diff --git a/.editorconfig b/.editorconfig index 3e7fd1b8..95843e73 100644 --- a/.editorconfig +++ b/.editorconfig @@ -26,3 +26,7 @@ max_line_length = 98 [*.yml] indent_size = 2 indent_style = space + +[*.json] +indent_size = 4 +indent_style = space diff --git a/.forgejo/workflows/build-fedora.yml b/.forgejo/workflows/build-fedora.yml index 1f601a9b..4c5931a3 100644 --- a/.forgejo/workflows/build-fedora.yml +++ b/.forgejo/workflows/build-fedora.yml @@ -1,4 +1,4 @@ -name: Build Fedora RPM +name: Build / Fedora RPM concurrency: group: "build-fedora-${{ github.ref }}" @@ -6,6 +6,10 @@ concurrency: on: push: + branches: + - '**' + tags: + - 'v*' paths: - 'fedora/**' - 'src/**' @@ -110,27 +114,33 @@ jobs: cd "$GITHUB_WORKSPACE" - # Determine release suffix based on ref type and branch + # Determine release suffix and version based on ref type and branch if [[ "${{ github.ref }}" == "refs/tags/"* ]]; then # Tags get clean version numbers for stable releases RELEASE_SUFFIX="" + TAG_NAME="${{ github.ref_name }}" + # Extract version from tag (remove v prefix if present) + TAG_VERSION=$(echo "$TAG_NAME" | sed 's/^v//') + + # Create spec file with tag version + sed -e "s/^Version:.*$/Version: $TAG_VERSION/" \ + -e "s/^Release:.*$/Release: 1%{?dist}/" \ + fedora/continuwuity.spec.rpkg > continuwuity.spec.rpkg elif [ "${{ github.ref_name }}" = "main" ]; then # Main branch gets .dev suffix RELEASE_SUFFIX=".dev" - else - # Other branches get sanitized branch name as suffix - SAFE_BRANCH=$(echo "${{ github.ref_name }}" | sed 's/[^a-zA-Z0-9]/_/g' | cut -c1-20) - RELEASE_SUFFIX=".${SAFE_BRANCH}" - fi - # Create a temporary spec file with the release suffix - if [ -n "$RELEASE_SUFFIX" ]; then # Replace the Release line to include our suffix sed "s/^Release:.*$/Release: 1${RELEASE_SUFFIX}%{?dist}/" \ fedora/continuwuity.spec.rpkg > continuwuity.spec.rpkg else - # Use the original spec file - ln -sf fedora/continuwuity.spec.rpkg continuwuity.spec.rpkg + # Other branches get sanitized branch name as suffix + SAFE_BRANCH=$(echo "${{ github.ref_name }}" | sed 's/[^a-zA-Z0-9]/_/g' | cut -c1-20) + RELEASE_SUFFIX=".${SAFE_BRANCH}" + + # Replace the Release line to include our suffix + sed "s/^Release:.*$/Release: 1${RELEASE_SUFFIX}%{?dist}/" \ + fedora/continuwuity.spec.rpkg > continuwuity.spec.rpkg fi # Build the SRPM @@ -364,6 +374,8 @@ jobs: # Determine the group based on ref type and branch if [[ "${{ github.ref }}" == "refs/tags/"* ]]; then GROUP="stable" + # For tags, extract the tag name for version info + TAG_NAME="${{ github.ref_name }}" elif [ "${{ github.ref_name }}" = "main" ]; then GROUP="dev" else @@ -398,23 +410,63 @@ jobs: "https://forgejo.ellis.link/api/packages/continuwuation/rpm/$GROUP/upload" echo "" - echo "✅ Published to: https://forgejo.ellis.link/continuwuation/-/packages/rpm/continuwuity/" + echo "✅ Published binary RPM to: https://forgejo.ellis.link/continuwuation/-/packages/rpm/continuwuity/" echo "Group: $GROUP" - # Also upload the SRPM + # Upload debug RPMs to separate group + DEBUG_RPMS=$(find artifacts -name "*debuginfo*.rpm" -o -name "*debugsource*.rpm") + if [ -n "$DEBUG_RPMS" ]; then + echo "" + echo "Publishing debug RPMs to group: ${GROUP}-debug" + + for DEBUG_RPM in $DEBUG_RPMS; do + echo "Publishing: $(basename "$DEBUG_RPM")" + + # Extract debug RPM info + DEBUG_INFO=$(rpm -qpi "$DEBUG_RPM" 2>/dev/null) + DEBUG_NAME=$(echo "$DEBUG_INFO" | grep "^Name" | awk '{print $3}') + DEBUG_VERSION=$(echo "$DEBUG_INFO" | grep "^Version" | awk '{print $3}') + DEBUG_RELEASE=$(echo "$DEBUG_INFO" | grep "^Release" | awk '{print $3}') + DEBUG_ARCH=$(echo "$DEBUG_INFO" | grep "^Architecture" | awk '{print $2}') + DEBUG_FULL_VERSION="${DEBUG_VERSION}-${DEBUG_RELEASE}" + + # Try to delete existing debug package first + curl -X DELETE \ + -H "Authorization: token ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}" \ + "https://forgejo.ellis.link/api/packages/continuwuation/rpm/${GROUP}-debug/package/$DEBUG_NAME/$DEBUG_FULL_VERSION/$DEBUG_ARCH" \ + || echo "Debug package didn't exist or deletion failed (this is OK)" + + # Upload debug RPM + curl --fail-with-body \ + -X PUT \ + -H "Authorization: token ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}" \ + -H "Content-Type: application/x-rpm" \ + -T "$DEBUG_RPM" \ + "https://forgejo.ellis.link/api/packages/continuwuation/rpm/${GROUP}-debug/upload" + done + + echo "✅ Published debug RPMs to group: ${GROUP}-debug" + fi + + # Also upload the SRPM to separate group SRPM=$(find artifacts -name "*.src.rpm" | head -1) if [ -n "$SRPM" ]; then echo "" echo "Publishing source RPM: $(basename "$SRPM")" + echo "Publishing to group: ${GROUP}-src" - # SRPMs always have architecture "src" - SRPM_ARCH="src" + # Extract SRPM info + SRPM_INFO=$(rpm -qpi "$SRPM" 2>/dev/null) + SRPM_NAME=$(echo "$SRPM_INFO" | grep "^Name" | awk '{print $3}') + SRPM_VERSION=$(echo "$SRPM_INFO" | grep "^Version" | awk '{print $3}') + SRPM_RELEASE=$(echo "$SRPM_INFO" | grep "^Release" | awk '{print $3}') + SRPM_FULL_VERSION="${SRPM_VERSION}-${SRPM_RELEASE}" - # Try to delete existing SRPM first (using same name/version as binary RPM) - echo "Removing any existing SRPM: $PACKAGE_NAME-$FULL_VERSION.$SRPM_ARCH" + # Try to delete existing SRPM first + echo "Removing any existing SRPM: $SRPM_NAME-$SRPM_FULL_VERSION.src" curl -X DELETE \ -H "Authorization: token ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}" \ - "https://forgejo.ellis.link/api/packages/continuwuation/rpm/$GROUP/package/$PACKAGE_NAME/$FULL_VERSION/$SRPM_ARCH" \ + "https://forgejo.ellis.link/api/packages/continuwuation/rpm/${GROUP}-src/package/$SRPM_NAME/$SRPM_FULL_VERSION/src" \ || echo "SRPM didn't exist or deletion failed (this is OK)" curl --fail-with-body \ @@ -422,5 +474,7 @@ jobs: -H "Authorization: token ${{ secrets.BUILTIN_REGISTRY_PASSWORD || secrets.GITHUB_TOKEN }}" \ -H "Content-Type: application/x-rpm" \ -T "$SRPM" \ - "https://forgejo.ellis.link/api/packages/continuwuation/rpm/$GROUP/upload" + "https://forgejo.ellis.link/api/packages/continuwuation/rpm/${GROUP}-src/upload" + + echo "✅ Published source RPM to group: ${GROUP}-src" fi diff --git a/.forgejo/workflows/release-image.yml