fix(vm-default-images): refresh stale Alpine and openSUSE 16.0 image URLs

[myasnikovdaniil]

What this PR does

Refreshes two default golden-image download URLs in vm-default-images that had drifted from their canonical source. This came out of a correctness re-check of all 16 default image URLs — the other 14 use floating current/latest pointers on canonical vendor hosts and need no change.

• alpine-3.21 — was pinned to patch 3.21.6. Alpine's CDN now ships 3.21.7 and prunes older patches over time, so this hardcoded pin would eventually 404. Bumped to 3.21.7. (Alpine publishes no latest symlink for cloud images, so a patch pin is unavoidable — it just needs to track the newest patch.)
• opensuse-leap-16.0 — pointed at the Open Build Service staging tree (repositories/openSUSE:/Leap:/16.0:/Images/) rather than the canonical released-product tree. Switched to distribution/leap/16.0/appliances/, which serves the identical image from a more stable, official location.

Both new URLs were verified to return HTTP 200 and serve valid QCOW2 images (magic QFI\xfb).

Note: opensuse-leap-15.6 sits on the same OBS staging path, but moving it to the distribution tree would also require switching the image flavor (NoCloud → Minimal-VM Cloud, the only variant published there). That's a behavioral change, so it's intentionally left out of this PR.

Release note

fix(vm-default-images): refresh stale Alpine (3.21.6 → 3.21.7) and openSUSE Leap 16.0 default image URLs

Summary by CodeRabbit

• Updates
  • Refreshed two default virtual machine image entries to point to newer download sources.
  • Updated the openSUSE Leap 16.0 image URL to a new appliance location.
  • Bumped the Alpine 3.21 image to a newer release version.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request ensures the reliability of default VM golden images by updating stale download URLs. By pointing to the latest patch version for Alpine and the canonical distribution path for openSUSE, the changes prevent future broken links and ensure that the images are fetched from stable, official sources.

Highlights

• Alpine Linux URL Update: Updated the Alpine 3.21 image URL from version 3.21.6 to 3.21.7 to prevent potential 404 errors caused by CDN pruning of older patch versions.
• openSUSE Leap 16.0 URL Correction: Migrated the openSUSE Leap 16.0 image source from the OBS staging tree to the official, stable distribution repository.

New Features

🧠 You can now enable Memory (public preview) to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	Gemini (@gemini-code-assist)	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on Gemini (@gemini-code-assist) comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: fdc4377f-b8a9-435e-86ac-726da6ef4259

📥 Commits

Reviewing files that changed from the base of the PR and between 0f1cc54 and b775e51.

📒 Files selected for processing (1)

• packages/system/vm-default-images/values.yaml

---

📝 Walkthrough

Walkthrough

Updated two default VM image URLs in packages/system/vm-default-images/values.yaml: one for openSUSE Leap 16.0 and one for Alpine 3.21.

Changes

VM default image URL updates

Layer / File(s)	Summary
Image source updates packages/system/vm-default-images/values.yaml	The opensuse-leap-16.0 and alpine-3.21 image url values were changed to new download locations.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

A bunny hopped by, ears all alight,
Two image URLs gleamed fresh and bright.
Leap and Alpine took a new trail today,
While floppy paws approved the array.
🐰✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: refreshing the Alpine and openSUSE default image URLs.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/vm-default-images-urls

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[gemini-code-assist]

Code Review

This pull request updates the default VM image URLs in packages/system/vm-default-images/values.yaml. Specifically, it updates the download URL for the openSUSE Leap 16.0 image to point to the official distribution appliances path, and bumps the Alpine 3.21 image version from 3.21.6 to 3.21.7. There are no review comments, and I have no feedback to provide.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

[Aleksei Sviridkin (lexfrei)]

LGTM — both refreshed URLs verified: HTTP 200 and a valid QCOW2 magic header (51 46 49 fb).

Business context: two default golden-image URLs in vm-default-images had drifted from their canonical sources and would eventually 404 (#3063 description).

Verified independently:

• alpine-3.21 → 3.21.7: 200 + valid QCOW2. The old 3.21.6 still resolves today, so this is a preventive bump against CDN pruning rather than a current outage — accurate to the PR's reasoning. As noted in the description, Alpine publishes no latest symlink for cloud images, so this patch pin will need periodic re-bumping (or automation) when 3.21.8 lands and 3.21.7 is pruned.
• opensuse-leap-16.0 → distribution appliances/ tree: 200 + valid QCOW2, same image served from the stable released-product path instead of the OBS staging tree.

No resource-name or storage change, no checksum field to keep in sync, so nothing downstream breaks. Leaving opensuse-leap-15.6 on the staging path is the right call given the flavor change it would require. No blockers.