Add multi-arch build workflows and update CI configurations

[rodneyosodo]

What type of PR is this?

What does this do?

Which issue(s) does this PR fix/relate to?

Have you included tests for your changes?

Did you document any new/modified features?

Notes

Signed-off-by: Rodney Osodo [email protected]

Summary by Sourcery

Introduce multi-architecture build and release workflows and extend Docker image publishing for multiple services and platforms.

Build:

• Add a matrix-based GitHub Actions build workflow to compile and archive binaries for multiple GOOS/GOARCH combinations and publish tagged releases to GitHub.
• Update CD workflow to build and push multi-arch Docker images for Go services and proplet variants using Buildx and QEMU, tagging images with latest and commit-based tags.
• Adjust Dockerfile to better support Buildx cross-compilation by wiring TARGETARCH/TARGETVARIANT into Go build args and making binary compression optional.
• Tidy Dependabot configuration formatting without changing behavior.

CI:

• Enable CI workflows on the feat/ci branch alongside main and support manual workflow dispatch for build and CD jobs.

Summary by CodeRabbit

• Chores

  • Fixed Dependabot configuration.

• New Features

  • Added automated multi-platform build and release pipeline producing and attaching architecture-specific binaries to releases.
  • Added multi-architecture Docker image publishing and per-service image artifacts (amd64, arm64, riscv64).
  • Expanded CI triggers and cross-compilation support for broader platform coverage.
  • HTTP client now enables Rustls TLS support.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Adds a new multi-platform build workflow, refactors CD into matrix Docker build/push jobs, fixes Dependabot config, updates Dockerfiles for cross-compilation across architectures, and enables rustls for reqwest in proplet.

Changes

Cohort / File(s)	Summary
Dependabot Configuration \.github/dependabot.yml	Removed an extraneous empty list item from the directories array for package-ecosystem: "gomod". No behavior changes otherwise.
GitHub Actions Workflows \.github/workflows/build.yml, \.github/workflows/cd.yml	Added build.yml (matrix Go builds, artifacts, release on tag). Refactored cd.yml to run on main and feat/ci, add REGISTRY/IMAGE_PREFIX, and replace a single make-based job with matrix docker-go, docker-proplet, and docker-proplet-wasinn jobs using docker/build-push-action@v6.
Go build Dockerfile docker/Dockerfile	Added ARG TARGETARCH/ARG TARGETVARIANT; defaulted GOARCH=${TARGETARCH}, derive conditional GOARM from TARGETVARIANT, run make $SVC with explicit GOARCH/GOARM; removed UPX and reduced packaging.
Proplet Dockerfile (Rust) docker/Dockerfile.proplet	Switched builder to --platform=$BUILDPLATFORM, added ARG TARGETARCH, install cross-toolchains, perform arch-dispatched cargo builds with fixed /proplet output, select wasmtime tarball per TARGETARCH, and removed UPX.
Proplet Cargo proplet/Cargo.toml	Enabled rustls-tls alongside json for the reqwest dependency features.

Sequence Diagram

sequenceDiagram
    autonumber
    participant GH as GitHub (event)
    participant GHA as GitHub Actions
    participant GoMatrix as Go build matrix
    participant PropletBuild as Proplet build jobs
    participant ArtifactStorage as Actions Artifacts
    participant Registry as Container Registry
    participant Release as Release job

    GH->>GHA: push / pull_request / tag / workflow_dispatch
    GHA->>GoMatrix: run matrix builds (manager/cli/proxy × arch)
    GoMatrix->>ArtifactStorage: upload `dist/**` artifacts
    GHA->>PropletBuild: run proplet matrix builds (cargo/docker per arch)
    PropletBuild->>Registry: build & push multi-arch images
    Note over GHA: if ref matches tag `v*`
    GHA->>Release: download artifacts, create GitHub Release with `dist/**`

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~65 minutes

Poem

🐇 I hopped through toolchains, targets, and tags,

Cross-compiled carrots packed in tidy bags,
Images pushed, artifacts found their roam,
A release burrow now welcomes them home,
My nose twitched—CI hums, and I nap beneath logs.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately captures the main changes: introduction of multi-arch build workflows and CI configuration updates across GitHub Actions workflows, Dockerfiles, and Dependabot configuration.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/ci

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sourcery-ai]

Reviewer's Guide

Adds a dedicated multi-architecture Go build/release workflow and restructures CD to build and push multi-arch Docker images (including proplet variants) to GHCR, while updating the main Dockerfile for buildx compatibility and cleaning up CI configs.

