/.env" ]; then
-  echo "Adding custom environment variables" 1>&2
-  source /.env
-fi
-
-RUNNER_ASSETS_DIR=${RUNNER_ASSETS_DIR:-/runnertmp}
-RUNNER_HOME=${RUNNER_HOME:-/runner}
-
-LIGHTGREEN="\e[0;32m"
-LIGHTRED="\e[0;31m"
-WHITE="\e[0;97m"
-RESET="\e[0m"
-
-log(){
-  printf "%s %s %s\n" "$WHITE" "${@}" "$RESET" 1>&2
-}
-
-success(){
-  printf "%s %s %s\n" "$LIGHTGREEN" "${@}" "$RESET" 1>&2
-}
-
-error(){
-  printf "%s %s %s\n" "$LIGHTRED" "${@}" "$RESET" 1>&2
-}
-
-if [ -n "${STARTUP_DELAY_IN_SECONDS}" ]; then
-  log "Delaying startup by ${STARTUP_DELAY_IN_SECONDS} seconds"
-  sleep "${STARTUP_DELAY_IN_SECONDS}"
-fi
-
-if [[ "${DISABLE_WAIT_FOR_DOCKER}" != "true" ]] && [[ "${DOCKER_ENABLED}" == "true" ]]; then
-    log "Docker enabled runner detected and Docker daemon wait is enabled"
-    log "Waiting until Docker is avaliable or the timeout is reached"
-    timeout 120s bash -c 'until docker ps ;do sleep 1; done'
-else
-  log "Docker wait check skipped. Either Docker is disabled or the wait is disabled, continuing with entrypoint"
-fi
-
-if [ -z "${GITHUB_URL}" ]; then
-  log "Working with public GitHub"
-  GITHUB_URL="https://github.com/"
-else
-  length=${#GITHUB_URL}
-  last_char=${GITHUB_URL:length-1:1}
-
-  [[ $last_char != "/" ]] && GITHUB_URL="$GITHUB_URL/"; :
-  log "Github endpoint URL ${GITHUB_URL}"
-fi
-
-if [ -z "${RUNNER_NAME}" ]; then
-  error "RUNNER_NAME must be set"
-  exit 1
-fi
-
-if [ -n "${RUNNER_ORG}" ] && [ -n "${RUNNER_REPO}" ] && [ -n "${RUNNER_ENTERPRISE}" ]; then
-  ATTACH="${RUNNER_ORG}/${RUNNER_REPO}"
-elif [ -n "${RUNNER_ORG}" ]; then
-  ATTACH="${RUNNER_ORG}"
-elif [ -n "${RUNNER_REPO}" ]; then
-  ATTACH="${RUNNER_REPO}"
-elif [ -n "${RUNNER_ENTERPRISE}" ]; then
-  ATTACH="enterprises/${RUNNER_ENTERPRISE}"
-else
-  error "At least one of RUNNER_ORG or RUNNER_REPO or RUNNER_ENTERPRISE must be set"
-  exit 1
-fi
-
-if [ -z "${RUNNER_TOKEN}" ]; then
-  error "RUNNER_TOKEN must be set"
-  exit 1
-fi
-
-if [ -z "${RUNNER_REPO}" ] && [ -n "${RUNNER_GROUP}" ];then
-  RUNNER_GROUPS=${RUNNER_GROUP}
-fi
-
-# Hack due to https://github.com/actions-runner-controller/actions-runner-controller/issues/252#issuecomment-758338483
-if [ ! -d "${RUNNER_HOME}" ]; then
-  error "${RUNNER_HOME} should be an emptyDir mount. Please fix the pod spec."
-  exit 1
-fi
-
-# if this is not a testing environment
-if [[ "${UNITTEST:-}" == '' ]]; then
-  sudo chown -R runner:docker "$RUNNER_HOME"
-  # enable dotglob so we can copy a ".env" file to load in env vars as part of the service startup if one is provided
-  # loading a .env from the root of the service is part of the actions/runner logic
-  shopt -s dotglob
-  # use cp instead of mv to avoid issues when src and dst are on different devices
-  cp -r "$RUNNER_ASSETS_DIR"/* "$RUNNER_HOME"/
-  shopt -u dotglob
-fi
-
-cd "${RUNNER_HOME}" || exit 2
-# past that point, it's all relative pathes from /runner
-
-config_args=()
-if [ "${RUNNER_FEATURE_FLAG_EPHEMERAL:-}" == "true" ] && [ "${RUNNER_EPHEMERAL}" == "true" ]; then
-  config_args+=(--ephemeral)
-  echo "Passing --ephemeral to config.sh to enable the ephemeral runner."
-fi
-if [ "${DISABLE_RUNNER_UPDATE:-}" == "true" ]; then
-  config_args+=(--disableupdate)
-  echo "Passing --disableupdate to config.sh to disable automatic runner updates."
-fi
-
-retries_left=10
-while [[ ${retries_left} -gt 0 ]]; do
-  log "Configuring the runner."
-  ./config.sh --unattended --replace \
-    --name "${RUNNER_NAME}" \
-    --url "${GITHUB_URL}${ATTACH}" \
-    --token "${RUNNER_TOKEN}" \
-    --runnergroup "${RUNNER_GROUPS}" \
-    --labels "${RUNNER_LABELS}" \
-    --work "${RUNNER_WORKDIR}" "${config_args[@]}"
-
-  if [ -f .runner ]; then
-    success "Runner successfully configured."
-    break
-  fi
-
-  error "Configuration failed. Retrying"
-  retries_left=$((retries_left - 1))
-  sleep 1
-done
-
-if [ ! -f .runner ]; then
-  # we couldn't configure and register the runner; no point continuing
-  error "Configuration failed!"
