Refactor release process: enable multi-arch, switch to Debian testing container and reset data repo

[igorpecovnik]

• Enable support for additional architectures (e.g. riscv64)
• Switch build container to Debian testing with fixed tag (stable lacks riscv64)
• Show architecture name instead of runner name in GitHub job logs
• Drop git history in data repository to retain only latest files

Closing #12
Closing #11
Closing #6

[coderabbitai]

Walkthrough

The changes enhance the GitHub Actions workflow to build Debian packages for two additional architectures, arm64 and riscv64, assigning specific runners for each and using a specified Docker image for the build environment. The workflow now dynamically sets the job display name based on the architecture, uploads build artifacts named by architecture, and introduces a new merge job that depends on the build job. This merge job checks out the repository at full depth, downloads and merges all architecture-specific artifacts, creates an orphan data branch, commits the artifacts, and force-pushes the branch. In parallel, the Debian package archive configuration file was updated to include arm64 and riscv64 in the supported architectures list. No changes were made to exported or public code entities; all updates are confined to the workflow and configuration files.

Suggested labels

ready to merge

Tip

⚡💬 Agentic Chat (Pro Plan, General Availability)

• We're introducing multi-step agentic chat in review comments and issue comments, within and outside of PR's. This feature enhances review and issue discussions with the CodeRabbit agentic chat by enabling advanced interactions, including the ability to create pull requests directly from comments and add commits to existing pull requests.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.github/workflows/build.yml (1)

44-44: Pin and validate the Docker image for reproducibility.

You added docker-image: debian:testing-20250407 to the build-deb-action. Verify that:

1. jtdor/build-deb-action@v1 supports a docker-image input.
2. The testing-20250407 tag won’t change unexpectedly.

For stronger reproducibility, consider pinning by digest (e.g., debian@sha256:<digest>).

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a945e30 and 4691148.

📒 Files selected for processing (1)

• .github/workflows/build.yml (3 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/build.yml

25-25: label "ubuntu-24.04-arm" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

🔇 Additional comments (2)

.github/workflows/build.yml (2)

13-13: Job name dynamically reflects architecture.

Using ${{ matrix.architecture }} in the name field makes it easy to identify which architecture each job build corresponds to in the Actions UI.

---

24-27: Verify runner labels for newly added architectures.

You've added arm64 and riscv64 to the matrix with runners ubuntu-24.04-arm and ubuntu-latest. Please make sure:

• A self‑hosted runner labeled ubuntu-24.04-arm is registered and online for both armhf and arm64.
• ubuntu-latest actually supports riscv64 or if you need a custom runner.

If these labels don’t exist, consider using composite labels (e.g., runs-on: [self-hosted, ubuntu-24.04, arm64]) or update your runner configuration.

🧰 Tools

🪛 actionlint (1.7.4)

25-25: label "ubuntu-24.04-arm" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.github/workflows/build.yml (1)

13-13: Use descriptive job names including resolved architecture
Right now the name is set to ${{ matrix.architecture }} which will show all for the amd64 builds. Consider displaying the actual host‐arch (e.g., amd64 when matrix.architecture == 'all') or prefixing with Build: for better clarity.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ff56194 and abd4ef0.

📒 Files selected for processing (1)

• .github/workflows/build.yml (4 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/build.yml

25-25: label "ubuntu-24.04-arm" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

🔇 Additional comments (4)

.github/workflows/build.yml (4)

24-27: Verify availability of custom runner labels
ubuntu-24.04-arm isn’t a standard GitHub‑hosted label. If you’re using self‑hosted runners, ensure your runners are registered with this exact label or update to use [self-hosted, linux, arm64] (or appropriate labels). Otherwise the jobs may never pick up.

🧰 Tools

🪛 actionlint (1.7.4)

25-25: label "ubuntu-24.04-arm" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

44-44: Pin Docker image to a fixed Debian testing snapshot
Specifying debian:testing-20250407 ensures consistency across runs. This aligns with your goal of using a fixed tag since stable doesn’t support riscv64.

---

56-61: Upload per‑architecture artifacts
Using actions/upload-artifact@v4 with if-no-files-found: ignore is a solid approach to collect build outputs without failing when certain matrix runs produce nothing.

---

63-73: Merge artifacts into a single repository
The new merge job correctly waits on all matrix runs, downloads artifacts with merge-multiple: true, and commits the consolidated pool/ and dists/ directories. This effectively centralizes the repo.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

.github/workflows/build.yml (2)

44-44: Pin Docker image by digest for reproducibility.
While using debian:testing-20250407 fixes the version, tags can be mutable. Consider pinning to a SHA256 digest to guarantee an immutable base image.

