The talos patch was incorrectly replaced with pkgs-repo changes
(Pkgfile, kernel config). Restored the correct patch that modifies
hack/modules-arm64.txt in the talos checkout.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Regenerated patches to match current upstream checkouts:
- pkgs: updated kernel version, checksums, and config-arm64
- talos: reworked to patch Pkgfile, kernel config, and pkg.yaml
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add `scout` Makefile target that scans all 5 pushed images with
`docker scout quickview` and writes a summary to _out/scout-report.md
- Switch all CI workflow steps from `make` to `gmake` for GNU Make 4.x
- Add brew dependency step for make, gnu-sed, and crane
- Include CVE summary in Gitea release notes via jq JSON escaping
- Update `clean` target to remove _out/ directory
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The act_runner can't resolve Forgejo actions from Codeberg.
Use direct Gitea API calls for release creation and artifact
upload instead — simpler and no external dependencies.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Update workflows from linux/arm64 to macOS/arm64 runner labels.
Replace GitHub Actions for Docker setup with direct commands
compatible with Docker Desktop on macOS.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace DOCKERHUB_USERNAME/DOCKERHUB_TOKEN with the existing org-level
secrets. Use automatic GITHUB_TOKEN for Gitea release creation.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The image supports both RPi 5 and CM5 (same SoC/RP1), so talos-rpi5
is a better public-facing name. The internal build still produces
an installer image which gets retagged to svrnty/talos-rpi5:<tag>
in the release target.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