-  exit 2
-fi
-
-cat .runner
-# Note: the `.runner` file's content should be something like the below:
-#
-# $ cat /runner/.runner
-# {
-# "agentId": 117, #=> corresponds to the ID of the runner
-# "agentName": "THE_RUNNER_POD_NAME",
-# "poolId": 1,
-# "poolName": "Default",
-# "serverUrl": "https://pipelines.actions.githubusercontent.com/SOME_RANDOM_ID",
-# "gitHubUrl": "https://github.com/USER/REPO",
-# "workFolder": "/some/work/dir" #=> corresponds to Runner.Spec.WorkDir
-# }
-#
-# Especially `agentId` is important, as other than listing all the runners in the repo,
-# this is the only change we could get the exact runnner ID which can be useful for further
-# GitHub API call like the below. Note that 171 is the agentId seen above.
-#   curl \
-#     -H "Accept: application/vnd.github.v3+json" \
-#     -H "Authorization: bearer ${GITHUB_TOKEN}"
-#     https://api.github.com/repos/USER/REPO/actions/runners/171
-
-if [ -z "${UNITTEST:-}" ]; then
-  mkdir -p ./externals
-  # Hack due to the DinD volumes
-  mv ./externalstmp/* ./externals/
-fi
-
-args=()
-if [ "${RUNNER_FEATURE_FLAG_EPHEMERAL:-}" != "true" ] && [ "${RUNNER_EPHEMERAL}" == "true" ]; then
-  args+=(--once)
-  echo "[WARNING] Passing --once is deprecated and will be removed as an option from the image and ARC at the release of 0.24.0."
-  echo "[WARNING] Upgrade to GHES => 3.3 to continue using actions-runner-controller. If you are using github.com ignore this warning."
-fi
-
-# Unset entrypoint environment variables so they don't leak into the runner environment
-unset RUNNER_NAME RUNNER_REPO RUNNER_TOKEN STARTUP_DELAY_IN_SECONDS DISABLE_WAIT_FOR_DOCKER
-
-# Docker ignores PAM and thus never loads the system environment variables that
-# are meant to be set in every environment of every user. We emulate the PAM
-# behavior by reading the environment variables without interpreting them.
-#
-# https://github.com/actions-runner-controller/actions-runner-controller/issues/1135
-# https://github.com/actions/runner/issues/1703
-
-# /etc/environment may not exist when running unit tests depending on the platform being used
-# (e.g. Mac OS) so we just skip the mapping entirely
-if [ -z "${UNITTEST:-}" ]; then
-  mapfile -t env </etc/environment
-fi
-exec env -- "${env[@]}" ./run.sh "${args[@]}"
diff --git a/images/hooks/job-completed.d/update-status b/images/hooks/job-completed.d/update-status
deleted file mode 100755
index 6efa332..0000000
--- a/images/hooks/job-completed.d/update-status
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-set -u
-
-exec update-status Idle
diff --git a/images/hooks/job-completed.sh b/images/hooks/job-completed.sh
deleted file mode 100755
index 5a9cb5c..0000000
--- a/images/hooks/job-completed.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/usr/bin/env bash
-set -Eeuo pipefail
-
-# shellcheck source=runner/logger.bash
-source /usr/bin/logger.sh
-
-log.debug "Running ARC Job Completed Hooks"
-
-for hook in /etc/arc/hooks/job-completed.d/*; do
-  log.debug "Running hook: $hook"
-  "$hook" "$@"
-done
diff --git a/images/hooks/job-started.d/update-status b/images/hooks/job-started.d/update-status
deleted file mode 100755
index db7c6fd..0000000
--- a/images/hooks/job-started.d/update-status
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-set -u
-
-exec update-status Running "Run $GITHUB_RUN_ID from $GITHUB_REPOSITORY"
diff --git a/images/hooks/job-started.sh b/images/hooks/job-started.sh
deleted file mode 100644
index 910a560..0000000
--- a/images/hooks/job-started.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/usr/bin/env bash
-set -Eeuo pipefail
-
-# shellcheck source=runner/logger.bash
-source /usr/bin/logger.sh
-
-log.debug "Running ARC Job Started Hooks"
-
-for hook in /etc/arc/hooks/job-started.d/*; do
-  log.debug "Running hook: $hook"
-  "$hook" "$@"
-done
diff --git a/images/modprobe.sh b/images/modprobe.sh
deleted file mode 100644
index 4b6b8ed..0000000
--- a/images/modprobe.sh
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/bin/sh
-set -eu
-
-# "modprobe" without modprobe
-# https://twitter.com/lucabruno/status/902934379835662336
-
-# no really, even Docker uses this
-# https://github.com/docker-library/docker/blob/master/20.10/modprobe.sh
-
-# this isn't 100% fool-proof, but it'll have a much higher success rate than simply using the "real" modprobe
-
-# Docker often uses "modprobe -va foo bar baz"
-# so we ignore modules that start with "-"
-for module; do
-	if [ "${module#-}" = "$module" ]; then
-		ip link show "$module" || true
-		lsmod | grep "$module" || true
-	fi
-done
-
-# remove /usr/local/... from PATH so we can exec the real modprobe as a last resort
-export PATH='/usr/sbin:/usr/bin:/sbin:/bin'
-exec modprobe "$@"
diff --git a/images/podman-startup.sh b/images/podman-startup.sh
deleted file mode 100644
index 4afe15f..0000000
--- a/images/podman-startup.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-source /usr/bin/logger.sh
-
-# Symlink the cache assets
-log.notice "Symlinking static cache assets"
-ln -s /opt/statictoolcache/* /opt/hostedtoolcache && ls -l /opt/hostedtoolcache
-
-# Wait processes to be running
-entrypoint.sh
diff --git a/images/podman.Dockerfile b/images/podman.Dockerfile
deleted file mode 100644
index f0eabf6..0000000
--- a/images/podman.Dockerfile
+++ /dev/null
@@ -1,111 +0,0 @@
-FROM quay.io/podman/stable:v4
-
-# Target architecture
-ARG TARGETPLATFORM=linux/amd64
-
-# GitHub runner arguments
-ARG RUNNER_VERSION=2.301.1
-
-# Other arguments
-ARG DEBUG=false
-
-# Label all the things!!