Sequence diagram for docker-go multi-arch image build and push

sequenceDiagram
  participant GitHub as GitHub
  participant Runner as Actions_runner
  participant QEMU as setup_qemu_action
  participant Buildx as setup_buildx_action
  participant DockerLogin as docker_login_action
  participant BuildPush as build_push_action
  participant GHCR as GitHub_Container_Registry

  GitHub->>Runner: Trigger docker-go job (matrix svc)
  Runner->>Runner: Checkout code
  Runner->>Runner: Compute build metadata
  Runner->>QEMU: Set up QEMU emulation
  Runner->>Buildx: Set up Docker Buildx builder
  Runner->>DockerLogin: Login to REGISTRY with GITHUB_TOKEN
  Runner->>BuildPush: Build and push multi-arch image for svc
  BuildPush->>GHCR: Push tags latest and commit

Loading

Flow diagram for multi-arch Dockerfile build process

flowchart TD
  Start[Start docker buildx build]
  ReadArgs[Read build args SVC, TARGETARCH, TARGETVARIANT, GOARCH, GOARM]
  SetGOARCH[Set GOARCH to TARGETARCH if GOARCH not provided]
  DeriveGOARM[Derive _goarm from GOARM or TARGETVARIANT without prefix v]
  RunMake[Run make SVC with GOARCH and optional GOARM]
  Compress[Run upx --best build/SVC and ignore failures]
  MoveExe[Move build/SVC to /exe]
  End[Create final image FROM scratch with /exe]

  Start --> ReadArgs
  ReadArgs --> SetGOARCH
  SetGOARCH --> DeriveGOARM
  DeriveGOARM --> RunMake
  RunMake --> Compress
  Compress --> MoveExe
  MoveExe --> End

Loading

File-Level Changes

Change	Details	Files
Introduce matrix-based multi-OS/arch Go build workflow with artifact upload and tagged GitHub release creation.	Add build workflow triggered on main pushes, tags, PRs, and manual dispatch Define a GOOS/GOARCH include matrix covering linux, darwin, windows, freebsd, netbsd, openbsd with specific arch combinations Build manager, cli, and proxy binaries per matrix entry into a dist directory with appropriate file extensions Upload per-matrix build artifacts and aggregate them into a GitHub Release when a v* tag is pushed	.github/workflows/build.yml
Refactor CD workflow to use GitHub Container Registry and buildx-based multi-arch Docker builds for core Go services and proplet images.	Extend push triggers to include feat/ci branch and define REGISTRY/IMAGE_PREFIX environment variables Replace single make-based Docker build job with a matrix job that builds/pushes manager, cli, and proxy images via docker/build-push-action using buildx/QEMU and multi-arch platforms Add dedicated jobs to build/push multi-arch proplet image and x86-only proplet wasi-nn image using separate Dockerfiles and GHCR tags Introduce structured image tagging with latest and commit-based tags and configure GitHub Actions cache for Docker builds	.github/workflows/cd.yml .github/workflows/build.yml docker/Dockerfile.proplet docker/Dockerfile.proplet-wasinn
Update main Go Dockerfile to be compatible with docker buildx multi-arch builds while preserving Makefile compatibility and making UPX compression optional.	Add TARGETARCH and TARGETVARIANT build args and default GOARCH to TARGETARCH for buildx compatibility Derive GOARM from TARGETVARIANT (e.g., v7 → 7) when GOARM is not explicitly provided Pass GOARCH and optional GOARM into make when building the selected service binary Wrap UPX compression so failures are ignored, allowing builds to succeed even if UPX is unavailable	docker/Dockerfile
Minor CI configuration cleanup for Dependabot.	Remove an extraneous empty list item from the Dependabot updates configuration block	.github/dependabot.yml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've found 3 issues, and left some high level feedback:

• The IMAGE_PREFIX/REGISTRY configuration in cd.yml is hardcoded to ghcr.io/rodneyosodo/propeller; consider deriving the image namespace from github.repository (or a single top-level variable) so the workflow remains reusable if the repo or owner changes.
• The Go toolchain versions are specified in multiple places (golang:1.26-alpine3.23 in Dockerfile and 1.25.8 in build.yml); aligning these to a single version source (and one that actually exists) will avoid subtle build differences between CI and container builds.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The IMAGE_PREFIX/REGISTRY configuration in cd.yml is hardcoded to ghcr.io/rodneyosodo/propeller; consider deriving the image namespace from `github.repository` (or a single top-level variable) so the workflow remains reusable if the repo or owner changes.
- The Go toolchain versions are specified in multiple places (golang:1.26-alpine3.23 in Dockerfile and 1.25.8 in build.yml); aligning these to a single version source (and one that actually exists) will avoid subtle build differences between CI and container builds.

## Individual Comments

### Comment 1
<location path=".github/workflows/build.yml" line_range="51" />
<code_context>
+      - name: Setup Go
+        uses: actions/setup-go@v6
+        with:
+          go-version: 1.25.8
+          cache-dependency-path: go.sum
+
</code_context>
<issue_to_address>
**issue (bug_risk):** The configured Go version `1.25.8` is likely invalid for `actions/setup-go` and may cause workflow failures.

`actions/setup-go` requires a valid released Go version or range, and `1.25.8` doesn’t match any current Go release, so the workflow will likely fail when resolving the toolchain. Please switch to a valid version (e.g. `1.22.x` or a specific released version) and align it with whatever Go version is used in your Docker image so CI and containers stay consistent.
</issue_to_address>

### Comment 2
<location path=".github/workflows/cd.yml" line_range="159" />
<code_context>
+          # OpenVINO backend is x86-only
+          platforms: linux/amd64
+          push: true
+          tags: ${{ env.IMAGE_PREFIX }}/proplet:wasi-nn
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
</code_context>
<issue_to_address>
**suggestion:** The wasi-nn image is only tagged with a static `wasi-nn` tag, which reduces traceability to specific builds.

Other Docker jobs tag images with both `latest` and a commit-derived tag so running images can be mapped back to the exact revision. Here you only publish a static `wasi-nn` tag. Please also add a commit SHA or version tag (as done in `proplet` and `docker-go` jobs), which may require adding the same metadata step to this job.

Suggested implementation:

```
      - name: Build and push
        uses: docker/build-push-action@v6
        with:
          context: .
          file: docker/Dockerfile.proplet-wasinn
          # OpenVINO backend is x86-only
          platforms: linux/amd64
          push: true
          tags: |
            ${{ env.IMAGE_PREFIX }}/proplet:wasi-nn
            ${{ env.IMAGE_PREFIX }}/proplet:wasi-nn-${{ github.sha }}

```

If other jobs in this workflow use a different tagging convention (e.g. `latest` + short SHA or tags generated via `docker/metadata-action`), you may want to align this block with that existing pattern. For example, if those jobs use `steps.meta.outputs.tags` from a metadata step, add a similar metadata step to this job and replace the hard-coded `tags:` block with `tags: ${{ steps.meta.outputs.tags }}` to keep the tagging strategy consistent across images.
</issue_to_address>

### Comment 3
<location path=".github/workflows/cd.yml" line_range="7" />
<code_context>
+  pull_request:
+    branches:
+      - main
+      - feat/ci
+  workflow_dispatch:
+
</code_context>
<issue_to_address>
**question (bug_risk):** Including the feature branch `feat/ci` in the CD workflow trigger may unintentionally publish production images from a non-main branch.

Since this workflow runs for both `main` and `feat/ci`, it will also publish images from the feature branch. That risks overwriting tags (e.g. `latest`) that are expected to reflect `main` only. If `feat/ci` is for experimentation, consider gating publish steps on `github.ref == 'refs/heads/main'` or removing `feat/ci` from the trigger once you’re done.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[llamapreview]

AI Code Review by LlamaPReview

🎯 TL;DR & Recommendation

Recommendation: Approve with suggestions

This PR introduces multi-arch builds with several minor architectural and maintainability suggestions, such as potential UPX compatibility issues and CI configuration sync risks.

