feat(lxc/incus): GitHub artifact attestations config

[scop]

https://github.com/lxc/incus/attestations

Check List

• Read CONTRIBUTING.md
  • ⚠️ Avoid force push
  • ⚠️ Use argd s command when adding new packages
• Install and execute the package and confirm if the package works well

Summary by CodeRabbit

• New Features
  • Added support for Incus version 6.22.0 alongside existing 6.23.0 release
  • Implemented GitHub artifact attestation verification for enhanced security and package integrity validation

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ac47280a-9694-491a-9aa0-25ecd3c289c2

📥 Commits

Reviewing files that changed from the base of the PR and between b785486 and fd14a08.

📒 Files selected for processing (3)

• pkgs/lxc/incus/pkg.yaml
• pkgs/lxc/incus/registry.yaml
• registry.yaml

---

📝 Walkthrough

Walkthrough

Added support for Incus v6.22.0 and earlier versions (< 6.23.0) by introducing version-constrained asset entries in package registries. Configured GitHub artifact attestations with signer workflow for release artifacts. Includes OS/architecture name replacements (amd64→x86_64, arm64→aarch64, darwin→macos).

Changes

Cohort / File(s)	Summary
Package Version Declaration pkgs/lxc/incus/pkg.yaml	Added new package entry for lxc/incus with explicit version v6.22.0.
Registry Asset Mappings & Attestations pkgs/lxc/incus/registry.yaml, registry.yaml	Added version-constrained asset entry for versions < 6.23.0 targeting bin.{{.OS}}.incus.{{.Arch}} with platform/architecture replacements and raw format. Added GitHub artifact attestations signer workflow configuration to existing catch-all version constraint entry.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• feat(updatecli/updatecli): GitHub artifact attestations config #51053: Identical pattern of adding version-constrained asset mappings and github_artifact_attestations.signer_workflow to package manifests
• feat(spinel-coop/rv): GitHub artifact attestations config #49919: Similar approach of adding version-gated asset entries with OS/arch replacement mappings and attestation workflow configuration
• feat(owenlamont/ryl): GitHub artifact attestations config #49707: Related registry modifications using the same version-constrained asset mapping and attestation metadata patterns

Suggested labels

enhancement

Poem

🐰 A versioned hop through Incus land,
Where artifacts now firmly stand,
Old 6.22 finds its place,
With attestations keeping pace,
Cross-platform binaries embrace! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Description check	❓ Inconclusive	The description is incomplete. While it includes the checklist template and a reference link, it lacks substantive details explaining the purpose, scope, and rationale of the changes.	Provide a clear explanation of what GitHub artifact attestations are being added, why they're needed, and how they improve the package configuration.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly summarizes the main change: adding GitHub artifact attestations configuration for the lxc/incus package.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[suzuki-shunsuke]

Thank you!