-LABEL \ 
-    org.opencontainers.image.source https://github.com/some-natalie/kubernoodles \
-    org.opencontainers.image.title podman-runner \
-    org.opencontainers.image.description "A Podman (Fedora) based runner image for GitHub Actions" \
-    org.opencontainers.image.authors "Natalie Somersall (@some-natalie)" \
-    org.opencontainers.image.licenses=MIT \
-    org.opencontainers.image.documentation https://github.com/some-natalie/kubernoodles/README.md
-
-# Copy in environment variables not needed at build
-COPY images/.env /.env
-
-# Shell setup
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
-
-# The UID env var should be used in child Containerfile.
-ENV UID=1000
-ENV GID=0
-ENV USERNAME="podman"
-ENV RUNNER_ASSETS_DIR=/runnertmp
-
-# Dependencies setup
-RUN dnf install -y \
-    buildah \
-    fuse-overlayfs \
-    jq \
-    podman-docker \
-    podman-compose \
-    skopeo \
-    shadow-utils \
-    slirp4netns \
-    xz \
-    --exclude container-selinux \
-    && dnf -y reinstall shadow-utils \
-    && rm /etc/dnf/protected.d/sudo.conf \
-    && dnf remove sudo -y \
-    && dnf clean all \
-    && touch /etc/containers/nodocker
-
-# This is to mimic the OpenShift behaviour of adding the dynamic user to group 0.
-RUN usermod -G 0 $USERNAME
-ENV HOME /home/${USERNAME}
-WORKDIR /home/${USERNAME}
-
-# Install kubectl
-COPY images/software/kubectl.sh /kubectl.sh
-RUN bash /kubectl.sh && rm /kubectl.sh
-
-# Runner download supports amd64 as x64
-RUN test -n "$TARGETPLATFORM" || (echo "TARGETPLATFORM must be set" && false)
-RUN ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
-    && export ARCH \
-    && if [ "$ARCH" = "amd64" ]; then export ARCH=x64 ; fi \
-    && mkdir -p "$RUNNER_ASSETS_DIR" \
-    && cd "$RUNNER_ASSETS_DIR" \
-    && curl -L -o runner.tar.gz https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-${ARCH}-${RUNNER_VERSION}.tar.gz \
-    && tar xzf ./runner.tar.gz \
-    && rm runner.tar.gz \
-    && ./bin/installdependencies.sh \
-    && dnf clean all
-
-# Create the hosted tool cache directory
-ENV RUNNER_TOOL_CACHE=/opt/hostedtoolcache
-RUN mkdir /opt/hostedtoolcache \
-    && chown podman:podman /opt/hostedtoolcache \
-    && chmod g+rwx /opt/hostedtoolcache
-RUN mkdir /opt/statictoolcache \
-    && chown podman:podman /opt/statictoolcache \
-    && chmod g+rwx /opt/statictoolcache
-
-# Copy files into the image
-COPY images/logger.sh /usr/bin/logger.sh
-COPY images/entrypoint.sh /usr/local/bin/
-COPY images/podman-startup.sh /usr/local/bin/
-COPY images/podman/11-tcp-mtu-probing.conf /etc/sysctl.d/11-tcp-mtu-probing.conf
-COPY images/podman/containers.conf /home/podman/.config/containers/containers.conf
-COPY images/podman/registries.conf /etc/containers/registries.conf
-
-RUN chgrp -R 0 /etc/containers/ \
-    && chmod -R a+r /etc/containers/ \
-    && chmod -R g+w /etc/containers/
-
-# Use VFS since fuse does not work
-# https://github.com/containers/buildah/blob/master/vendor/github.com/containers/storage/storage.conf
-RUN mkdir -vp /home/${USERNAME}/.config/containers && \
-    printf '[storage]\ndriver = "vfs"\n' > /home/${USERNAME}/.config/containers/storage.conf && \
-    chown -Rv ${USERNAME} /home/${USERNAME}/.config/
-
-RUN chmod +x /usr/local/bin/entrypoint.sh \
-    && chmod +x /usr/local/bin/podman-startup.sh \
-    && sed -i 's|\[machine\]|\#\[machine\]|g' /usr/share/containers/containers.conf \
-    && mkdir -p /github/home \
-    && mkdir /github/workflow \
-    && mkdir /github/file_commands \
-    && mkdir /github/workspace \
-    && chown -R podman:podman /github
-
-USER $UID
-
-CMD [ "podman-startup.sh"]
\ No newline at end of file
diff --git a/images/podman/11-tcp-mtu-probing.conf b/images/podman/11-tcp-mtu-probing.conf
deleted file mode 100644
index c34569d..0000000
--- a/images/podman/11-tcp-mtu-probing.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-# Turn on MTU probing to avoid network hangs when the Docker MTU is larger than
-# the host or upstream network MTU.
-net.ipv4.tcp_mtu_probing=1
\ No newline at end of file
diff --git a/images/podman/containers.conf b/images/podman/containers.conf
deleted file mode 100644
index 0bf45cd..0000000
--- a/images/podman/containers.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-[engine]
-cgroup_manager = "cgroupfs"
diff --git a/images/podman/registries.conf b/images/podman/registries.conf
deleted file mode 100644
index 9d3bf99..0000000
--- a/images/podman/registries.conf
+++ /dev/null
@@ -1,79 +0,0 @@
-# For more information on this configuration file, see containers-registries.conf(5).