---

63-66: Add concurrency control to the merge job.
The merge job pushes to a shared data branch and may conflict if multiple workflow runs overlap. Add a concurrency block (with group) to serialize or automatically cancel in-flight merge jobs to prevent race conditions.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between abd4ef0 and 0c80679.

📒 Files selected for processing (1)

• .github/workflows/build.yml (4 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/build.yml

25-25: label "ubuntu-24.04-arm" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

⏰ Context from checks skipped due to timeout of 90000ms (2)

• GitHub Check: armhf
• GitHub Check: arm64

🔇 Additional comments (3)

.github/workflows/build.yml (3)

13-13: Dynamic job name improves clarity.
This change makes the build job display the architecture name, which enhances readability in the workflow UI.

---

32-32: Ensure shallow clone depth meets build requirements.
Setting fetch-depth: 1 speeds up checkout but may omit tags or history used by the build-deb-action or other scripts. Verify that the build does not rely on full history or tags before committing this change.

---

56-62: Upload artifacts per architecture.
The upload-artifact step correctly scopes artifacts to each matrix.architecture, ensuring builds remain isolated. The if-no-files-found: ignore guard is also a good touch.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0c80679 and a26643b.

📒 Files selected for processing (1)

• README.md (1 hunks)

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.github/workflows/build.yml (1)

13-13: Set dynamic job name—consider more descriptive naming
The job name is now set to \${{ matrix.architecture }}, which clearly shows the target architecture. For readability in workflows with many jobs, you might prefix it—for example:

name: Build ${{ matrix.architecture }}

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8d67fa1 and a906afc.

📒 Files selected for processing (1)

• .github/workflows/build.yml (4 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/build.yml

25-25: label "ubuntu-24.04-arm" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

⏰ Context from checks skipped due to timeout of 90000ms (2)

• GitHub Check: arm64
• GitHub Check: armhf

🔇 Additional comments (5)

.github/workflows/build.yml (5)

32-32: Shallow checkout for build stage
Reducing fetch-depth to 1 speeds up the checkout and is safe since you only need the latest commit for package building.

---

44-44: Pin Debian testing image with fixed date
Locking to debian:testing-20250407 ensures consistency across architectures. This aligns with the need to use Debian testing due to missing support in the stable release.

---

56-62: Artifact upload configuration looks solid
Uploading artifacts per architecture with if-no-files-found: ignore handles cases where no packages are produced (e.g., all includes multiple arches).

---

63-78: Merge job implementation and checkout on data branch
The new merge job correctly:

1. Waits for all build-debs matrix runs (needs: build-debs).
2. Checks out the data branch with full history (fetch-depth: 0).
3. Downloads and merges all artifacts-* uploads.
4. Commits and pushes only when there are changes.

Ensure that ${{ secrets.GITHUB_TOKEN }} has push rights on the data branch.

---

24-27:

❓ Verification inconclusive

Validate runner labels for RISC‑V and ARM64

• ubuntu-24.04-arm is correct for ARM64 (public preview), but Actionlint flags it as unknown; if this is a self‑hosted runner, update your actionlint.yaml to include that label.
• GitHub does not offer a Hosted RISC‑V runner. Using ubuntu-latest will execute on x64. If you need riscv64 builds, you must register a self‑hosted runner and use its label (e.g., self-hosted or a custom riscv64 label).

Run this to list your configured self-hosted runner labels:

---

🏁 Script executed:

#!/bin/bash
gh api /repos/${GITHUB_REPOSITORY}/actions/runners | jq '.runners[].labels[].name'

Length of output: 147

---

Validate and correct workflow runner labels
In .github/workflows/build.yml (lines 24–27):

- architecture: arm64
  runner: ubuntu-24.04-arm
- architecture: riscv64
  runner: ubuntu-latest

• ubuntu-24.04-arm is valid for ARM64 (public preview). If Actionlint flags it, add this label to your actionlint.yaml.
• GitHub does not offer a hosted RISC‑V runner—ubuntu-latest falls back to x64. To build for riscv64, register a self‑hosted runner and use its custom label (e.g., self-hosted or riscv64).

Please verify your self-hosted runner labels (ensure gh is authenticated and replace OWNER/REPO):

gh api /repos/OWNER/REPO/actions/runners --jq '.runners[].labels[].name'

Confirm you see the expected ARM64 and RISC‑V labels.

🧰 Tools

🪛 actionlint (1.7.4)

25-25: label "ubuntu-24.04-arm" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.github/workflows/build.yml (1)

81-82: Optional: make orphan-branch creation idempotent
Currently you always run git checkout --orphan data, which works but can be confusing if data already exists. Consider switching to the existing branch if present:

- git checkout --orphan data
+ git rev-parse --verify data \
+   && git checkout data \
+   || git checkout --orphan data

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a906afc and 8ab7cc7.

