- runs-on: arm64 (was talos-rpi5/macOS Mac Mini)
- replace Homebrew deps with native arm64 (crane+jq static binaries)
- gmake -> make across workflows and auto-update.sh
- guard Homebrew gnu-sed PATH in Makefile for Linux
- no QEMU/binfmt — builds are native arm64
- docs: TECHNICAL.md runner setup for ASUS GX10
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Force GRUB instead of sd-boot on arm64 and pass --no-nvram to
grub-install, working around the SetVariableRT firmware limitation
that prevents in-place upgrades on RPi5/CM5 hardware.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Docker Scout requires buildx-style provenance+SBOM, not cosign
attestations. Replace crane push with docker load + buildx build
(--provenance=mode=max --sbom=true) for the installer image. Use
buildx imagetools create for the release tag to preserve attestations.
Remove cosign/syft from CI.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Move CI/CD, runner setup, secrets, and project structure to
TECHNICAL.md. Streamline README as a user-facing guide with
install/upgrade instructions. Fix Docker badges for arm64.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Mathias Beaulieu-Duncan