svrnty/talos-rpi5
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 26 Wiki Activity
Files
7d1bb1fbef43956ada97f46161d4e29dd8396d4b
talos-rpi5/.gitea/workflows/check-updates.yaml
T
Mathias Beaulieu-Duncan 238a814d61
Build Talos CM5 Image / build (push) Failing after 9s
Details
ci: run pipeline natively on arm64 act runners 
- runs-on: arm64 (was talos-rpi5/macOS Mac Mini)
- replace Homebrew deps with native arm64 (crane+jq static binaries)
- gmake -> make across workflows and auto-update.sh
- guard Homebrew gnu-sed PATH in Makefile for Linux
- no QEMU/binfmt — builds are native arm64
- docs: TECHNICAL.md runner setup for ASUS GX10

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-16 09:54:19 -04:00

127 lines
5.0 KiB
YAML
Raw Blame History

# Daily upstream update check with auto-build
#
# Detects new Talos OS and RPi kernel versions, applies updates,
# smoke-tests patches, and pushes a release tag (which triggers build.yaml).
# Falls back to creating a Gitea issue if patches fail to apply.
name: Check Upstream Updates
on:
schedule:
- cron: '0 8 * * *' # Daily at 08:00 UTC
workflow_dispatch:
jobs:
check-and-build:
runs-on: arm64
timeout-minutes: 15
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0 # Need full history for tag-based build numbering
- name: Install dependencies
run: |
# Native arm64 host — make, sed, git come from the host.
# Only crane + jq are fetched (static arm64 binaries, no sudo, no QEMU).
mkdir -p "$HOME/.local/bin"
echo "$HOME/.local/bin" >> "$GITHUB_PATH"
export PATH="$HOME/.local/bin:$PATH"
if ! command -v crane >/dev/null 2>&1; then
curl -fsSL https://github.com/google/go-containerregistry/releases/latest/download/go-containerregistry_Linux_arm64.tar.gz \
| tar -xz -C "$HOME/.local/bin" crane
fi
if ! command -v jq >/dev/null 2>&1; then
curl -fsSL https://github.com/jqlang/jq/releases/latest/download/jq-linux-arm64 -o "$HOME/.local/bin/jq"
chmod +x "$HOME/.local/bin/jq"
fi
- name: Check for upstream updates
id: check
run: |
chmod +x scripts/check-upstream.sh
scripts/check-upstream.sh >> "$GITHUB_OUTPUT"
- name: Run auto-update
if: steps.check.outputs.talos_update == 'true' || steps.check.outputs.rpi_update == 'true'
id: update
env:
TALOS_UPDATE: ${{ steps.check.outputs.talos_update }}
RPI_UPDATE: ${{ steps.check.outputs.rpi_update }}
LATEST_TALOS: ${{ steps.check.outputs.talos_latest }}
LATEST_RPI_TAG: ${{ steps.check.outputs.rpi_latest }}
run: |
chmod +x scripts/auto-update.sh
scripts/auto-update.sh >> "$GITHUB_OUTPUT"
- name: Commit and tag
if: steps.update.outputs.patch_failed != 'true' && steps.update.outputs.new_tag != ''
env:
NEW_TAG: ${{ steps.update.outputs.new_tag }}
run: |
git config user.name "Gitea Actions"
git config user.email "actions@openharbor.io"
git add -A
git commit -m "Bump upstream: ${NEW_TAG}"
git tag "$NEW_TAG"
git push origin main --tags
- name: Create issue on patch failure
if: steps.update.outputs.patch_failed == 'true'
env:
GITEA_TOKEN: ${{ secrets.GITHUB_TOKEN }}
TALOS_CURRENT: ${{ steps.check.outputs.talos_current }}
TALOS_LATEST: ${{ steps.check.outputs.talos_latest }}
TALOS_UPDATE: ${{ steps.check.outputs.talos_update }}
RPI_CURRENT: ${{ steps.check.outputs.rpi_current }}
RPI_LATEST: ${{ steps.check.outputs.rpi_latest }}
RPI_UPDATE: ${{ steps.check.outputs.rpi_update }}
run: |
GITEA_URL="${GITHUB_SERVER_URL}"
REPO="${GITHUB_REPOSITORY}"
API="${GITEA_URL}/api/v1"
BODY="## Upstream update requires manual patch porting
Automated patch application failed. Manual intervention needed.
| Component | Current | Latest | Update? |
|-----------|---------|--------|---------|
| Talos | \`${TALOS_CURRENT}\` | \`${TALOS_LATEST}\` | ${TALOS_UPDATE} |
| RPi kernel | \`${RPI_CURRENT}\` | \`${RPI_LATEST}\` | ${RPI_UPDATE} |
### Steps
1. Check out this repo and run \`scripts/auto-update.sh\` to see what fails
2. Port patches to the new upstream version
3. Verify: \`make checkouts patches && make checkouts-clean\`
4. Push changes — the next scheduled run will pick them up
### Links
- [Talos Releases](https://github.com/siderolabs/talos/releases)
- [RPi Linux Tags](https://github.com/raspberrypi/linux/tags)"
# Strip leading whitespace from heredoc-style indentation
BODY=$(echo "$BODY" | sed 's/^ //')
BODY_JSON=$(jq -Rs '.' <<< "$BODY")
# Check for existing open issue to avoid duplicates
EXISTING=$(curl -sf \
-H "Authorization: token ${GITEA_TOKEN}" \
"${API}/repos/${REPO}/issues?state=open&type=issues&labels=upstream-update" \
| jq -r '[.[] | select(.title | contains("manual patch"))][0].id // empty')
if [ -n "$EXISTING" ]; then
echo "Issue already exists (id: $EXISTING), skipping creation"
exit 0
fi
curl -sf -X POST \
-H "Authorization: token ${GITEA_TOKEN}" \
-H "Content-Type: application/json" \
-d "{\"title\":\"Upstream update requires manual patch porting\",\"body\":${BODY_JSON},\"labels\":[\"upstream-update\"]}" \
"${API}/repos/${REPO}/issues"
echo "Created issue for manual patch porting"
Reference in New Issue View Git Blame Copy Permalink