refactor(ci): composite actions instead of reusable workflows (Forgejo 11)
All checks were successful
CI / preflight (push) Successful in 5s
CI / typecheck (push) Successful in 15s
ecosystem-selftest / semantic-release-bumptest (push) Successful in 13s
ecosystem-selftest / eslint-gate (push) Successful in 3s
ecosystem-selftest / yamllint-gate (push) Successful in 3s
pulumi-preview / preview (push) Successful in 16s
All checks were successful
CI / preflight (push) Successful in 5s
CI / typecheck (push) Successful in 15s
ecosystem-selftest / semantic-release-bumptest (push) Successful in 13s
ecosystem-selftest / eslint-gate (push) Successful in 3s
ecosystem-selftest / yamllint-gate (push) Successful in 3s
pulumi-preview / preview (push) Successful in 16s
Forgejo 11.0.15 does NOT support reusable workflows (job-level `uses:` / `workflow_call`): the call is silently dropped and no run is scheduled (verified live — a same-repo and a cross-repo reusable call both produced zero runs, while an equivalent inline job ran green). The working cross-repo reuse primitive here is the COMPOSITE ACTION referenced by FULL URL (a short-form `uses: olsitec/foundation/...@master` resolves against the runner's DEFAULT_ACTIONS_URL = data.forgejo.org, not the local instance, and 404s; the full-URL form `uses: https://forge.olsitec.net/olsitec/foundation/actions/<x>@master` was verified green). - Replace the four reusable-*.yml with composite actions under actions/: node-build, docker-build, lint, semantic-release-version (same logic + inputs). - actions/README.md documents the pattern, the Forgejo-11 limitation, and the 999_testing candidate coverage (C2/C3/C4 self-contained; C1/C5 blocked on the not-yet-published @olsitec package registry). - ecosystem-selftest paths filter: actions/** (was reusable-*.yml). The capabilities that need no external repo (semantic-release bump sequence, eslint/yamllint gates) keep running green via ecosystem-selftest's inline jobs. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
67157a0de0
commit
35dc008759
12 changed files with 335 additions and 277 deletions
61
actions/README.md
Normal file
61
actions/README.md
Normal file
|
|
@ -0,0 +1,61 @@
|
|||
# Ecosystem CI — reusable composite actions
|
||||
|
||||
These are the shared CI building blocks for Olsitec projects on the foundation
|
||||
forge (`documentation/999_testing.md`). Downstream repos reference them at **step
|
||||
level** with a **full URL**:
|
||||
|
||||
```yaml
|
||||
# .forgejo/workflows/ci.yml in any project repo
|
||||
name: ci
|
||||
on: [push]
|
||||
jobs:
|
||||
build:
|
||||
runs-on: docker
|
||||
container: { image: foundation-ci:latest }
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: https://forge.olsitec.net/olsitec/foundation/actions/node-build@master
|
||||
with: { package-manager: bun, build: "bun run build" }
|
||||
```
|
||||
|
||||
## Why composite actions, not reusable workflows
|
||||
|
||||
The original plan was **reusable workflows** (`uses: olsitec/foundation/.forgejo/
|
||||
workflows/x.yml@master`, `on: workflow_call`). **Forgejo 11.0.15 does not support
|
||||
reusable workflows** — a job-level `uses:` (or `workflow_call`) is silently dropped
|
||||
and **no run is scheduled** (verified live: a same-repo and cross-repo reusable call
|
||||
both produced zero runs, while an equivalent inline job ran green). The working
|
||||
cross-repo reuse primitive on this Forgejo is the **composite action**, referenced by
|
||||
**full URL** (a short-form `uses: olsitec/foundation/...@master` resolves against the
|
||||
runner's `DEFAULT_ACTIONS_URL` = `data.forgejo.org`, not the local instance, and 404s).
|
||||
|
||||
If the forge is later upgraded to a Forgejo with reusable-workflow support, these can
|
||||
be re-expressed as `workflow_call` workflows; until then, composite actions are the
|
||||
contract.
|
||||
|
||||
## Actions
|
||||
|
||||
| Action | Purpose | Key inputs |
|
||||
|--------|---------|------------|
|
||||
| `node-build` | install + build an npm/bun/none project | `package-manager`, `build`, `workdir` |
|
||||
| `docker-build` | `docker build` via the host socket (caller mounts it) | `image`, `dockerfile`, `context`, `build-args`, `push` |
|
||||
| `lint` | eslint + yamllint gate (error → non-zero) | `eslint-paths`, `yamllint-paths`, `package-manager` |
|
||||
| `semantic-release-version` | dry-run next-version probe (conventionalcommits) | `branch` → output `version` |
|
||||
|
||||
All run in the baked `foundation-ci:latest` image (the caller sets
|
||||
`container.image`). The caller must `actions/checkout@v4` first; `docker-build`
|
||||
callers must also mount `/var/run/docker.sock`; `semantic-release-version` callers
|
||||
must checkout with `fetch-depth: 0`.
|
||||
|
||||
## Candidate coverage (999_testing)
|
||||
|
||||
| Candidate | Shape | Action | Status |
|
||||
|-----------|-------|--------|--------|
|
||||
| olsicrypto | npm package (tsc) | `node-build` (npm) | self-contained ✓ |
|
||||
| document-engine | bun package (tsc) | `node-build` (bun) | self-contained ✓ |
|
||||
| olsitrack/api | no-artifact / versioned | `node-build` (empty build) | self-contained ✓ |
|
||||
| seaspots-homepage | docker, dep `@olsitec/svelte-common` | `docker-build` | blocked on the package registry (Stage-2) |
|
||||
| token-service | docker, dep `@olsitec/olsicrypto` | `docker-build` | blocked on the package registry (Stage-2) |
|
||||
|
||||
The semantic-release bump sequence and the eslint/yamllint gates are continuously
|
||||
proven by `.forgejo/workflows/ecosystem-selftest.yml` on the foundation's own runner.
|
||||
Loading…
Add table
Add a link
Reference in a new issue