diff --git a/.woodpecker.yml b/.woodpecker.yml deleted file mode 100644 index 9422e3e..0000000 --- a/.woodpecker.yml +++ /dev/null @@ -1,79 +0,0 @@ -# Woodpecker CI for ZDDC. -# -# Triggers on `zddc-server-v*` tag pushes. Builds the runtime container -# image and publishes it to Codeberg's container registry with channel -# tags that cascade downward, so that pinning to `:stable` always gets -# the most recent stable, `:beta` always tracks the most recent beta-or- -# stable, and `:alpha` always tracks the most recent alpha-or-newer. -# -# Tag conventions -# --------------- -# zddc-server-vX.Y.Z → stable release -# zddc-server-vX.Y.Z-beta.N → beta release -# zddc-server-vX.Y.Z-alpha.N → alpha release -# -# Image tags applied (cascading) -# ------------------------------ -# stable release: :X.Y.Z + :stable, :beta, :alpha -# beta release: :X.Y.Z-beta.N + :beta, :alpha -# alpha release: :X.Y.Z-alpha.N + :alpha -# -# `:latest` is intentionally NOT published. The project uses -# `stable / beta / alpha` channel terminology consistently; see -# AGENTS.md "Channel discipline". -# -# To enable: in the Woodpecker dashboard at https://ci.codeberg.org → -# repo → Settings → Secrets, add codeberg_user (your Codeberg username) -# and codeberg_token (a personal token with package:write scope from -# https://codeberg.org/user/settings/applications). Restrict both -# secrets to the `tag` event for safety. - -when: - - event: tag - ref: refs/tags/zddc-server-v* - -steps: - prepare-bundle: - image: docker.io/alpine:3.20 - commands: - # 1. Assemble zddc/dist/web/ from the landing + archive built outputs. - # build.sh now skips the (host-side) podman binary build when - # podman is absent, which is the case in CI — the runtime - # container image's own builder stage produces linux/amd64. - - sh build.sh - # 2. Compute the image tags. Grammar: - # zddc-server-vX.Y.Z → stable - # zddc-server-vX.Y.Z-alpha.N → alpha (cascade: alpha) - # zddc-server-vX.Y.Z-beta.N → beta (cascade: beta, alpha) - # Anything else is rejected by the `when:` filter; nothing to - # handle here. - - | - VERSION="${CI_COMMIT_TAG#zddc-server-v}" - case "$VERSION" in - *-alpha.*) CHANNEL=alpha ;; - *-beta.*) CHANNEL=beta ;; - *) CHANNEL=stable ;; - esac - case "$CHANNEL" in - stable) TAGS="$VERSION stable beta alpha" ;; - beta) TAGS="$VERSION beta alpha" ;; - alpha) TAGS="$VERSION alpha" ;; - esac - printf '%s\n' $TAGS > .image-tags - echo "Channel: $CHANNEL" - echo "Tags: $TAGS" - - publish-image: - image: woodpeckerci/plugin-docker-buildx - settings: - registry: codeberg.org - repo: codeberg.org/varasys/zddc-server - dockerfile: zddc/Containerfile - context: zddc - target: server - tags_file: .image-tags - auto_tag: false - username: - from_secret: codeberg_user - password: - from_secret: codeberg_token diff --git a/AGENTS.md b/AGENTS.md index 5c10f03..b686ba4 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -275,11 +275,25 @@ ZDDC_DATA_DIR=/path/to/your/archive podman-compose -f zddc/podman-compose.yaml u ### Release tagging +Two coordinated steps — git tag for auditability, then local image build: + ```sh git tag zddc-server-v1.0.0 -git push --tags +git push origin zddc-server-v1.0.0 +sh release-image.sh 1.0.0 # → :1.0.0 :stable :beta :alpha ``` +The cascade matches the channel rules elsewhere in the repo: stable bumps +all four tags; `beta` bumps `:1.0.0-beta.N :beta :alpha`; `alpha` bumps +`:1.0.0-alpha.N :alpha`. See `release-image.sh` for the full mapping. + +Prerequisite: `podman login codeberg.org` (one-time, with a Codeberg +personal token scoped `package:write`). + +There is no CI for this — `.woodpecker.yml` was removed in favor of +local-build-and-push because solo workflow benefits from one canonical +path that fails loudly and visibly on the developer's terminal. + ### Notes - No external test framework yet — Go unit tests run with `go test ./...` inside `zddc/` (requires Go 1.24+) diff --git a/release-image.sh b/release-image.sh new file mode 100755 index 0000000..f3b8423 --- /dev/null +++ b/release-image.sh @@ -0,0 +1,94 @@ +#!