foundation/.forgejo/workflows/README.md

62 lines
3.3 KiB
Markdown
Raw Normal View History

# Ecosystem CI — reusable workflows
Shared CI building blocks for Olsitec projects on the foundation forge
(`documentation/999_testing.md`). Downstream repos call them as **reusable
workflows** (`on: workflow_call`) at **job** level:
```yaml
# .forgejo/workflows/ci.yml in any project repo
name: ci
on: [push]
jobs:
build:
runs-on: docker # ← REQUIRED on Forgejo 11 (see "Forgejo 11 quirk" below)
uses: olsitec/foundation/.forgejo/workflows/reusable-node-build.yml@master
with: { package-manager: bun, build: "bun run build" }
```
## Forgejo 11 quirk (IMPORTANT)
Our forge runs **Forgejo 11.0.15**, where reusable-workflow support is the
**pre-v15 "limited" implementation**. Two rules differ from GitHub / Forgejo ≥ v15:
1. **The calling job MUST declare `runs-on`** (e.g. `runs-on: docker`). On standard
GitHub you omit `runs-on` on a `uses:` job — do that here and Forgejo **silently
schedules no run at all** (no error). This was verified live: a caller without
`runs-on` produced zero runs; the same caller with `runs-on` ran green.
2. **Cross-repo references use the SHORT form** `owner/repo/.forgejo/workflows/x.yml@ref`
— the **full-URL** form (`https://forge.olsitec.net/...`) fails for reusable
workflows (it is, conversely, the form composite *actions* require).
Also pre-v15: the called workflow's logs collapse into a single "Set up job" entry
in the UI. **Forgejo v15.0** (LTS, Apr 2026) reworks this — omit `runs-on` and Forgejo
expands the reusable workflow into its inner jobs with separate logs. On a future v15
upgrade, drop the `runs-on` from callers and these notes become obsolete.
## Workflows
| Workflow | Purpose | Key inputs |
|----------|---------|------------|
| `reusable-node-build.yml` | install + build npm/bun/none | `package-manager`, `build`, `workdir` |
| `reusable-docker-build.yml` | `docker build` via the host socket | `image`, `dockerfile`, `context`, `build-args`, `push` |
| `reusable-lint.yml` | eslint + yamllint gate (error → non-zero) | `eslint-paths`, `yamllint-paths`, `package-manager` |
| `reusable-semantic-release.yml` | dry-run next-version probe (conventionalcommits) | `branch` → output `version` |
All run in the baked `foundation-ci:latest` image. `reusable-semantic-release`
checks out with `fetch-depth: 0` (full history + tags). Real Forgejo release
publishing is deferred (no `@semantic-release/forgejo` analogue yet) — it computes
+ outputs the version, faithful to the GitLab `generate-release-version` job.
## Candidate coverage (999_testing)
| Candidate | Shape | Workflow | Status |
|-----------|-------|----------|--------|
| olsicrypto | npm package (tsc) | `reusable-node-build` (npm) | self-contained ✓ |
| document-engine | bun package (tsc) | `reusable-node-build` (bun) | self-contained ✓ |
| olsitrack/api | no-artifact / versioned | `reusable-node-build` (empty build) | self-contained ✓ |
| seaspots-homepage | docker, dep `@olsitec/svelte-common` | `reusable-docker-build` | blocked on the package registry (Stage-2) |
| token-service | docker, dep `@olsitec/olsicrypto` | `reusable-docker-build` | blocked on the package registry (Stage-2) |
The semantic-release bump sequence and the eslint/yamllint gates are continuously
proven by `ecosystem-selftest.yml` on the foundation's own runner.