Skip to content

Commit ac535c1

Browse files
syscod3syscod3
authored
feat: Firecracker v1.15.0, fix CI gitleaks, undraft releases on publish
* feat: update Firecracker to v1.15.0 * ci: re-trigger CI * fix: replace gitleaks-action with CLI (no license required for orgs) * fix: workflow_dispatch on CI, undraft release on publish, draft:false in release-please
1 parent 577d8cc commit ac535c1

5 files changed

Lines changed: 24 additions & 8 deletions

File tree

.github/workflows/ci.yml

Lines changed: 9 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ on:
55
branches: [main]
66
pull_request:
77
branches: [main]
8+
workflow_dispatch:
89

910
jobs:
1011
lint:
@@ -15,11 +16,15 @@ jobs:
1516
with:
1617
fetch-depth: 0
1718

19+
- name: Install gitleaks
20+
run: |
21+
GITLEAKS_VERSION=$(curl -sf https://api.github.com/repos/gitleaks/gitleaks/releases/latest \
22+
| grep '"tag_name"' | cut -d'"' -f4)
23+
curl -sfL "https://github.com/gitleaks/gitleaks/releases/download/${GITLEAKS_VERSION}/gitleaks_${GITLEAKS_VERSION#v}_linux_x64.tar.gz" \
24+
| tar -xz -C /usr/local/bin gitleaks
25+
1826
- name: Gitleaks secret scan
19-
# v2.3.9
20-
uses: gitleaks/gitleaks-action@ff98106e4c7b2bc287b24eaf42907196329070c7
21-
env:
22-
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
27+
run: gitleaks detect --source . --redact
2328

2429
- name: Hadolint
2530
uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf

.github/workflows/release.yml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@ jobs:
1515
runs-on: ubuntu-latest
1616
permissions:
1717
packages: write
18+
contents: write
1819

1920
steps:
2021
- # v4.3.1
@@ -47,6 +48,15 @@ jobs:
4748
${{ env.IMAGE }}:${{ github.ref_name }}
4849
${{ env.IMAGE }}:latest
4950
51+
- name: Publish GitHub release (undraft)
52+
env:
53+
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
54+
run: |
55+
gh release edit "${{ github.ref_name }}" \
56+
--repo "${{ github.repository }}" \
57+
--draft=false
58+
continue-on-error: true
59+
5060
- name: Dispatch talos-images rebuild
5161
env:
5262
GH_TOKEN: ${{ secrets.TALOS_IMAGES_DISPATCH_TOKEN }}

Dockerfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,9 @@
22
# Talos system extension: packages Firecracker + Jailer for Talos Linux nodes.
33
# Ref: https://www.talos.dev/latest/talos-guides/configuration/system-extensions/
44

5-
ARG FIRECRACKER_VERSION=v1.9.0
6-
ARG FIRECRACKER_SHA256_X86_64=95c13740c7ca1a6dfb40e0f51cd0a9eefee1f223cd2c3538755d03c3a9ba5237
7-
ARG FIRECRACKER_SHA256_AARCH64=c5564e76dec2b8e8092c52f0f8a4c5f45cf31791e95a9302f4360a771df78f69
5+
ARG FIRECRACKER_VERSION=v1.15.0
6+
ARG FIRECRACKER_SHA256_X86_64=00cadf7f21e709e939dc0c8d16e2d2ce7b975a62bec6c50f74b421cc8ab3cab4
7+
ARG FIRECRACKER_SHA256_AARCH64=58325e6c3c539482a412ec0b60e6f539c3320adebcf8179c7629d06736aee0bd
88

99
# -- download stage -----------------------------------------------------------
1010
FROM --platform=${BUILDPLATFORM} alpine:3.21 AS download

manifest.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
version: v1alpha1
22
metadata:
33
name: firecracker
4-
version: 1.10.1
4+
version: 1.15.0
55
author: syscode-labs
66
description: Firecracker microVM and Jailer binaries for Talos Linux
77
compatibility:

release-please-config.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
"release-type": "simple",
66
"package-name": "talos-ext-firecracker",
77
"include-v-in-tag": true,
8+
"draft": false,
89
"changelog-path": "CHANGELOG.md",
910
"extra-files": [
1011
{

0 commit comments

Comments
 (0)