Conversation
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
The map.proto source had new fields (HexCoord, SeedPolicy, EnvironmentConfig, GenerationMode, PersistenceMode, StreamingHint, ReplicationHint, ResourceType, ContainerType, CraftingStationType) that were never reflected in the vendored map.rs. Regenerate with BUILD_PROTO=1 to sync vendored code with proto source of truth.
Workflow had no jobs: key (entire section was commented out), causing GitHub Actions to reject the YAML on every push to main. Added a minimal stub job so the workflow is valid until macOS VM is provisioned.
Contributor
Author
Dependency ReviewThe following issues were found:
Snapshot WarningsEnsure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice. License Issuespackage.json
apps/kbve/axum-kbve/Cargo.toml
OpenSSF Scorecard
Scanned Files
|
github-actions
Bot
changed the title
Adds a WebSocket-to-WebSocket VNC bridge in the axum backend and
integrates noVNC on the frontend for interactive remote desktop
access to KubeVirt virtual machines from the dashboard.
Backend (axum-kbve):
- New /dashboard/vm/vnc/{name} WebSocket endpoint
- Authenticates via JWT + DASHBOARD_VIEW permission (staff-only)
- Opens upstream WebSocket to K8s VNC subresource API
- Bidirectional frame relay using tokio::select! for concurrency
- VM name sanitization (alphanumeric + hyphens only)
- tokio-tungstenite added for upstream WebSocket client
Frontend (astro-kbve):
- ReactVMVncViewer rewritten with @novnc/novnc RFB client
- Full interactive desktop: keyboard, mouse, clipboard forwarding
- Toolbar: Ctrl+Alt+Del, virtual keyboard toggle, fullscreen
- Scale-to-fit viewport with quality/compression tuning
- vmService URL updated to use dedicated /vnc/ route
Navigation:
- VM dashboard added to sidebar under staff-only items
p3terx/aria2-pro requires root (s6-overlay) and fails with runAsNonRoot security context. Replace with alpine:3.21 + aria2c package — minimal, non-root, no s6/tracker bloat. aria2c runs directly with all config via command-line flags: 16 connections/server, auto-resume, 10 retries, falloc allocation.
Prevents staff from accidentally stopping a KubeVirt VM while a GitHub Actions CI job may be running on it. vmService changes: - VMInfo now tracks uptimeMinutes, runnerLabel, isKedaManaged, and mayHaveActiveJob computed from VMI creation timestamp and VM labels - KEDA-managed VMs detected via runner/github-actions-runner labels - mayHaveActiveJob is true when a KEDA VM has been running < 30 min (matches the idle shutdown CronJob threshold) ReactVMCards changes: - New banner on KEDA-managed VMs: amber warning when a job may be active, cyan info when idle/auto-managed - Shows runner label, uptime, and risk description - Stop/Restart buttons now show a confirmation dialog when mayHaveActiveJob is true, warning that stopping kills CI builds - VNC and Start buttons remain unguarded (safe operations)
github-actions
Bot
changed the title
* feat(kasm): scaffold VPN-tunneled KASM workspace namespace Add KASM ecosystem under apps/kube/kasm with: - Namespace + ArgoCD Application - Gluetun WireGuard sidecar + KASM desktop deployment (replicas: 0) - VPN secret placeholder (WireGuard config) - CiliumNetworkPolicy for egress lockdown (all traffic exits via VPN) - Service for cluster-internal access to KASM web UI on port 6901 Deployment starts scaled to 0 — set replicas to 1 after configuring the vpn-wireguard secret with a real WireGuard provider config. * feat(kasm): seal ProtonVPN WireGuard credentials + add seal script - Seal WireGuard config (ProtonVPN DE#214) as SealedSecret - Add seal-vpn-secret.sh for re-sealing if keys rotate - Remove plaintext vpn-secret.yaml placeholder * feat(kasm): switch to Discord image + add PVC for session persistence - Use kasmweb/discord:1.16.1 instead of generic desktop - Add 5Gi Longhorn PVC mounted at /home/kasm-user for browser profile - Discord session survives pod restarts (no re-login needed) * fix(kasm): update Discord image to 1.18.0-rolling-daily
…ss (#9375) Architecture: Browser → Ingress (TLS) → guacamole → guacd → ClusterIP → VM RDP (3389) RDP never exposed publicly. Single audited browser entry point. Components: - guacd: protocol proxy daemon (RDP/VNC/SSH translation) - guacamole: web frontend (Tomcat, connection management) - windows-builder-rdp Service: ClusterIP targeting VM on port 3389 - KEDA ScaledObjects: scale with UE5-Win jobs (0 idle, 1 active) - ArgoCD application: automated sync, selfHeal disabled for KEDA TODO stubs for: PostgreSQL backend, user-mapping.xml, HTTPRoute/Ingress
github-actions
Bot
changed the title
#9376) The lightyear_webtransport patch crate (which added ::new() and builder methods) was lost when other PRs merged. Revert to the upstream struct literal syntax which works without the patch.
github-actions
Bot
changed the title
github-actions
Bot
changed the title
github-actions
Bot
changed the title
h0lybyte
approved these changes
Mar 31, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Release: Dev → Main
15 atomic commits ready for main
Features
1bd97c8)f8b3845)e57b0e6)743be9a)Bug Fixes
951832e)8688ae8)bb6aebc)cee5ee2)Style
212ad4d)Chores
227ca26)2be990f)89d57b4)Other Changes
060d9c4)d679fde)48775b3)This PR is automatically maintained by CI — KBVE Studio