-#
-# NOTE: RISK OF USING UNQUALIFIED IMAGE NAMES
-# We recommend always using fully qualified image names including the registry
-# server (full dns name), namespace, image name, and tag
-# (e.g., registry.redhat.io/ubi8/ubi:latest). Pulling by digest (i.e.,
-# quay.io/repository/name@digest) further eliminates the ambiguity of tags.
-# When using short names, there is always an inherent risk that the image being
-# pulled could be spoofed. For example, a user wants to pull an image named
-# `foobar` from a registry and expects it to come from myregistry.com. If
-# myregistry.com is not first in the search list, an attacker could place a
-# different `foobar` image at a registry earlier in the search list. The user
-# would accidentally pull and run the attacker's image and code rather than the
-# intended content. We recommend only adding registries which are completely
-# trusted (i.e., registries which don't allow unknown or anonymous users to
-# create accounts with arbitrary names). This will prevent an image from being
-# spoofed, squatted or otherwise made insecure.  If it is necessary to use one
-# of these registries, it should be added at the end of the list.
-#
-# # An array of host[:port] registries to try when pulling an unqualified image, in order.
-unqualified-search-registries = ["localhost", "registry.fedoraproject.org", "registry.access.redhat.com", "docker.io", "quay.io"]
-#
-# [[registry]]
-# # The "prefix" field is used to choose the relevant [[registry]] TOML table;
-# # (only) the TOML table with the longest match for the input image name
-# # (taking into account namespace/repo/tag/digest separators) is used.
-# # 
-# # The prefix can also be of the form: *.example.com for wildcard subdomain
-# # matching.
-# #
-# # If the prefix field is missing, it defaults to be the same as the "location" field.
-# prefix = "example.com/foo"
-#
-# # If true, unencrypted HTTP as well as TLS connections with untrusted
-# # certificates are allowed.
-# insecure = false
-#
-# # If true, pulling images with matching names is forbidden.
-# blocked = false
-#
-# # The physical location of the "prefix"-rooted namespace.
-# #
-# # By default, this is equal to "prefix" (in which case "prefix" can be omitted
-# # and the [[registry]] TOML table can only specify "location").
-# #
-# # Example: Given
-# #   prefix = "example.com/foo"
-# #   location = "internal-registry-for-example.net/bar"
-# # requests for the image example.com/foo/myimage:latest will actually work with the
-# # internal-registry-for-example.net/bar/myimage:latest image.
-#
-# # The location can be empty iff prefix is in a
-# # wildcarded format: "*.example.com". In this case, the input reference will
-# # be used as-is without any rewrite.
-# location = internal-registry-for-example.com/bar"
-#
-# # (Possibly-partial) mirrors for the "prefix"-rooted namespace.
-# #
-# # The mirrors are attempted in the specified order; the first one that can be
-# # contacted and contains the image will be used (and if none of the mirrors contains the image,
-# # the primary location specified by the "registry.location" field, or using the unmodified
-# # user-specified reference, is tried last).
-# #
-# # Each TOML table in the "mirror" array can contain the following fields, with the same semantics
-# # as if specified in the [[registry]] TOML table directly:
-# # - location
-# # - insecure
-# [[registry.mirror]]
-# location = "example-mirror-0.local/mirror-for-foo"
-# [[registry.mirror]]
-# location = "example-mirror-1.local/mirrors/foo"
-# insecure = true
-# # Given the above, a pull of example.com/foo/image:latest will try:
-# # 1. example-mirror-0.local/mirror-for-foo/image:latest
-# # 2. example-mirror-1.local/mirrors/foo/image:latest
-# # 3. internal-registry-for-example.net/bar/image:latest
-# # in order, and use the first one that exists.
-
-short-name-mode="permissive"
\ No newline at end of file
diff --git a/images/rootless-startup.sh b/images/rootless-startup.sh
deleted file mode 100644
index e1da411..0000000
--- a/images/rootless-startup.sh
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/bin/bash
-source /usr/bin/logger.sh
-
-log.notice "Writing out Docker config file"
-/bin/bash <<SCRIPT
-mkdir -p /home/runner/.config/docker/
-
-if [ ! -f /home/runner/.config/docker/daemon.json ]; then
-  echo "{}" > /home/runner/.config/docker/daemon.json
-fi
-
-if [ -n "${MTU}" ]; then
-jq ".\"mtu\" = ${MTU}" /home/runner/.config/docker/daemon.json > /tmp/.daemon.json && mv /tmp/.daemon.json /home/runner/.config/docker/daemon.json
-# See https://docs.docker.com/engine/security/rootless/ and https://github.com/docker/engine/blob/8955d8da8951695a98eb7e15bead19d402c6eb27/contrib/dockerd-rootless.sh#L13
-echo "DOCKERD_ROOTLESS_ROOTLESSKIT_MTU=${MTU}" >> /etc/environment
-fi
-
-if [ -n "${DOCKER_REGISTRY_MIRROR}" ]; then
-jq ".\"registry-mirrors\"[0] = \"${DOCKER_REGISTRY_MIRROR}\"" /home/runner/.config/docker/daemon.json > /tmp/.daemon.json && mv /tmp/.daemon.json /home/runner/.config/docker/daemon.json
-fi
-SCRIPT
-
-log.notice "Symlinking static cache assets"
-ln -s /opt/statictoolcache/* /opt/hostedtoolcache && ls -l /opt/hostedtoolcache
-
-log.notice "Starting Docker (rootless)"
-/home/runner/bin/dockerd-rootless.sh --config-file /home/runner/.config/docker/daemon.json >> /dev/null 2>&1 &
-
-# Wait processes to be running
-entrypoint.sh
\ No newline at end of file
diff --git a/images/rootless-ubuntu-focal.Dockerfile b/images/rootless-ubuntu-focal.Dockerfile
deleted file mode 100644
index 50266cd..0000000
--- a/images/rootless-ubuntu-focal.Dockerfile
+++ /dev/null
@@ -1,158 +0,0 @@
-FROM ubuntu:20.04
-
-# Target architecture
-ARG TARGETPLATFORM=linux/amd64
-
-# GitHub runner arguments
-ARG RUNNER_VERSION=2.301.1
-
-# Docker and Docker Compose arguments
-ENV CHANNEL=stable
-ARG COMPOSE_VERSION=v2.15.1
-
-# Dumb-init version
-ARG DUMB_INIT_VERSION=1.2.5
-
-# Other arguments
-ARG DEBUG=false
-
-# Label all the things!!