📒 Files selected for processing (1)

• .github/workflows/build.yml (4 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/build.yml

25-25: label "ubuntu-24.04-arm" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

⏰ Context from checks skipped due to timeout of 90000ms (2)

• GitHub Check: arm64
• GitHub Check: armhf

🔇 Additional comments (7)

.github/workflows/build.yml (7)

13-13: Dynamic job naming improves clarity
Renaming the job to ${{ matrix.architecture }} instead of the runner label makes it immediately clear which architecture is being built.

---

24-27: Verify runner labels for new architectures
You’ve added arm64 and riscv64 to the matrix with ubuntu-24.04-arm and ubuntu-latest respectively. According to actionlint, ubuntu-24.04-arm is not a known GitHub‑hosted label and there is no hosted RISC‑V runner.

• If you intend to use self‑hosted runners, ensure the labels (e.g., self-hosted, riscv64, linux) are correctly registered.
• Otherwise, switch to valid GitHub‑hosted labels or set up QEMU cross‑build support.

🧰 Tools

🪛 actionlint (1.7.4)

25-25: label "ubuntu-24.04-arm" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

32-32: Confirm fetch-depth reduction is safe
You’ve set fetch-depth: 1 on the checkout step to speed up clone times. Make sure no part of the build (tags, history-based versioning, reprepro metadata) relies on full history.

---

44-44: Pinning Debian testing image is appropriate
Switching to debian:testing-20250407 addresses the issue that stable doesn’t support riscv64. Pinning to a fixed tag locks in a known-good build environment.

---

56-62: Review artifact upload behavior
Uploading debian/artifacts/ per architecture is a solid approach. However, if-no-files-found: ignore may mask failures for certain arches. Confirm that skipping missing artifacts is intentional and won’t lead to silent data loss in the merge step.

---

63-78: Merge job correctly aggregates artifacts
The new merge job cleanly downloads all artifacts-* uploads with merge-multiple: true and prepares them for publishing. The dependency on build-debs and the use of fetch-depth: 0 ensure you have full history when creating the orphan branch.

---

88-88: Conditional commit logic is correct
Using git diff --cached --quiet || git commit --allow-empty ensures that you only create a commit when there are actual changes. This avoids unnecessary empty commits on repeated runs.

[leggewie]

Thank you for your work, @igorpecovnik.

Please drop the change to the README. I prefer the way it is currently. It is simpler to read. I understand you want to use the proper, new format but we ship that with armbian-common. If you want we might remove /etc/apt/sources.list.d/armbian-apa.list if present from armbian-common via postinst. That sounds like a good idea, but let's not overload this PR, please.

[leggewie]

Please drop this commit as per the reason given in the comment. At the very least, take it out of this PR for later merge if you believe it should be included.

[leggewie]

merge this with the previous commit that it partially reverts?

[igorpecovnik]

Please drop the change to the README. I prefer the way it is currently. It is simpler to read.

The problem with sources is that it won't work this way. When using latest Armbian (auto test image), it says that it can't find the key, but works this way). Also if this is placed to plain Debian (not Armbian), a key needs to be installed.

That's the reason I have fixed this.

[igorpecovnik]

I moved readme changes to separate PR.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

.github/workflows/build.yml (1)

24-27: ⚠️ Potential issue

Invalid runner for riscv64 architecture.
GitHub does not provide a hosted RISC‑V runner under ubuntu-latest. This configuration will execute the riscv64 build on an x86_64 machine, leading to build errors or incorrect packages. You must register and reference a self‑hosted RISC‑V runner (e.g., label self-hosted && riscv64) or implement QEMU-based cross-building within the container.

🧰 Tools

🪛 actionlint (1.7.4)

25-25: label "ubuntu-24.04-arm" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

🧹 Nitpick comments (4)

.github/workflows/build.yml (4)

13-13: Ensure job naming is descriptive.
The current job name uses only the architecture (${{ matrix.architecture }}), which can be ambiguous in the Actions UI. Consider prefixing it (for example, name: Build [${{ matrix.architecture }}]) to make it clear which job is running.

---

44-44: Pinned debian:testing image for reproducibility.
Locking the build container to debian:testing-20250407 ensures consistent build environments. Consider documenting or automating a regular schedule to update this date to pull in new dependency updates.

---

63-66: Prevent concurrent merges to data branch.
Parallel workflow runs may overwrite the data branch if they collide. Consider adding a concurrency block to serialize merge jobs. For example:

 jobs:
-  merge:
+  merge:
     name: "Merge artifacts"
     needs: build-debs
     runs-on: ubuntu-latest
+    concurrency:
+      group: 'merge-artifacts'
+      cancel-in-progress: false

---

87-88: Use safer force-push semantics.
Replacing --force with --force-with-lease helps prevent accidental overwrites if the remote data branch changes unexpectedly. For example:

- git push --force --set-upstream origin data
+ git push --force-with-lease --set-upstream origin data

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8ab7cc7 and c9fa225.