🌟 Strengths

• Introduces robust multi-architecture build support for broader platform compatibility.
• Cleans up and modernizes CI configurations with GitHub Actions best practices.

Priority	File	Category	Impact Summary (≤12 words)	Anchors
P2	.github/workflows/cd.yml	Architecture	UPX may fail silently on RISC-V, causing inconsistent binary sizes.	path:docker/Dockerfile
P2	.github/workflows/cd.yml	Architecture	Registry change breaks existing deployment scripts without coordination.
P2	docker/Dockerfile	Maintainability	Complex GOARM derivation logic is brittle for edge cases.
P2	.github/workflows/build.yml	Testing	Release job not validated on feat/ci branch, risking breakage.
P2	docker/Dockerfile.proplet	Architecture	Dead riscv64 code in Dockerfile unsupported by CI platform.	path:.github/workflows/cd.yml

🔍 Notable Themes

• Several findings highlight the need for better synchronization between Dockerfile logic and CI job configurations to avoid dead code and maintenance hazards.

⚠️ **Unanchored Suggestions (Manual Review Recommended)**

The following suggestions could not be precisely anchored to a specific line in the diff. This can happen if the code is outside the changed lines, has been significantly refactored, or if the suggestion is a general observation. Please review them carefully in the context of the full file.

---

📁 File: docker/Dockerfile

The logic for deriving GOARM from TARGETVARIANT is clever but introduces complexity and a potential edge case. TARGETVARIANT for ARMv7 is typically v7. The ${TARGETVARIANT#v} operation correctly yields 7. However, if TARGETVARIANT is empty or set to a non-v-prefixed value (e.g., for another architecture or a future Docker buildx change), _goarm could be set to an empty string or an unexpected value. While the ${_goarm:+GOARM=${_goarm}} syntax prevents setting GOARM to an empty value, the derivation logic is brittle and its behavior for unsupported variants is not explicitly documented in the Dockerfile.

Suggestion:

# Consider adding a comment and explicit default.
# Example: For ARMv7, TARGETVARIANT is 'v7'. We strip the 'v' to get GOARM.
ARG _goarm=""
RUN if [ -n "${GOARM}" ]; then _goarm="${GOARM}"; \
    elif [ "${TARGETARCH}" = "arm" ] && [ -n "${TARGETVARIANT}" ]; then \
        _goarm="${TARGETVARIANT#v}"; \
    fi && \
    make $SVC GOARCH=${GOARCH} ${_goarm:+GOARM=${_goarm}}

Related Code:

ARG TARGETARCH
ARG TARGETVARIANT
ARG GOARCH=${TARGETARCH}
...
&& _goarm="${GOARM:-${TARGETVARIANT#v}}" \
&& make $SVC GOARCH=${GOARCH} ${_goarm:+GOARM=${_goarm}} \

---

---

💡 Have feedback? We'd love to hear it in our GitHub Discussions.
✨ This review was generated by LlamaPReview Advanced, which is free for all open-source projects. Learn more.

[coderabbitai]

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/workflows/cd.yml (1)

3-12: ⚠️ Potential issue | 🟠 Major

Don't publish stable tags from feat/ci.

With Line 7 enabled, every push to that branch writes the same :latest tags as main. If feat/ci is only for workflow testing, gate stable pushes to main or give non-main runs branch-qualified tags instead.

Also applies to: 67-69, 121-123

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/cd.yml around lines 3 - 12, The workflow currently
triggers pushes for both "main" and "feat/ci" under the on: push: branches list
which causes stable tags (e.g., :latest) to be published from the feature
branch; update the push triggers or tagging logic so only main produces stable
tags: either remove "feat/ci" from the branches list used for stable publishing
or add a conditional in the jobs that builds/pushes images to detect
github.ref_name (or github.ref) and append the branch name to tags when ref !=
"refs/heads/main" (so IMAGE_PREFIX-based tags become branch-qualified for
feat/ci). Apply this same change to the other publish/tagging sections
referenced (the blocks corresponding to lines 67-69 and 121-123).