/bin/sh +# release-image.sh — build the zddc-server runtime image locally and push it +# to codeberg.org/varasys/zddc-server with cascading channel tags. +# +# Usage: +# sh release-image.sh [stable|beta|alpha] +# +# stable → : :stable :beta :alpha (default) +# beta → : :beta :alpha +# alpha → : :alpha +# +# Examples: +# sh release-image.sh 0.0.3 # → :0.0.3 :stable :beta :alpha +# sh release-image.sh 0.0.3-beta.1 beta # → :0.0.3-beta.1 :beta :alpha +# sh release-image.sh 0.0.3-alpha.2 alpha # → :0.0.3-alpha.2 :alpha +# +# Convention: cut a git tag first (`git tag zddc-server-v0.0.3 && git push +# origin zddc-server-v0.0.3`) so version history is auditable, then run this +# to publish the image. The two are coordinated by hand, deliberately — +# `.woodpecker.yml` is gone; this script is the canonical path. +# +# Prerequisites: +# - podman (or substitute docker — the commands below are identical) +# - logged in to codeberg.org: `podman login codeberg.org` +# (your Codeberg username + a personal token with `package:write` scope, +# generated at https://codeberg.org/user/settings/applications) +# +# What it does: +# 1. Runs `sh build.sh` so zddc/dist/web/{index.html,archive.html} reflect +# current source — those get COPYd into the runtime image. +# 2. Builds zddc/Containerfile's `server` stage as a single local image. +# 3. Tags that image with each cascade tag and pushes them in turn. + +set -eu + +usage() { + echo "usage: $0 [stable|beta|alpha]" >&2 + echo " version: e.g. 0.0.3, 0.0.3-beta.1, 0.0.3-alpha.2" >&2 + exit 1 +} + +[ $# -ge 1 ] || usage +VERSION="$1" +CHANNEL="${2:-stable}" + +case "$CHANNEL" in + stable) TAGS="$VERSION stable beta alpha" ;; + beta) TAGS="$VERSION beta alpha" ;; + alpha) TAGS="$VERSION alpha" ;; + *) echo "error: unknown channel: $CHANNEL (expected stable|beta|alpha)" >&2; exit 1 ;; +esac + +REPO="codeberg.org/varasys/zddc-server" +SCRIPT_DIR=$(cd "$(dirname "$0")" && pwd) + +# Pick podman or docker, whichever is on PATH. +if command -v podman >/dev/null 2>&1; then + OCI=podman +elif command -v docker >/dev/null 2>&1; then + OCI=docker +else + echo "error: neither podman nor docker found on PATH" >&2 + exit 1 +fi + +echo "=== Building $REPO ===" +echo "Version: $VERSION" +echo "Channel: $CHANNEL" +echo "Tags: $TAGS" +echo "OCI CLI: $OCI" +echo + +# Refresh dist/web — the Containerfile's server stage COPYs them in. +sh "$SCRIPT_DIR/build.sh" + +# Build the runtime image as a single local tag, then re-tag for each cascade +# entry so the build runs once and the pushes are cheap layer reuses. +"$OCI" build --target server -t zddc-server:build "$SCRIPT_DIR/zddc/" + +echo +echo "=== Pushing tags ===" +for tag in $TAGS; do + "$OCI" tag zddc-server:build "$REPO:$tag" + "$OCI" push "$REPO:$tag" + echo "pushed $REPO:$tag" +done + +echo +echo "=== Done ===" +echo "Image is live at $REPO:$VERSION" +echo "Tags published: $TAGS" +echo +echo "Next: bump tnd-zddc-chart (push to develop) so the chart's CI rebuilds" +echo "the dev-shell image against the new :beta and helm-rolls the cluster." diff --git a/zddc/README.md b/zddc/README.md index 31f4d3e..b51977e 100644 --- a/zddc/README.md +++ b/zddc/README.md @@ -358,9 +358,9 @@ tree. ## Container image -Each `zddc-server-vX.Y.Z` git tag publishes a runtime image to Codeberg's -container registry via the Woodpecker CI pipeline at `.woodpecker.yml`, -with cascading channel tags: +The runtime image is published to Codeberg's container registry via a +local-build-and-push script (`release-image.sh` at the repo root). Each +release publishes cascading channel tags: ``` codeberg.org/varasys/zddc-server:X.Y.Z # immutable, exact version @@ -456,25 +456,29 @@ $env:ZDDC_ROOT="C:\archive"; $env:ZDDC_TLS_CERT="none"; $env:ZDDC_ADDR=":8080" ## Release Tagging -Follow the repository convention: `zddc-server-vX.Y.Z` +Follow the repository convention: `zddc-server-vX.Y.Z`. Two coordinated +steps — git tag for auditability, then local image build and push: ```sh +# 1. Tag the source. git tag zddc-server-v1.0.0 -git push --tags +git push origin zddc-server-v1.0.0 + +# 2. Build and push the runtime image with cascading channel tags. +sh release-image.sh 1.0.0 # → :1.0.0 :stable :beta :alpha +sh release-image.sh 1.0.0-beta.1 beta # beta-channel release +sh release-image.sh 1.0.0-alpha.2 alpha # alpha-channel release ``` -The `zddc-server-v*` tag triggers the `.woodpecker.yml` pipeline which -builds and publishes the container image. See "Container image" above -for the resulting image URLs. +Prerequisite: `podman login codeberg.org` (or `docker login`) once, +authenticating with your Codeberg username and a personal token with +`package:write` scope, generated at +. The token is your +local credential — it never lives in the repo. -The first time the pipeline runs you must configure two Woodpecker -secrets in repo Settings → Woodpecker: - -- `codeberg_user` — your Codeberg username (e.g. `VARASYS`) -- `codeberg_token` — a personal token with `package:write` scope, generated at - -These never live in the repo; they are referenced from the pipeline via -`from_secret:`. +Single-developer / solo-release flow by design — no CI babysitting, +no separate dashboard to debug when the registry doesn't show what +you expected. See `release-image.sh` for what each tag publishes. ---