-LABEL \ 
-    org.opencontainers.image.source https://github.com/some-natalie/kubernoodles \
-    org.opencontainers.image.title rootless-ubuntu-focal-runner \
-    org.opencontainers.image.description "An Ubuntu Focal (20.04 LTS) based runner image for GitHub Actions, rootless" \
-    org.opencontainers.image.authors "Natalie Somersall (@some-natalie)" \
-    org.opencontainers.image.licenses=MIT \
-    org.opencontainers.image.documentation https://github.com/some-natalie/kubernoodles/README.md
-
-# Set environment variables needed at build
-ENV DEBIAN_FRONTEND=noninteractive
-
-# Copy in environment variables not needed at build
-COPY images/.env /.env
-
-# Shell setup
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
-
-# Install base software
-RUN apt-get update \
-    && apt-get install -y --no-install-recommends \
-    apt-transport-https \
-    apt-utils \
-    ca-certificates \
-    curl \
-    gcc \
-    git \
-    iproute2 \
-    iptables \
-    jq \
-    libyaml-dev \
-    locales \
-    lsb-release \
-    openssl \
-    pigz \
-    pkg-config \
-    software-properties-common \
-    time \
-    tzdata \
-    uidmap \
-    unzip \
-    wget \
-    xz-utils \
-    zip \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/*
-
-# Runner user
-RUN adduser --disabled-password --gecos "" --uid 1000 runner
-
-# Install GitHub CLI
-COPY images/software/gh-cli.sh /gh-cli.sh
-RUN bash /gh-cli.sh && rm /gh-cli.sh
-
-# Install kubectl
-COPY images/software/kubectl.sh /kubectl.sh
-RUN bash /kubectl.sh && rm /kubectl.sh
-
-RUN test -n "$TARGETPLATFORM" || (echo "TARGETPLATFORM must be set" && false)
-
-# Setup subuid and subgid so that "--userns-remap=default" works
-RUN set -eux; \
-    addgroup --system dockremap; \
-    adduser --system --ingroup dockremap dockremap; \
-    echo 'dockremap:165536:65536' >> /etc/subuid; \
-    echo 'dockremap:165536:65536' >> /etc/subgid
-
-ENV RUNNER_ASSETS_DIR=/runnertmp
-
-# Runner download supports amd64 as x64
-RUN ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
-    && export ARCH \
-    && if [ "$ARCH" = "amd64" ]; then export ARCH=x64 ; fi \
-    && mkdir -p "$RUNNER_ASSETS_DIR" \
-    && cd "$RUNNER_ASSETS_DIR" \
-    && curl -L -o runner.tar.gz https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-${ARCH}-${RUNNER_VERSION}.tar.gz \
-    && tar xzf ./runner.tar.gz \
-    && rm runner.tar.gz \
-    && ./bin/installdependencies.sh \
-    && apt-get autoclean \
-    && rm -rf /var/lib/apt/lists/*
-
-# Create the hosted tool cache directory
-ENV RUNNER_TOOL_CACHE=/opt/hostedtoolcache
-RUN mkdir /opt/hostedtoolcache \
-    && chgrp runner /opt/hostedtoolcache \
-    && chmod g+rwx /opt/hostedtoolcache
-RUN mkdir /opt/statictoolcache \
-    && chgrp runner /opt/statictoolcache \
-    && chmod g+rwx /opt/statictoolcache
-
-# Configure hooks folder structure
-COPY images/hooks /etc/arc/hooks/
-
-# Install dumb-init, arch command on OS X reports "i386" for Intel CPUs regardless of bitness
-RUN ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
-    && export ARCH \
-    && if [ "$ARCH" = "arm64" ]; then export ARCH=aarch64 ; fi \
-    && if [ "$ARCH" = "amd64" ] || [ "$ARCH" = "i386" ]; then export ARCH=x86_64 ; fi \
-    && curl -f -L -o /usr/local/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v${DUMB_INIT_VERSION}/dumb-init_${DUMB_INIT_VERSION}_${ARCH} \
-    && chmod +x /usr/local/bin/dumb-init
-
-# We place the scripts in `/usr/bin` so that users who extend this image can
-# override them with scripts of the same name placed in `/usr/local/bin`.
