chore(ci): try Shipfox

[mdelapenya]

What does this PR do?

Try Shipfox, basically just by changing the job runners for all the pipelines.

Why is it important?

They are sponsoring the development of the OSS libraries, so I think it's a great chance to demonstrate kindness with the project.

FYI, in case you want to use it, you have 3,000 free minutes each month!

[netlify]

✅ Deploy Preview for testcontainers-go ready!

Name	Link
🔨 Latest commit	dc80f4e
🔍 Latest deploy log	https://app.netlify.com/projects/testcontainers-go/deploys/69cd02ceb9bcda0008afc5be
😎 Deploy Preview	https://deploy-preview-3268--testcontainers-go.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

Summary by CodeRabbit

• Chores
  • Switched CI workflows to a new default runner across multiple pipelines (build, test, analysis, release and related jobs). Platform inputs and conditional gating were aligned with the new runner where applicable. No functional behavior, job logic, or step actions were changed.

Walkthrough

Multiple GitHub Actions workflow files were updated to replace runner/platform labels from ubuntu-latest to shipfox-2vcpu-ubuntu-2404. Platform matrix entries and conditionals referencing the old label were adjusted where present. No workflow steps or control flow logic were altered.

Changes

Cohort / File(s)

Summary

GitHub Actions workflow runner updates .github/workflows/ci-lint-go.yml, .github/workflows/ci-test-go.yml, .github/workflows/ci-windows-trigger.yml, .github/workflows/ci.yml, .github/workflows/codeql.yml, .github/workflows/conventions.yml, .github/workflows/docker-projects-latest.yml, .github/workflows/release-drafter.yml, .github/workflows/scorecards.yml, .github/workflows/sonar-bulk-operations.yml, .github/workflows/sonar-create-project.yml, .github/workflows/sonar-delete-project.yml, .github/workflows/usage-metrics.yml

Replaced runs-on / default platforms values from ubuntu-latest to shipfox-2vcpu-ubuntu-2404. Updated any matrix conditionals checking for the old platform. No other steps, job names, or control flow changes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐇 I hopped through YAML with nimble paws,
Swapped ubuntu tags without a pause.
Shipfox now hums where jobs once sat,
Pipelines shuffle—immediately pat.
🥕

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'chore(ci): try Shipfox' directly relates to the main changeset, which updates all CI workflow runners to use Shipfox instead of ubuntu-latest and other defaults.
Description check	✅ Passed	The description clearly explains the changes (updating job runners to use Shipfox) and the rationale (Shipfox is sponsoring the OSS development), which aligns with the changeset modifications.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Remove either required: true or the default value.

The platforms input is marked as required: true but also has a default value. If an input is required, its default value will never be used since callers must always provide a value. This creates confusion about the intended behavior.

🔎 Recommended fix

Choose one approach:

Option 1: Remove the default if the value must always be explicitly provided:

       platforms:
         required: true
         type: string
-        default: "shipfox-2vcpu-ubuntu-2404"
         description: "The platforms in which the project will be run"

Option 2: Remove required: true if the default should be used when not specified:

       platforms:
-        required: true
+        required: false
         type: string
         default: "shipfox-2vcpu-ubuntu-2404"
         description: "The platforms in which the project will be run"

Based on the workflow design where callers explicitly provide platform matrices (see ci.yml lines 72, 95, 116, 137), Option 1 appears more appropriate.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	default: "shipfox-2vcpu-ubuntu-2404"
	platforms:
	required: true
	type: string
	description: "The platforms in which the project will be run"

🧰 Tools

🪛 actionlint (1.7.9)

14-14: input "platforms" of workflow_call event has the default value "shipfox-2vcpu-ubuntu-2404", but it is also required. if an input is marked as required, its default value will never be used

(events)

🤖 Prompt for AI Agents

In .github/workflows/ci-test-go.yml around line 14, the `platforms` input is
marked `required: true` while also providing a default value; remove this
contradiction by deleting the default value so callers must explicitly provide
platforms (Option 1), or alternatively remove `required: true` if you want the
default to be used; based on existing callers, remove the default value to
enforce explicit input.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

cat -n .github/workflows/ci.yml | head -160

Repository: testcontainers/testcontainers-go

Length of output: 6552

---

🏁 Script executed:

#!/bin/bash
# Check for Ubuntu version references in codebase
echo "=== Checking for Ubuntu version references ==="
rg "ubuntu-2[0-9]|jammy|noble" --type yaml --type sh --type toml --type md -n

echo -e "\n=== Checking for Docker version constraints ==="
rg "docker.*version|DOCKER_VERSION|DOCKER_BUILDKIT" -n --type yaml --type sh --type toml

echo -e "\n=== Checking for kernel version or system-specific constraints ==="
rg "uname|kernel.*version|lsb_release" -n --type yaml --type sh

Repository: testcontainers/testcontainers-go

Length of output: 444

---

🏁 Script executed:

# Check if there are any known issues or compatibility notes for Ubuntu 24.04 in docs
echo "=== Checking for compatibility notes or setup documentation ==="
find . -maxdepth 2 -type f \( -name "README*" -o -name "SETUP*" -o -name "*.md" \) | head -10 | xargs grep -l "ubuntu\|docker\|24.04\|noble" 2>/dev/null | head -5

Repository: testcontainers/testcontainers-go

Length of output: 147

---

🏁 Script executed:

#!/bin/bash
# Check for other CI workflow files
echo "=== Other workflow files ==="
find .github/workflows -type f -name "*.yml" -o -name "*.yaml" | sort

echo -e "\n=== Check for README or infrastructure docs ==="
find . -maxdepth 2 -type f \( -name "README*" -o -name "CONTRIBUTING*" -o -name "*INFRA*" \) | head -10

echo -e "\n=== Look for any documentation on runners or CI ==="
find . -type f -name "*.md" | xargs grep -l "shipfox\|runner\|ubuntu.*24" 2>/dev/null | head -5

Repository: testcontainers/testcontainers-go

Length of output: 953

---

🏁 Script executed:

# Check ci-test-go.yml to understand how the platform parameter is used
echo "=== Checking ci-test-go.yml for platform usage ==="
cat .github/workflows/ci-test-go.yml | head -100

Repository: testcontainers/testcontainers-go

Length of output: 3633

---

🏁 Script executed:

# Look for any fallback logic or GitHub runner configuration elsewhere
echo "=== Checking for github.io or other runner configurations ==="
rg "runs-on|ubuntu-latest|macos-latest|windows-latest" .github/workflows/ -A 2 -B 2

Repository: testcontainers/testcontainers-go

Length of output: 6218

---

Verify Ubuntu 24.04 compatibility for non-modulegen modules and ensure fallback strategy is documented.

The Shipfox runner is already established across the CI infrastructure. However, non-modulegen modules lack fallback runners. Before merging, verify:

1. Ubuntu 24.04 compatibility: Confirm that testcontainers functionality works correctly with Ubuntu 24.04's Docker version and kernel behavior. The modulegen module already tests on macOS and Windows; consider extending cross-platform validation to other modules if applicable.

2. Fallback strategy for standard modules: Unlike modulegen (which tests on shipfox-2vcpu-ubuntu-2404, macos-latest, and windows-latest), other modules test only on the Shipfox runner. Document whether this is intentional or whether a fallback to GitHub-hosted runners should be added.

🧰 Tools

🪛 actionlint (1.7.9)

15-15: label "shipfox-2vcpu-ubuntu-2404" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2025", "windows-2022", "windows-11-arm", "ubuntu-slim", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-24.04-arm", "ubuntu-22.04", "ubuntu-22.04-arm", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-26-xlarge", "macos-26", "macos-15-intel", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

🤖 Prompt for AI Agents

In .github/workflows/ci.yml around line 15, the workflow pins runs-on to
shipfox-2vcpu-ubuntu-2404 but there is no verification or documented fallback
for non-modulegen modules; confirm testcontainers and all CI-dependent tooling
are compatible with Ubuntu 24.04 (Docker/kernel behavior) and either document
that compatibility check and rationale for using only the Shipfox runner, or add
a fallback matrix entry to run tests on GitHub-hosted runners (e.g.,
ubuntu-latest and/or macos-latest/windows-latest) for standard modules; update
the CI file and repository docs to reflect the chosen approach and the
verification steps performed.

[coderabbitai]

🧹 Nitpick comments (1)

.github/workflows/ci-test-go.yml (1)

118-119: Don’t couple Sonar execution to the Shipfox label.