b/.forgejo/workflows/release-image.yml index 04fc9de9..58d6cab2 100644 --- a/.forgejo/workflows/release-image.yml +++ b/.forgejo/workflows/release-image.yml @@ -161,7 +161,7 @@ jobs: var-lib-apt-${{ matrix.slug }} key: var-lib-apt-${{ matrix.slug }} - name: inject cache into docker - uses: https://github.com/reproducible-containers/buildkit-cache-dance@v3.1.0 + uses: https://github.com/reproducible-containers/buildkit-cache-dance@v3.3.0 with: cache-map: | { diff --git a/.forgejo/workflows/renovate.yml b/.forgejo/workflows/renovate.yml index e8522bec..0152b387 100644 --- a/.forgejo/workflows/renovate.yml +++ b/.forgejo/workflows/renovate.yml @@ -39,24 +39,73 @@ jobs: renovate: name: Renovate runs-on: ubuntu-latest + container: + image: ghcr.io/renovatebot/renovate:41 + options: --tmpfs /tmp:exec steps: - name: Checkout uses: actions/checkout@v4 + with: + show-progress: false + + - name: print node heap + run: /usr/local/renovate/node -e 'console.log(`node heap limit = ${require("v8").getHeapStatistics().heap_size_limit / (1024 * 1024)} Mb`)' + + - name: Restore renovate repo cache + uses: https://github.com/actions/cache@v4 + with: + path: | + /tmp/renovate/cache/renovate/repository + key: repo-cache-${{ github.run_id }} + restore-keys: | + repo-cache- + + - name: Restore renovate package cache + uses: https://github.com/actions/cache@v4 + with: + path: | + /tmp/renovate/cache/renovate/renovate-cache-sqlite + key: package-cache-${{ github.run_id }} + restore-keys: | + package-cache- - name: Self-hosted Renovate - uses: https://github.com/renovatebot/github-action@v40.1.0 + uses: https://github.com/renovatebot/github-action@v43.0.9 env: LOG_LEVEL: ${{ inputs.logLevel || 'info' }} - RENOVATE_AUTODISCOVER: 'false' - RENOVATE_BINARY_SOURCE: 'install' RENOVATE_DRY_RUN: ${{ inputs.dryRun || 'false' }} - RENOVATE_ENDPOINT: ${{ github.server_url }}/api/v1 - RENOVATE_GIT_TIMEOUT: 60000 - RENOVATE_GIT_URL: 'endpoint' - RENOVATE_GITHUB_TOKEN_WARN: 'false' - RENOVATE_ONBOARDING: 'false' - RENOVATE_PLATFORM: 'forgejo' - RENOVATE_PR_COMMITS_PER_RUN_LIMIT: 3 + + RENOVATE_PLATFORM: forgejo + RENOVATE_ENDPOINT: ${{ github.server_url }} + RENOVATE_AUTODISCOVER: 'false' RENOVATE_REPOSITORIES: '["${{ github.repository }}"]' + + RENOVATE_GIT_TIMEOUT: 60000 + RENOVATE_REQUIRE_CONFIG: 'required' + RENOVATE_ONBOARDING: 'false' + + RENOVATE_PR_COMMITS_PER_RUN_LIMIT: 3 + + RENOVATE_GITHUB_TOKEN_WARN: 'false' RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }} + GITHUB_COM_TOKEN: ${{ secrets.GH_PUBLIC_RO }} + + RENOVATE_REPOSITORY_CACHE: 'enabled' + RENOVATE_X_SQLITE_PACKAGE_CACHE: true + + - name: Save renovate repo cache + if: always() && env.RENOVATE_DRY_RUN != 'full' + uses: https://github.com/actions/cache@v4 + with: + path: | + /tmp/renovate/cache/renovate/repository + key: repo-cache-${{ github.run_id }} + + - name: Save renovate package cache + if: always() && env.RENOVATE_DRY_RUN != 'full' + uses: https://github.com/actions/cache@v4 + with: + path: | + /tmp/renovate/cache/renovate/renovate-cache-sqlite + key: package-cache-${{ github.run_id }} diff --git a/renovate.json b/renovate.json index deb428af..68d21b9d 100644 --- a/renovate.json +++ b/renovate.json @@ -1,62 +1,59 @@ { - "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "extends": [ - "config:recommended" - ], - "lockFileMaintenance": { - "enabled": true, - "schedule": [ - "at any time" + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["config:recommended"], + "lockFileMaintenance": { + "enabled": true, + "schedule": ["at any time"] + }, + "nix": { + "enabled": true + }, + "labels": ["Dependencies", "Dependencies/Renovate"], + "ignoreDeps": [ + "tikv-jemallocator", + "tikv-jemalloc-sys", + "tikv-jemalloc-ctl", + "opentelemetry", + "opentelemetry_sdk", + "opentelemetry-jaeger", + "tracing-opentelemetry" + ], + "github-actions": { + "enabled": true, + "managerFilePatterns": [ + "/(^|/)\\.forgejo/workflows/[^/]+\\.ya?ml$/", + "/(^|/)\\.forgejo/actions/[^/]+/action\\.ya?ml$/", + "/(^|/)\\.github/workflows/[^/]+\\.ya?ml$/", + "/(^|/)\\.github/actions/[^/]+/action\\.ya?ml$/" + ] + }, + "packageRules": [ + { + "description": "Batch minor and patch GitHub Actions updates", + "matchManagers": ["github-actions"], + "matchUpdateTypes": ["minor", "patch"], + "groupName": "github-actions-non-major" + }, + { + "description": "Group Rust toolchain updates into a single PR", + "matchManagers": ["custom.regex"], + "matchPackageNames": ["rust", "rustc", "cargo"], + "groupName": "rust-toolchain" + }, + { + "description": "Group lockfile updates into a single PR", + "matchUpdateTypes": ["lockFileMaintenance"], + "groupName": "lockfile-maintenance" + }, + { + "description": "Batch patch-level Rust dependency updates", + "matchManagers": ["cargo"], + "matchUpdateTypes": ["patch"], + "groupName": "rust-patch-updates" + }, + { + "matchManagers": ["cargo"], + "prConcurrentLimit": 5 + } ] - }, - "nix": { - "enabled": true - }, - "labels": [ - "Dependencies", - "Dependencies/Renovate" - ], - "ignoreDeps": [ - "tikv-jemallocator", - "tikv-jemalloc-sys", - "tikv-jemalloc-ctl", - "opentelemetry", - "opentelemetry_sdk", - "opentelemetry-jaeger", - "tracing-opentelemetry" - ], - "github-actions": { - "enabled": true, - "fileMatch": [ - "(^|/)\\.forgejo/workflows/[^/]+\\.ya?ml$", - "(^|/)\\.forgejo/actions/[^/]+/action\\.ya?ml$", - "(^|/)\\.github/workflows/[^/]+\\.ya?ml$", - "(^|/)\\.github/actions/[^/]+/action\\.ya?ml$" - ] - }, - "packageRules": [ - { - "description": "Batch minor and patch GitHub Actions updates", - "matchManagers": ["github-actions"], - "matchUpdateTypes": ["minor", "patch"], - "groupName": "github-actions-non-major" - }, - { - "description": "Group Rust toolchain updates into a single PR", - "matchManagers": ["regex"], - "matchPackageNames": ["rust", "rustc", "cargo"], - "groupName": "rust-toolchain" - }, - { - "description": "Group lockfile updates into a single PR", - "matchUpdateTypes": ["lockFileMaintenance"], - "groupName": "lockfile-maintenance" - }, - { - "description": "Batch patch-level Rust dependency updates", - "matchManagers": ["cargo"], - "matchUpdateTypes": ["patch"], - "groupName": "rust-patch-updates" - } - ] }