-COPY images/rootless-startup.sh images/logger.sh images/entrypoint.sh /usr/bin/
-RUN chmod +x /usr/bin/rootless-startup.sh /usr/bin/entrypoint.sh
-
-# Make the rootless runner directory executable
-RUN mkdir /run/user/1000 \
-    && chown runner:runner /run/user/1000 \
-    && chmod a+x /run/user/1000
-
-# Add the Python "User Script Directory" to the PATH
-ENV PATH="${PATH}:${HOME}/.local/bin:/home/runner/bin"
-ENV ImageOS=ubuntu20
-ENV DOCKER_HOST=unix:///run/user/1000/docker.sock
-ENV XDG_RUNTIME_DIR=/run/user/1000
-
-RUN echo "PATH=${PATH}" > /etc/environment \
-    && echo "ImageOS=${ImageOS}" >> /etc/environment \
-    && echo "DOCKER_HOST=${DOCKER_HOST}" >> /etc/environment \
-    && echo "XDG_RUNTIME_DIR=${XDG_RUNTIME_DIR}" >> /etc/environment \
-    && echo "kernel.unprivileged_userns_clone=1" >> /etc/sysctl.conf
-
-ENV HOME=/home/runner
-
-# No group definition, as that makes it harder to run docker.
-USER runner
-
-# Docker installation
-ENV SKIP_IPTABLES=1
-RUN curl -fsSL https://get.docker.com/rootless | sh
-COPY --chown=runner:runner images/docker/daemon.json /home/runner/.config/docker/daemon.json
-
-# Docker-compose installation
-RUN curl -L "https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-Linux-x86_64" -o /home/runner/bin/docker-compose ; \
-    chmod +x /home/runner/bin/docker-compose
-
-ENTRYPOINT ["/usr/local/bin/dumb-init", "--"]
-CMD ["rootless-startup.sh"]
diff --git a/images/startup.sh b/images/startup.sh
deleted file mode 100644
index 94e24ce..0000000
--- a/images/startup.sh
+++ /dev/null
@@ -1,62 +0,0 @@
-#!/bin/bash
-source /usr/bin/logger.sh
-
-function wait_for_process () {
-    local max_time_wait=30
-    local process_name="$1"
-    local waited_sec=0
-    while ! pgrep "$process_name" >/dev/null && ((waited_sec < max_time_wait)); do
-        log.notice "Process $process_name is not running yet. Retrying in 2 seconds"
-        log.notice "Waited $waited_sec seconds of $max_time_wait seconds"
-        sleep 2
-        ((waited_sec=waited_sec+2))
-        if ((waited_sec >= max_time_wait)); then
-            {
-              sudo "$process_name" &
-            } || {
-              return 1
-            }
-        fi
-    done
-    return 0
-}
-
-dump() {
-  local path=${1:?missing required <path> argument}
-  shift
-  printf -- "%s\n---\n" "${*//\{path\}/"$path"}" 1>&2
-  cat "$path" 1>&2
-  printf -- '---\n' 1>&2
-}
-
-for config in /etc/docker/daemon.json /etc/supervisor/conf.d/dockerd.conf; do
-  dump "$config" 'Using {path} with the following content:'
-done
-
-log.debug "Starting supervisor"
-sudo /usr/bin/supervisord -n >> /dev/null 2>&1 &
-
-log.debug "Waiting for processes to be running"
-processes=(dockerd)
-
-log.notice "Symlinking static cache assets"
-ln -s /opt/statictoolcache/* /opt/hostedtoolcache && ls -l /opt/hostedtoolcache
-
-for process in "${processes[@]}"; do
-    sleep 10
-    wait_for_process "$process"
-    if [ $? -ne 0 ]; then
-        log.error "$process is not running after max time"
-        dump /var/log/dockerd.err.log 'Dumping {path} to aid investigation'
-        exit 1
-    else
-        log.debug "$process is running"
-    fi
-done
-
-if [ -n "${MTU}" ]; then
-  sudo ifconfig docker0 mtu ${MTU} up
-fi
-
-# Wait processes to be running
-entrypoint.sh
diff --git a/images/supervisor/dockerd.conf b/images/supervisor/dockerd.conf
deleted file mode 100644
index 8dbda2f..0000000
--- a/images/supervisor/dockerd.conf
+++ /dev/null
@@ -1,6 +0,0 @@
-[program:dockerd]
-command=/usr/local/bin/dockerd --mtu 1400
-autostart=true
-autorestart=true
-stderr_logfile=/var/log/dockerd.err.log
-stdout_logfile=/var/log/dockerd.out.log
diff --git a/images/ubuntu-focal.Dockerfile b/images/ubuntu-focal.Dockerfile
deleted file mode 100644
index e3755eb..0000000
--- a/images/ubuntu-focal.Dockerfile
+++ /dev/null
@@ -1,152 +0,0 @@
-FROM ubuntu:20.04
-
-# Target architecture
-ARG TARGETPLATFORM=linux/amd64
-
-# GitHub runner arguments
-ARG RUNNER_VERSION=2.301.1
-
-# Docker and Docker Compose arguments
-ARG DOCKER_CHANNEL=stable
-ARG DOCKER_VERSION=20.10.22
-ARG COMPOSE_VERSION=v2.15.1
-
-# Dumb-init version
-ARG DUMB_INIT_VERSION=1.2.5
-
-# Other arguments
-ARG DEBUG=false
-
-# Label all the things!!