This reusable workflow now decides whether Sonar runs by matching a specific runner string. Since the callers in .github/workflows/ci.yml already control the platform matrix, a label rename or a GitHub-hosted fallback would silently disable Sonar on main. Prefer a dedicated input such as sonar-platform instead of hard-coding the runner name here.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/ci-test-go.yml around lines 118 - 119, The step labeled
"Decide if Sonar must be run" currently gates Sonar by checking matrix.platform
== 'shipfox-2vcpu-ubuntu-2404'; change this to use a dedicated workflow input
(e.g. sonar-platform) so the condition becomes matrix.platform ==
inputs.sonar-platform (or similar) and update the workflow inputs to declare
sonar-platform with a sensible default; also update callers
(.github/workflows/ci.yml) to pass the desired sonar-platform value instead of
relying on a hard-coded runner name to ensure Sonar isn’t accidentally disabled
by label/runner changes.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In @.github/workflows/ci-test-go.yml:
- Around line 118-119: The step labeled "Decide if Sonar must be run" currently
gates Sonar by checking matrix.platform == 'shipfox-2vcpu-ubuntu-2404'; change
this to use a dedicated workflow input (e.g. sonar-platform) so the condition
becomes matrix.platform == inputs.sonar-platform (or similar) and update the
workflow inputs to declare sonar-platform with a sensible default; also update
callers (.github/workflows/ci.yml) to pass the desired sonar-platform value
instead of relying on a hard-coded runner name to ensure Sonar isn’t
accidentally disabled by label/runner changes.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 91cc760d-788f-4c1f-8a02-97b269a5a653

📥 Commits

Reviewing files that changed from the base of the PR and between e06a456 and cbd786d.

📒 Files selected for processing (4)

• .github/workflows/ci-lint-go.yml
• .github/workflows/ci-test-go.yml
• .github/workflows/ci.yml
• .github/workflows/scorecards.yml

[coderabbitai]

🧹 Nitpick comments (1)

.github/workflows/sonar-delete-project.yml (1)

13-13: Configure actionlint to recognize the custom Shipfox runner label.

The shipfox-2vcpu-ubuntu-2404 label is flagged by actionlint as unknown. If actionlint is part of your CI checks, this will cause failures. Add the custom label to your actionlint configuration:

Proposed actionlint.yaml configuration

Create or update .github/actionlint.yaml:

self-hosted-runner:
  labels:
    - shipfox-2vcpu-ubuntu-2404

Additionally, since this workflow uses secrets (SONAR_TOKEN) and Shipfox runners are third-party infrastructure, ensure you've reviewed their security practices and trust model for handling repository secrets.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/sonar-delete-project.yml at line 13, Add an actionlint
configuration that recognizes the custom runner label by creating or updating
.github/actionlint.yaml and adding the key path self-hosted-runner.labels with
an entry for "shipfox-2vcpu-ubuntu-2404"; ensure the new YAML lists that label
exactly so actionlint will not flag the runs-on value, and separately confirm
you've reviewed the security/trust model for using repository secrets
(SONAR_TOKEN) with third-party Shipfox runners.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In @.github/workflows/sonar-delete-project.yml:
- Line 13: Add an actionlint configuration that recognizes the custom runner
label by creating or updating .github/actionlint.yaml and adding the key path
self-hosted-runner.labels with an entry for "shipfox-2vcpu-ubuntu-2404"; ensure
the new YAML lists that label exactly so actionlint will not flag the runs-on
value, and separately confirm you've reviewed the security/trust model for using
repository secrets (SONAR_TOKEN) with third-party Shipfox runners.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: c9d73f6d-434a-48f8-92cc-de761349571f

📥 Commits

Reviewing files that changed from the base of the PR and between cbd786d and dc80f4e.

📒 Files selected for processing (10)

• .github/workflows/ci-lint-go.yml
• .github/workflows/ci-test-go.yml
• .github/workflows/ci.yml
• .github/workflows/codeql.yml
• .github/workflows/docker-projects-latest.yml
• .github/workflows/scorecards.yml
• .github/workflows/sonar-bulk-operations.yml
• .github/workflows/sonar-create-project.yml
• .github/workflows/sonar-delete-project.yml
• .github/workflows/usage-metrics.yml

✅ Files skipped from review due to trivial changes (1)

• .github/workflows/codeql.yml