All checks were successful
CI / preflight (push) Successful in 4s
CI / typecheck (push) Successful in 15s
ecosystem-selftest / semantic-release-bumptest (push) Successful in 12s
ecosystem-selftest / eslint-gate (push) Successful in 4s
ecosystem-selftest / yamllint-gate (push) Successful in 4s
pulumi-preview / preview (push) Successful in 18s
Correction to the previous commit. Forgejo 11.0.15 DOES support reusable workflows; my earlier "not supported" was a false negative — the test caller omitted `runs-on`, and the pre-v15 "limited" implementation REQUIRES `runs-on` on the calling job (omitting it makes Forgejo silently schedule no run). Verified live: a caller with `runs-on` runs green, same-repo and cross-repo (short ref); the full-URL form fails for reusable workflows (it was only needed for composite ACTIONS, which resolve via DEFAULT_ACTIONS_URL). - Restore the four reusable-*.yml (on: workflow_call), the architecture the handover + 999_testing chose; fix the caller examples to include `runs-on`. - Remove the composite-action layer (actions/) — single mechanism, no redundancy. - .forgejo/workflows/README.md documents the v11 caller-`runs-on` + short-ref quirks (both removed by a future Forgejo v15 upgrade) and the candidate coverage. - ecosystem-selftest paths filter back to reusable-*.yml. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
61 lines
3.3 KiB
Markdown
61 lines
3.3 KiB
Markdown
# Ecosystem CI — reusable workflows
|
|
|
|
Shared CI building blocks for Olsitec projects on the foundation forge
|
|
(`documentation/999_testing.md`). Downstream repos call them as **reusable
|
|
workflows** (`on: workflow_call`) at **job** level:
|
|
|
|
```yaml
|
|
# .forgejo/workflows/ci.yml in any project repo
|
|
name: ci
|
|
on: [push]
|
|
jobs:
|
|
build:
|
|
runs-on: docker # ← REQUIRED on Forgejo 11 (see "Forgejo 11 quirk" below)
|
|
uses: olsitec/foundation/.forgejo/workflows/reusable-node-build.yml@master
|
|
with: { package-manager: bun, build: "bun run build" }
|
|
```
|
|
|
|
## Forgejo 11 quirk (IMPORTANT)
|
|
|
|
Our forge runs **Forgejo 11.0.15**, where reusable-workflow support is the
|
|
**pre-v15 "limited" implementation**. Two rules differ from GitHub / Forgejo ≥ v15:
|
|
|
|
1. **The calling job MUST declare `runs-on`** (e.g. `runs-on: docker`). On standard
|
|
GitHub you omit `runs-on` on a `uses:` job — do that here and Forgejo **silently
|
|
schedules no run at all** (no error). This was verified live: a caller without
|
|
`runs-on` produced zero runs; the same caller with `runs-on` ran green.
|
|
2. **Cross-repo references use the SHORT form** `owner/repo/.forgejo/workflows/x.yml@ref`
|
|
— the **full-URL** form (`https://forge.olsitec.net/...`) fails for reusable
|
|
workflows (it is, conversely, the form composite *actions* require).
|
|
|
|
Also pre-v15: the called workflow's logs collapse into a single "Set up job" entry
|
|
in the UI. **Forgejo v15.0** (LTS, Apr 2026) reworks this — omit `runs-on` and Forgejo
|
|
expands the reusable workflow into its inner jobs with separate logs. On a future v15
|
|
upgrade, drop the `runs-on` from callers and these notes become obsolete.
|
|
|
|
## Workflows
|
|
|
|
| Workflow | Purpose | Key inputs |
|
|
|----------|---------|------------|
|
|
| `reusable-node-build.yml` | install + build npm/bun/none | `package-manager`, `build`, `workdir` |
|
|
| `reusable-docker-build.yml` | `docker build` via the host socket | `image`, `dockerfile`, `context`, `build-args`, `push` |
|
|
| `reusable-lint.yml` | eslint + yamllint gate (error → non-zero) | `eslint-paths`, `yamllint-paths`, `package-manager` |
|
|
| `reusable-semantic-release.yml` | dry-run next-version probe (conventionalcommits) | `branch` → output `version` |
|
|
|
|
All run in the baked `foundation-ci:latest` image. `reusable-semantic-release`
|
|
checks out with `fetch-depth: 0` (full history + tags). Real Forgejo release
|
|
publishing is deferred (no `@semantic-release/forgejo` analogue yet) — it computes
|
|
+ outputs the version, faithful to the GitLab `generate-release-version` job.
|
|
|
|
## Candidate coverage (999_testing)
|
|
|
|
| Candidate | Shape | Workflow | Status |
|
|
|-----------|-------|----------|--------|
|
|
| olsicrypto | npm package (tsc) | `reusable-node-build` (npm) | self-contained ✓ |
|
|
| document-engine | bun package (tsc) | `reusable-node-build` (bun) | self-contained ✓ |
|
|
| olsitrack/api | no-artifact / versioned | `reusable-node-build` (empty build) | self-contained ✓ |
|
|
| seaspots-homepage | docker, dep `@olsitec/svelte-common` | `reusable-docker-build` | blocked on the package registry (Stage-2) |
|
|
| token-service | docker, dep `@olsitec/olsicrypto` | `reusable-docker-build` | blocked on the package registry (Stage-2) |
|
|
|
|
The semantic-release bump sequence and the eslint/yamllint gates are continuously
|
|
proven by `ecosystem-selftest.yml` on the foundation's own runner.
|