-LABEL \ 
-  org.opencontainers.image.source https://github.com/some-natalie/kubernoodles \
-  org.opencontainers.image.title ubuntu-focal-runner \
-  org.opencontainers.image.description "An Ubuntu Focal (20.04 LTS) based runner image for GitHub Actions" \
-  org.opencontainers.image.authors "Natalie Somersall (@some-natalie)" \
-  org.opencontainers.image.licenses=MIT \
-  org.opencontainers.image.documentation https://github.com/some-natalie/kubernoodles/README.md
-
-# Set environment variables needed at build
-ENV DEBIAN_FRONTEND=noninteractive
-
-# Copy in environment variables not needed at build
-COPY images/.env /.env
-
-# Shell setup
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
-
-# Install base software
-RUN apt-get update \
-  && apt-get install -y --no-install-recommends \
-  apt-transport-https \
-  apt-utils \
-  ca-certificates \
-  cifs-utils \
-  curl \
-  gcc \
-  git \
-  iptables \
-  jq \
-  libyaml-dev \
-  locales \
-  lsb-release \
-  pkg-config \
-  software-properties-common \
-  sudo \
-  supervisor \
-  time \
-  tzdata \
-  unzip \
-  wget \
-  zip \
-  && apt-get clean \
-  && rm -rf /var/lib/apt/lists/*
-
-# Runner user
-RUN adduser --disabled-password --gecos "" --uid 1000 runner \
-  && groupadd docker \
-  && usermod -aG sudo runner \
-  && usermod -aG docker runner \
-  && echo "%sudo   ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers
-
-# Install GitHub CLI
-COPY images/software/gh-cli.sh /gh-cli.sh
-RUN bash /gh-cli.sh && rm /gh-cli.sh
-
-# Install kubectl
-COPY images/software/kubectl.sh /kubectl.sh
-RUN bash /kubectl.sh && rm /kubectl.sh
-
-RUN test -n "$TARGETPLATFORM" || (echo "TARGETPLATFORM must be set" && false)
-
-# Docker installation
-RUN ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
-  && export ARCH \
-  && if [ "$ARCH" = "arm64" ]; then export ARCH=aarch64 ; fi \
-  && if [ "$ARCH" = "amd64" ]; then export ARCH=x86_64 ; fi \
-  && if ! curl -L -o docker.tgz "https://download.docker.com/linux/static/${DOCKER_CHANNEL}/${ARCH}/docker-${DOCKER_VERSION}.tgz"; then \
-  echo >&2 "error: failed to download 'docker-${DOCKER_VERSION}' from '${DOCKER_CHANNEL}' for '${ARCH}'"; \
-  exit 1; \
-  fi; \
-  echo "Downloaded Docker from https://download.docker.com/linux/static/${DOCKER_CHANNEL}/${ARCH}/docker-${DOCKER_VERSION}.tgz"; \
-  tar --extract \
-  --file docker.tgz \
-  --strip-components 1 \
-  --directory /usr/local/bin/ \
-  ; \
-  rm docker.tgz; \
-  dockerd --version; \
-  docker --version
-
-# Docker-compose installation
-RUN curl -L "https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-Linux-x86_64" -o /usr/local/bin/docker-compose ; \
-  chmod +x /usr/local/bin/docker-compose ; \
-  docker-compose --version
-
-ENV RUNNER_ASSETS_DIR=/runnertmp
-
-# Runner download supports amd64 as x64
-RUN ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
-  && export ARCH \
-  && if [ "$ARCH" = "amd64" ]; then export ARCH=x64 ; fi \
-  && mkdir -p "$RUNNER_ASSETS_DIR" \
-  && cd "$RUNNER_ASSETS_DIR" \
-  && curl -L -o runner.tar.gz https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-${ARCH}-${RUNNER_VERSION}.tar.gz \
-  && tar xzf ./runner.tar.gz \
-  && rm runner.tar.gz \
-  && ./bin/installdependencies.sh \
-  && apt-get autoclean \
-  && apt-get autoremove
-
-# Create the hosted tool cache directory
-ENV RUNNER_TOOL_CACHE=/opt/hostedtoolcache
-RUN mkdir /opt/hostedtoolcache \
-  && chgrp runner /opt/hostedtoolcache \
-  && chmod g+rwx /opt/hostedtoolcache
-RUN mkdir /opt/statictoolcache \
-  && chgrp runner /opt/statictoolcache \
-  && chmod g+rwx /opt/statictoolcache
-
-# Install dumb-init, arch command on OS X reports "i386" for Intel CPUs regardless of bitness
-RUN ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
-  && export ARCH \
-  && if [ "$ARCH" = "arm64" ]; then export ARCH=aarch64 ; fi \
-  && if [ "$ARCH" = "amd64" ] || [ "$ARCH" = "i386" ]; then export ARCH=x86_64 ; fi \
-  && curl -f -L -o /usr/local/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v${DUMB_INIT_VERSION}/dumb-init_${DUMB_INIT_VERSION}_${ARCH} \
-  && chmod +x /usr/local/bin/dumb-init
-
-# We place the scripts in `/usr/bin` so that users who extend this image can
-# override them with scripts of the same name placed in `/usr/local/bin`.
-COPY images/startup.sh images/logger.sh images/entrypoint.sh /usr/bin/
-RUN chmod +x /usr/bin/startup.sh /usr/bin/entrypoint.sh
-
-COPY images/supervisor/ /etc/supervisor/conf.d/
-COPY images/docker/daemon.json /etc/docker/daemon.json
-
-VOLUME /var/lib/docker
-
-# No group definition, as that makes it harder to run docker.
-USER runner
-
-ENTRYPOINT ["/usr/local/bin/dumb-init", "--"]
-CMD ["startup.sh"]
diff --git a/images/ubuntu-jammy.Dockerfile b/images/ubuntu-jammy.Dockerfile
deleted file mode 100644
index 690c923..0000000
--- a/images/ubuntu-jammy.Dockerfile
+++ /dev/null
@@ -1,150 +0,0 @@
-FROM ubuntu:22.04
-
-# Target architecture
-ARG TARGETPLATFORM=linux/amd64
-
-# GitHub runner arguments
-ARG RUNNER_VERSION=2.301.1
-
-# Docker and Docker Compose arguments
-ARG DOCKER_CHANNEL=stable
-ARG DOCKER_VERSION=20.10.22
-ARG COMPOSE_VERSION=v2.15.1
-
-# Dumb-init version
-ARG DUMB_INIT_VERSION=1.2.5
-
-# Other arguments
-ARG DEBUG=false
-
-# Label all the things!!
