refactor(ci): composite actions instead of reusable workflows (Forgejo 11)
All checks were successful
CI / preflight (push) Successful in 5s
CI / typecheck (push) Successful in 15s
ecosystem-selftest / semantic-release-bumptest (push) Successful in 13s
ecosystem-selftest / eslint-gate (push) Successful in 3s
ecosystem-selftest / yamllint-gate (push) Successful in 3s
pulumi-preview / preview (push) Successful in 16s

Forgejo 11.0.15 does NOT support reusable workflows (job-level `uses:` /
`workflow_call`): the call is silently dropped and no run is scheduled (verified
live — a same-repo and a cross-repo reusable call both produced zero runs, while
an equivalent inline job ran green). The working cross-repo reuse primitive here
is the COMPOSITE ACTION referenced by FULL URL (a short-form
`uses: olsitec/foundation/...@master` resolves against the runner's
DEFAULT_ACTIONS_URL = data.forgejo.org, not the local instance, and 404s; the
full-URL form `uses: https://forge.olsitec.net/olsitec/foundation/actions/<x>@master`
was verified green).

- Replace the four reusable-*.yml with composite actions under actions/:
  node-build, docker-build, lint, semantic-release-version (same logic + inputs).
- actions/README.md documents the pattern, the Forgejo-11 limitation, and the
  999_testing candidate coverage (C2/C3/C4 self-contained; C1/C5 blocked on the
  not-yet-published @olsitec package registry).
- ecosystem-selftest paths filter: actions/** (was reusable-*.yml).

The capabilities that need no external repo (semantic-release bump sequence,
eslint/yamllint gates) keep running green via ecosystem-selftest's inline jobs.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Andreas Niemann 2026-07-01 01:14:51 +02:00
parent 67157a0de0
commit 35dc008759
12 changed files with 335 additions and 277 deletions

View file

@ -0,0 +1,54 @@
# node-build — install + build an npm/bun project (999_testing).
#
# A COMPOSITE ACTION (not a reusable workflow — Forgejo 11 does not support
# job-level `uses:`/workflow_call; composite actions referenced by full URL are
# the working cross-repo reuse mechanism). Downstream repos call it at STEP level:
#
# jobs:
# build:
# runs-on: docker
# container: { image: foundation-ci:latest }
# steps:
# - uses: actions/checkout@v4
# - uses: https://forge.olsitec.net/olsitec/foundation/actions/node-build@master
# with: { package-manager: bun, build: "bun run build" }
#
# Covers the non-Docker candidate shapes: npm package built with npm (olsicrypto),
# bun package built with bun (document-engine), no-artifact/versioned (olsitrack/api,
# empty `build`). The caller must `actions/checkout` first and run in foundation-ci.
name: node-build
description: Install dependencies and build an npm- or bun-based project.
inputs:
package-manager:
description: "bun | npm | none (none skips install)"
default: bun
build:
description: "build command run verbatim (empty = skip, e.g. no-artifact repos)"
default: ""
workdir:
description: "working directory for install + build"
default: "."
runs:
using: composite
steps:
- name: Install dependencies (${{ inputs.package-manager }})
shell: bash
working-directory: ${{ inputs.workdir }}
run: |
case "${{ inputs.package-manager }}" in
bun) bun install --frozen-lockfile || bun install ;;
npm) npm ci || npm install ;;
none) echo "package-manager=none → skipping install" ;;
*) echo "unknown package-manager '${{ inputs.package-manager }}'" >&2; exit 1 ;;
esac
- name: Build
shell: bash
working-directory: ${{ inputs.workdir }}
run: |
cmd='${{ inputs.build }}'
if [ -z "$cmd" ]; then
echo "no build command (non-artifact / versioned-only repo) — install-only check passed"
exit 0
fi
echo "+ $cmd"
eval "$cmd"