Metaform · paullatzelsperger · May 15, 2026 · May 15, 2026
diff --git a/.github/workflows/build-docker.yaml b/.github/workflows/build-docker.yaml
@@ -52,20 +52,7 @@ jobs:
           version=$(grep '^jadVersion=' gradle.properties | cut -d'=' -f2)
           echo "version=${version}" >> "$GITHUB_OUTPUT"
 
-      - name: Build and push image
-        uses: docker/build-push-action@v7
-        with:
-          context: ./clearglass
-          file: ./clearglass/Dockerfile
-          push: true
-          tags: |
-            ghcr.io/${{ steps.repo.outputs.repo_lowercase }}/clearglass:latest
-            ghcr.io/${{ steps.repo.outputs.repo_lowercase }}/clearglass:${{ github.sha }}
-            ghcr.io/${{ steps.repo.outputs.repo_lowercase }}/clearglass:${{ steps.version.outputs.version }}
-          labels: |
-            org.opencontainers.image.source=https://github.com/${{ github.repository }}
-          platforms: linux/amd64,linux/arm64
-  build-and-push-java-runtimes:
+  build-and-push-runtime-images:
     if: ${{ github.event.workflow_run.conclusion == 'success' }}
     runs-on: ubuntu-latest
     strategy:

diff --git a/.github/workflows/e2e-tests.yaml b/.github/workflows/e2e-tests.yaml
@@ -50,8 +50,7 @@ jobs:
       - name: "Build runtime images"
         run: |-
           ./gradlew dockerize
-          docker buildx build -f clearglass/Dockerfile -t ghcr.io/metaform/jad/clearglass:latest clearglass
-
+
       - name: "Create k8s Kind Cluster"
         uses: helm/kind-action@v1.14.0
         with:
@@ -62,8 +61,7 @@ jobs:
           kind load docker-image -n jad ghcr.io/metaform/jad/controlplane:latest \
                                 ghcr.io/metaform/jad/dataplane:latest \
                                 ghcr.io/metaform/jad/identity-hub:latest \
-                                ghcr.io/metaform/jad/issuerservice:latest \
-                                ghcr.io/metaform/jad/clearglass:latest
+                                ghcr.io/metaform/jad/issuerservice:latest
 
 
       - name: "Install Traefik Gateway controller"

diff --git a/README.md b/README.md
@@ -214,13 +214,7 @@ layer.
 
 For now, we have to build and load it manually using the following commands:
 
-```shell
-docker buildx build -f clearglass/Dockerfile -t ghcr.io/metaform/jad/clearglass:latest clearglass
-kind load docker-image -n jad ghcr.io/metaform/jad/clearglass:latest
-```
-
-_Note that in a later evolution of JAD clearglass will be moved into its own repository which will make this step
-obsolete._
+Clearglass is available in the CFM project: https://github.com/eclipse-cfm/clearglass.
 
 ### 3. Deploy the services
 
@@ -472,7 +466,7 @@ Infrastructure services are not protected by the auth middleware and are only in
 
 ### Clearglass
 
-`clearglass` is a small sidecar service (`ghcr.io/metaform/jad/clearglass`) that acts as the authentication and
+`clearglass` is a small sidecar service (`ghcr.io/eclipse-cfm/clearglass`) that acts as the authentication and
 authorization enforcement point for all protected APIs. Traefik's `ForwardAuth` mechanism intercepts every inbound
 request and calls `clearglass`'s `/validate` endpoint before forwarding it to the backend.