📒 Files selected for processing (1)

• .github/workflows/build.yml (4 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/build.yml

25-25: label "ubuntu-24.04-arm" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

🔇 Additional comments (5)

.github/workflows/build.yml (5)

32-32: Verify shallow clone depth.
Switching to fetch-depth: 1 speeds up the checkout but may omit tags or history used by dpkg-buildpackage or release scripts. Confirm that no tooling in the build relies on git history beyond the latest commit.

---

56-61: Upload artifacts correctly configured.
The artifact step names uploads by architecture and gracefully ignores missing files. This matches the multi‑arch strategy and requires no changes.

---

68-71: Checkout strategy is sound.
Using actions/checkout@v4 with fetch-depth: 0 provides the full repository history needed for the orphan branch creation. No issues detected here.

---

72-77: Artifacts download and merge configured correctly.
The actions/download-artifact step uses merge-multiple: true with the proper pattern to aggregate all architectures. This aligns with the intended behavior.

---

80-81: Orphan branch creation is appropriate.
Using git checkout --orphan data followed by git rm -rf --cached . cleanly resets the index for the new branch. This effectively drops history as intended.

[leggewie]

Please drop the change to the README. I prefer the way it is currently. It is simpler to read.

The problem with sources is that it won't work this way. When using latest Armbian (auto test image), it says that it can't find the key, but works this way). Also if this is placed to plain Debian (not Armbian), a key needs to be installed.

That's the reason I have fixed this.

OK, thank you for the explanation. Let's look into this in your other PR.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.github/workflows/build.yml (1)

44-44: Pin the build image for reproducibility
Consider using an immutable digest instead of a floating tag so future changes to debian:testing-20250407 don’t break your builds unexpectedly. For example:

- docker-image: debian:testing-20250407
+ docker-image: debian@sha256:<insert-specific-digest-here>

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c9fa225 and 28b5bb6.

📒 Files selected for processing (2)

• .github/workflows/build.yml (4 hunks)
• debian/artifacts/conf/distributions (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• debian/artifacts/conf/distributions

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/build.yml

25-25: label "ubuntu-24.04-arm" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

🔇 Additional comments (7)

.github/workflows/build.yml (7)

12-13: Use descriptive job names based on architecture
Setting the job name to ${{ matrix.architecture }} makes it much easier to distinguish build runs in the Actions UI.

---

32-32: Fetch only the latest commit for speed
Using fetch-depth: 1 greatly reduces clone time and is sufficient for package builds; full history is fetched later in the merge job.

---

56-61: Upload built artifacts per architecture
The actions/upload-artifact step correctly names each artifact folder by architecture and ignores missing files—good for matrix builds.

---

68-71: Merge job: checkout at full depth
Fetching full history (fetch-depth: 0) is appropriate here since you’re creating an orphan branch and need to clear the index cache.

---

72-77: Download and merge artifacts
Using pattern: artifacts-* with merge-multiple: true consolidates all architecture artifacts into a single directory—neat and efficient.

---

80-88: Commit and push updated data branch
The orphan-branch workflow, staged-diff check, and force-push ensure the data branch contains only the latest build outputs. Solid implementation.

---

24-27:

❓ Verification inconclusive

Verify runner labels for ARM64 and RISC‑V
The matrix assigns ubuntu-24.04-arm for arm64 and ubuntu-latest for riscv64. Ensure these labels exist and are appropriate:

• GitHub‑hosted ARM64 runners support ubuntu-24.04-arm (public preview), but you must confirm availability in your organization.
• There is no official GitHub‑hosted RISC‑V runner. For riscv64 builds, you’ll need to register and reference a self‑hosted runner (e.g., label it riscv64 or self-hosted,riscv64).

Also update your actionlint configuration if you’re using custom runner labels.

---

Verify runner labels for ARM64 and RISC‑V

In .github/workflows/build.yml (lines 24–27):

• ARM64: You’ve specified ubuntu-24.04-arm, which is currently in public preview. Confirm it’s enabled and available in your organization.
• RISC‑V: There is no GitHub‑hosted riscv64 runner under ubuntu-latest. You’ll need to register or use a self‑hosted runner (for example, label it self-hosted,riscv64).

If you use actionlint, update its configuration to recognize any custom runner labels you add.

🧰 Tools

🪛 actionlint (1.7.4)

25-25: label "ubuntu-24.04-arm" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)