🧹 Nitpick comments (1)

docker/Dockerfile (1)

3-20: Pin the Go builder to $BUILDPLATFORM.

This multi-arch path currently executes apk, make, and upx under the target architecture, so multi-platform builds incur the QEMU emulation penalty even though Go can cross-compile natively. Using FROM --platform=$BUILDPLATFORM keeps these RUN steps on the native builder while still allowing cross-compilation via TARGETARCH.

Suggested change

-FROM golang:1.26-alpine3.23 AS builder
+FROM --platform=$BUILDPLATFORM golang:1.26-alpine3.23 AS builder

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docker/Dockerfile` around lines 3 - 20, The Dockerfile's RUN steps (apk,
make, upx) are executed for the target architecture causing QEMU emulation;
update the builder stage to use the host build platform by adding or changing
the base image declaration to include --platform=$BUILDPLATFORM (e.g. FROM
--platform=$BUILDPLATFORM <builder-image>) so that ARGs like
TARGETARCH/TARGETVARIANT/GOARCH still control Go cross-compilation but package
manager and build tooling run natively; ensure this change is applied to the
builder stage that contains the RUN block which invokes apk, make and upx and
that existing ARGs (TARGETARCH, TARGETVARIANT, GOARCH, GOARM, VERSION, COMMIT,
TIME) and the WORKDIR/COPY/RUN sequence remain unchanged.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/cd.yml:
- Around line 151-159: The workflow step "Build and push" uses
docker/build-push-action@v6 and currently only pushes the mutable tag listed
under the tags key; add an immutable, commit- or version-qualified tag so the
wasi-nn image has a stable rollback/provenance tag (for example add a second tag
like ${{ env.IMAGE_PREFIX }}/proplet:wasi-nn:${{ github.sha }} or ${{
env.IMAGE_PREFIX }}/proplet:wasi-nn:${{ env.VERSION }}), keeping the existing
mutable tag as well and ensuring push: true remains set; update the tags entry
to a YAML list with both tags so both the human-friendly and the immutable tags
are pushed.

In `@docker/Dockerfile.proplet`:
- Around line 50-64: The Dockerfile currently downloads and extracts the
Wasmtime tarball using the WASMTIME_VERSION and WASMTIME_ARCH variables without
verifying integrity; update the RUN block to also download the corresponding
checksum or signature for the tarball (for the same
WASMTIME_VERSION/WASMTIME_ARCH), verify the tarball using sha256sum -c or a GPG
signature check, and fail the build if verification fails before running tar -xf
and mv; ensure the verification step removes the tarball on failure and cleans
up checksum/signature files after successful verification.

---

Outside diff comments:
In @.github/workflows/cd.yml:
- Around line 3-12: The workflow currently triggers pushes for both "main" and
"feat/ci" under the on: push: branches list which causes stable tags (e.g.,
:latest) to be published from the feature branch; update the push triggers or
tagging logic so only main produces stable tags: either remove "feat/ci" from
the branches list used for stable publishing or add a conditional in the jobs
that builds/pushes images to detect github.ref_name (or github.ref) and append
the branch name to tags when ref != "refs/heads/main" (so IMAGE_PREFIX-based
tags become branch-qualified for feat/ci). Apply this same change to the other
publish/tagging sections referenced (the blocks corresponding to lines 67-69 and
121-123).

---

Nitpick comments:
In `@docker/Dockerfile`:
- Around line 3-20: The Dockerfile's RUN steps (apk, make, upx) are executed for
the target architecture causing QEMU emulation; update the builder stage to use
the host build platform by adding or changing the base image declaration to
include --platform=$BUILDPLATFORM (e.g. FROM --platform=$BUILDPLATFORM
<builder-image>) so that ARGs like TARGETARCH/TARGETVARIANT/GOARCH still control
Go cross-compilation but package manager and build tooling run natively; ensure
this change is applied to the builder stage that contains the RUN block which
invokes apk, make and upx and that existing ARGs (TARGETARCH, TARGETVARIANT,
GOARCH, GOARM, VERSION, COMMIT, TIME) and the WORKDIR/COPY/RUN sequence remain
unchanged.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: e44d72b4-65d1-4d89-ae3c-1cfd74629c73

📥 Commits

Reviewing files that changed from the base of the PR and between a9fb66a and ba9de19.

