Add CrunchTools containerization (forked MCP server profile)

Custom Containerfile using Hummingbird Node.js 22 base with yt-dlp
standalone binary, GHA workflow for Quay.io builds, and per-repo
constitution. Sentry instrumentation removed.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: fatherlinux

.github/workflows/container.yml

@@ -0,0 +1,67 @@
+name: Container Build & Push
+
+on:
+  push:
+    branches: [main]
+    tags: ["v*"]
+  pull_request:
+    branches: [main]
+  workflow_dispatch:
+
+env:
+  QUAY_IMAGE: quay.io/crunchtools/transcriptor
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to Quay.io
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_USERNAME }}
+          password: ${{ secrets.QUAY_PASSWORD }}
+
+      - name: Extract metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.QUAY_IMAGE }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=raw,value=latest,enable={{is_default_branch}}
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./Containerfile
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Run Trivy vulnerability scanner
+        continue-on-error: true
+        if: github.event_name != 'pull_request'
+        uses: aquasecurity/trivy-action@0.34.1
+        with:
+          image-ref: ${{ env.QUAY_IMAGE }}:latest
+          format: "table"
+          exit-code: "0"
+          severity: "CRITICAL,HIGH"
+          version: "v0.68.2"

.specify/memory/constitution.md

@@ -0,0 +1,25 @@
+# transcriptor Constitution
+
+> **Version:** 1.0.0
+> **Ratified:** 2026-03-25
+> **Status:** Active
+> **Inherits:** [crunchtools/constitution](https://github.com/crunchtools/constitution) v1.4.0
+> **Profile:** Forked MCP Server
+
+## Upstream
+
+- **Source:** https://github.com/samson-art/transcriptor-mcp
+- **License:** MIT
+- **Forked at:** v0.6.8
+
+## Deployment
+
+- **Port:** 8022
+- **Env file:** ~/.config/mcp-env/transcriptor.env
+- **Credentials:** WHISPER_API_BASE_URL, MCP_PORT, MCP_HOST, WHISPER_MODE
+
+## Patches
+
+- Custom Containerfile using Hummingbird Node.js base (upstream uses node:20-slim)
+- Sentry instrumentation removed (no instrument.js import)
+- yt-dlp installed as standalone binary (no Python/Deno in image)

Containerfile

@@ -0,0 +1,41 @@
+# Upstream: https://github.com/samson-art/transcriptor-mcp
+# License: MIT
+# Build:   podman build -f Containerfile -t quay.io/crunchtools/transcriptor .
+# Run:     podman run --rm --network host -e MCP_PORT=8022 quay.io/crunchtools/transcriptor
+
+# --- Build stage ---
+FROM quay.io/hummingbird/nodejs:22-builder AS builder
+WORKDIR /app
+COPY package*.json ./
+RUN npm ci
+COPY . .
+RUN npm run build
+
+# Download yt-dlp standalone binary (includes bundled Python — no system Python needed)
+RUN curl -L https://github.com/yt-dlp/yt-dlp/releases/latest/download/yt-dlp_linux \
+    -o /tmp/yt-dlp && chmod +x /tmp/yt-dlp
+
+# --- Runtime stage ---
+FROM quay.io/hummingbird/nodejs:22
+
+LABEL name="transcriptor" \
+      summary="MCP server for YouTube/video transcript extraction" \
+      maintainer="crunchtools.com" \
+      url="https://github.com/crunchtools/transcriptor" \
+      org.opencontainers.image.source="https://github.com/crunchtools/transcriptor" \
+      org.opencontainers.image.licenses="MIT"
+
+WORKDIR /app
+
+# Copy yt-dlp standalone binary from builder
+COPY --from=builder /tmp/yt-dlp /usr/local/bin/yt-dlp
+
+COPY package*.json ./
+RUN npm ci --omit=dev --ignore-scripts && npm cache clean --force
+COPY --from=builder /app/dist ./dist
+
+EXPOSE 8000
+
+# Skip instrument.js (Sentry telemetry) — run mcp-http.js directly
+ENTRYPOINT ["node"]
+CMD ["dist/mcp-http.js"]