From 53268a1564b6f9307b6d0bea407277ec12682818 Mon Sep 17 00:00:00 2001 From: Adolfo Delorenzo Date: Fri, 15 May 2026 22:46:12 -0600 Subject: [PATCH] docs: roll README + CHANGELOG forward past v0.3.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit README: - Status line bumped from v0.3.0 to v0.3.1 with the actually-validated framing (K8s Ready under QEMU virt+HVF, CoreDNS + local-path + nginx all Running) and a link to CHANGELOG.md for full notes. - Roadmap: Phase 7 (generic ARM64) flipped to "Complete (v0.3.1, K8s Ready under QEMU virt+HVF)". OCI cosign verification, LABEL=KSOLODATA on ARM64, and real-hardware ARM64 validation move from "Planned for v0.3.1" to "Planned for v0.3.2" — they didn't make this release. CHANGELOG: - New "[Unreleased]" section covering the four post-v0.3.1 CI / repo housekeeping commits: drop tag trigger on build-arm64.yaml (04a5cd2), gitignore .env/credentials (48267e1), fix gated x86 job staying "queued" instead of "skipped" (fb24e64), and paths-ignore on build-arm64.yaml so workflow/docs-only commits skip the 60-minute kernel rebuild (e1b8a69). No runtime changes. Co-Authored-By: Claude Opus 4.7 --- CHANGELOG.md | 33 +++++++++++++++++++++++++++++++++ README.md | 10 +++++----- 2 files changed, 38 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7dce4bf..ff08660 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,39 @@ All notable changes to KubeSolo OS are documented in this file. Format based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), versioning follows [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [Unreleased] + +Pure CI / repository housekeeping; no runtime changes since v0.3.1. All +items below shake out workflow-loop bugs exposed by the v0.3.1 release +flow on Gitea Actions. + +### Fixed (CI) + +- `build-arm64.yaml` no longer triggers on tag pushes. `release.yaml` + already produces the ARM64 disk image as part of the release flow, so + triggering both on the same tag wasted an hour of Odroid runner time + on a duplicate kernel build. (`04a5cd2`) +- The gated `build-iso-amd64` job in `release.yaml` (`if: false` until an + amd64-linux runner exists) used to advertise `runs-on: amd64-linux`. + With no matching runner, Gitea left the job queued forever and the + overall workflow run never transitioned to `success` — even though + every load-bearing job had finished and the release was already + published. Now uses `runs-on: ubuntu-latest` so any runner picks the + job up just long enough to evaluate `if: false` and mark it `skipped`. + (`fb24e64`) +- `build-arm64.yaml` now ignores workflow-file, docs, and `*.md` changes + via `paths-ignore` (`.gitea/workflows/**`, `.github/workflows/**`, + `docs/**`, top-level `*.md`, `.gitignore`). Workflow- / docs-only + commits no longer kick off a 60-minute kernel rebuild on the Odroid. + Any change to a kernel fragment, init script, or build script still + triggers the full build, as intended. (`e1b8a69`) + +### Changed + +- `.gitignore` now excludes `.env`, `.env.*`, `*.token`, `*.pat` to keep + Gitea PATs and other credentials used during release ops from being + accidentally committed. (`48267e1`) + ## [0.3.1] - 2026-05-15 First fully-functional generic ARM64 release. v0.3.0 shipped the build diff --git a/README.md b/README.md index b3df3dc..0ce447f 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ An immutable, bootable Linux distribution purpose-built for [KubeSolo](https://github.com/portainer/kubesolo) — Portainer's ultra-lightweight single-node Kubernetes. -> **Status (v0.3.0):** x86_64 and generic ARM64 (UEFI / virtio / mainline kernel) both build and boot end-to-end. Update agent has an explicit state machine, OCI registry distribution alongside HTTP, channel + maintenance-window + version-stepping-stone gates, and auto-rollback. ARM64 Raspberry Pi support remains paused pending physical hardware. See [docs/release-notes-0.3.0.md](docs/release-notes-0.3.0.md) for the full v0.3.0 changelog. +> **Status (v0.3.1):** First fully-validated generic ARM64 release. x86_64 and ARM64 (UEFI / virtio / mainline kernel) both build and boot end-to-end; v0.3.1 closes the dual-glibc, nftables address-family, and kube-proxy expression-module gaps that kept v0.3.0 from reaching a Ready node on ARM64. Validated end-to-end under QEMU virt + HVF on Apple Silicon: `kubectl get nodes` reports `Ready`, CoreDNS, local-path-provisioner, and an nginx test workload all `Running`. The update agent has an explicit state machine, OCI registry distribution alongside HTTP, channel + maintenance-window + version-stepping-stone gates, and auto-rollback. ARM64 Raspberry Pi support remains paused pending physical hardware. See [CHANGELOG.md](CHANGELOG.md) for the full v0.3.1 changelog and [docs/release-notes-0.3.0.md](docs/release-notes-0.3.0.md) for the v0.3.0 milestone summary. ## What is this? @@ -245,12 +245,12 @@ Metrics include: `kubesolo_os_info`, `boot_success`, `boot_counter`, `uptime_sec | 5 | CI/CD, OCI distribution, Prometheus metrics, ARM64 cross-compile | Complete | | 6 | Security hardening, AppArmor | Complete | | - | Custom kernel build for container runtime fixes | Complete (x86_64) | -| 7 | ARM64 generic (mainline kernel, UEFI, virtio) | Complete (v0.3.0, QEMU validated) | +| 7 | ARM64 generic (mainline kernel, UEFI, virtio) | Complete (v0.3.1, K8s Ready under QEMU virt+HVF) | | 8 | Update engine v2 (state machine, channels, OCI, pre-flight gates) | Complete (v0.3.0) | | - | ARM64 Raspberry Pi (custom kernel, firmware, SD card image) | Paused — needs hardware | -| - | OCI cosign signature verification | Planned for v0.3.1 | -| - | LABEL=KSOLODATA on ARM64 (replace blkid/findfs path) | Planned for v0.3.1 | -| - | Real-hardware ARM64 validation (Graviton / Ampere) | Planned for v0.3.1 | +| - | OCI cosign signature verification | Planned for v0.3.2 | +| - | LABEL=KSOLODATA on ARM64 (replace blkid/findfs path) | Planned for v0.3.2 | +| - | Real-hardware ARM64 validation (Graviton / Ampere) | Planned for v0.3.2 | ## License