-LABEL \ 
-  org.opencontainers.image.source https://github.com/some-natalie/kubernoodles \
-  org.opencontainers.image.title ubuntu-jammy-runner \
-  org.opencontainers.image.description "An Ubuntu Jammy (22.04 LTS) based runner image for GitHub Actions" \
-  org.opencontainers.image.authors "Natalie Somersall (@some-natalie)" \
-  org.opencontainers.image.licenses=MIT \
-  org.opencontainers.image.documentation https://github.com/some-natalie/kubernoodles/README.md
-
-# Set environment variables needed at build
-ENV DEBIAN_FRONTEND=noninteractive
-
-# Copy in environment variables not needed at build
-COPY images/.env /.env
-
-# Shell setup
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
-
-# Install base software
-RUN apt-get update \
-  && apt-get install -y --no-install-recommends \
-  apt-transport-https \
-  apt-utils \
-  ca-certificates \
-  curl \
-  gcc \
-  git \
-  iptables \
-  jq \
-  libyaml-dev \
-  locales \
-  lsb-release \
-  pkg-config \
-  software-properties-common \
-  sudo \
-  supervisor \
-  time \
-  tzdata \
-  unzip \
-  wget \
-  zip \
-  && apt-get clean \
-  && rm -rf /var/lib/apt/lists/*
-
-# Runner user
-RUN adduser --disabled-password --gecos "" --uid 1000 runner \
-  && groupadd docker \
-  && usermod -aG sudo runner \
-  && usermod -aG docker runner \
-  && echo "%sudo   ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers
-
-# Install GitHub CLI
-COPY images/software/gh-cli.sh /gh-cli.sh
-RUN bash /gh-cli.sh && rm /gh-cli.sh
-
-# Install kubectl
-COPY images/software/kubectl.sh /kubectl.sh
-RUN bash /kubectl.sh && rm /kubectl.sh
-
-RUN test -n "$TARGETPLATFORM" || (echo "TARGETPLATFORM must be set" && false)
-
-# Docker installation
-RUN ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
-  && export ARCH \
-  && if [ "$ARCH" = "arm64" ]; then export ARCH=aarch64 ; fi \
-  && if [ "$ARCH" = "amd64" ]; then export ARCH=x86_64 ; fi \
-  && if ! curl -L -o docker.tgz "https://download.docker.com/linux/static/${DOCKER_CHANNEL}/${ARCH}/docker-${DOCKER_VERSION}.tgz"; then \
-  echo >&2 "error: failed to download 'docker-${DOCKER_VERSION}' from '${DOCKER_CHANNEL}' for '${ARCH}'"; \
-  exit 1; \
-  fi; \
-  echo "Downloaded Docker from https://download.docker.com/linux/static/${DOCKER_CHANNEL}/${ARCH}/docker-${DOCKER_VERSION}.tgz"; \
-  tar --extract \
-  --file docker.tgz \
-  --strip-components 1 \
-  --directory /usr/local/bin/ ; \
-  rm docker.tgz; \
-  dockerd --version; \
-  docker --version
-
-# Docker-compose installation
-RUN curl -L "https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-Linux-x86_64" -o /usr/local/bin/docker-compose ; \
-  chmod +x /usr/local/bin/docker-compose ; \
-  docker-compose --version
-
-ENV RUNNER_ASSETS_DIR=/runnertmp
-
-# Runner download supports amd64 as x64
-RUN ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
-  && export ARCH \
-  && if [ "$ARCH" = "amd64" ]; then export ARCH=x64 ; fi \
-  && mkdir -p "$RUNNER_ASSETS_DIR" \
-  && cd "$RUNNER_ASSETS_DIR" \
-  && curl -L -o runner.tar.gz https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-${ARCH}-${RUNNER_VERSION}.tar.gz \
-  && tar xzf ./runner.tar.gz \
-  && rm runner.tar.gz \
-  && ./bin/installdependencies.sh \
-  && apt-get autoclean \
-  && apt-get autoremove
-
-# Create the hosted tool cache directory
-ENV RUNNER_TOOL_CACHE=/opt/hostedtoolcache
-RUN mkdir /opt/hostedtoolcache \
-  && chgrp runner /opt/hostedtoolcache \
-  && chmod g+rwx /opt/hostedtoolcache
-RUN mkdir /opt/statictoolcache \
-  && chgrp runner /opt/statictoolcache \
-  && chmod g+rwx /opt/statictoolcache
-
-# Install dumb-init, arch command on OS X reports "i386" for Intel CPUs regardless of bitness
-RUN ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
-  && export ARCH \
-  && if [ "$ARCH" = "arm64" ]; then export ARCH=aarch64 ; fi \
-  && if [ "$ARCH" = "amd64" ] || [ "$ARCH" = "i386" ]; then export ARCH=x86_64 ; fi \
-  && curl -f -L -o /usr/local/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v${DUMB_INIT_VERSION}/dumb-init_${DUMB_INIT_VERSION}_${ARCH} \
-  && chmod +x /usr/local/bin/dumb-init
-
-# We place the scripts in `/usr/bin` so that users who extend this image can
-# override them with scripts of the same name placed in `/usr/local/bin`.
-COPY images/startup.sh images/logger.sh images/entrypoint.sh /usr/bin/
-RUN chmod +x /usr/bin/startup.sh /usr/bin/entrypoint.sh
-
-COPY images/supervisor/ /etc/supervisor/conf.d/
-COPY images/docker/daemon.json /etc/docker/daemon.json
-
-VOLUME /var/lib/docker
-
-# No group definition, as that makes it harder to run docker.
-USER runner
-
-ENTRYPOINT ["/usr/local/bin/dumb-init", "--"]
-CMD ["startup.sh"]