📒 Files selected for processing (5)

• .github/dependabot.yml
• .github/workflows/build.yml
• .github/workflows/cd.yml
• docker/Dockerfile
• docker/Dockerfile.proplet

💤 Files with no reviewable changes (1)

• .github/dependabot.yml

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

docker/Dockerfile.proplet (1)

8-10: Unused build arguments: VERSION, COMMIT, TIME.

These arguments are declared and passed from the CI workflow but are never used in the cargo build command. If the intent is to embed version metadata into the binary, consider passing them via environment variables or Rust build flags (e.g., PROPLET_VERSION=$VERSION cargo build ...).

If version info is embedded through other means (e.g., Cargo.toml or build scripts), this can be ignored.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docker/Dockerfile.proplet` around lines 8 - 10, The Dockerfile declares ARG
VERSION, ARG COMMIT, and ARG TIME but never uses them; update the Dockerfile to
propagate those ARGs into environment variables and pass them to the build step
(e.g., after the ARG lines add ENV PROPLET_VERSION=$VERSION
PROPLET_COMMIT=$COMMIT PROPLET_TIME=$TIME and then ensure the RUN that invokes
cargo build picks up those env vars, or explicitly prefix the build:
PROPLET_VERSION=$VERSION PROPLET_COMMIT=$COMMIT PROPLET_TIME=$TIME cargo build
...); reference the existing ARG VERSION / ARG COMMIT / ARG TIME declarations
and the cargo build invocation when making the change.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docker/Dockerfile.proplet`:
- Around line 17-18: The comment claiming "upx is applied where supported (amd64
/ arm64); it silently skips others." is stale and misleading—remove that clause
(or replace it with a note that UPX is not installed/used) so the Dockerfile
comment accurately reflects current behavior; update the comment block
containing the cross-compilation description to only mention installed
toolchains and that UPX is not used if you wish to document it.

---

Nitpick comments:
In `@docker/Dockerfile.proplet`:
- Around line 8-10: The Dockerfile declares ARG VERSION, ARG COMMIT, and ARG
TIME but never uses them; update the Dockerfile to propagate those ARGs into
environment variables and pass them to the build step (e.g., after the ARG lines
add ENV PROPLET_VERSION=$VERSION PROPLET_COMMIT=$COMMIT PROPLET_TIME=$TIME and
then ensure the RUN that invokes cargo build picks up those env vars, or
explicitly prefix the build: PROPLET_VERSION=$VERSION PROPLET_COMMIT=$COMMIT
PROPLET_TIME=$TIME cargo build ...); reference the existing ARG VERSION / ARG
COMMIT / ARG TIME declarations and the cargo build invocation when making the
change.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 82aedb77-f382-463f-8c19-bfa58580bf4a

📥 Commits

Reviewing files that changed from the base of the PR and between ba9de19 and 34cb325.

📒 Files selected for processing (3)

• .github/workflows/build.yml
• docker/Dockerfile
• docker/Dockerfile.proplet

✅ Files skipped from review due to trivial changes (1)

• .github/workflows/build.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• docker/Dockerfile

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/build.yml:
- Around line 144-148: The mv commands run after "cd proplet && cargo build ..."
are using paths relative to the repository root and omit the Windows extension;
update both branches so the move uses paths relative to the proplet working
directory and includes ${ext}: after the cd, move
target/.../release/proplet${ext} to ../dist/proplet-${{ matrix.goos }}-${{
matrix.goarch }}${ext} (i.e., change "mv proplet/target/..." to "mv
target/.../release/proplet${ext} ../dist/proplet-...${ext}"), or alternatively
avoid cd entirely and run cargo in the proplet subdir while keeping mv source as
proplet/target/.../release/proplet${ext}; apply the same fix for both the
matrix-targeted and non-targeted branches.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 384e1f78-1770-4967-87c4-3bde2dafdaaa

📥 Commits

Reviewing files that changed from the base of the PR and between 34cb325 and 6c762a4.

📒 Files selected for processing (1)

• .github/workflows/build.yml