hey nerds! i got a lovely email from GitHub this morning that their increasingly vibe-coded, barely-working Actions features are about to get more expensive (charging by the minute for something that notoriously spin-locks is a special flavor of shit sandwich).
i usually just use whatever i’m given at wherever i’m working. i do have a project that i maintain to parse Ollama Modelfiles tho: https://github.com/covercash2/modelfile and to be honest, Actions is the only solution i’ve ever used that came close to sparking joy, simply because it was easy to use and had tons of community mind-share (i’ve definitely heard horror stories and would never stake my business on it), but this price increase and all the other news around GitHub lately has got me side-eying self-hosting solutions for my git projects. Forgejo seems like the way to go for git hosting, but Actions in particular Just Works™️ for me, so i’m kind of dreading setting something up that will be yet another time sink/rabbit hole (just in time for the holidays! 🙃).
i can install most of my tooling with my language toolchain (read: rustup and cargo) which makes things fairly neat, but i just don’t have a sense for what people use outside of Jenkins and Actions.
i thought this community might have some insight beyond the LLM generated listicles that have blighted modern search results.
thanks in advance 🙏
Magnetic needle. Steady hand.
Not butterflies?
Used to use travis or clicleci and they both worked really well. Theres some issues with travis being old/expensive and circle got in touble for a few security issues though. gitlab has some nice tools from my experience.
Im interested as well. Ive got a forgjo that I would love to hook into at some point.
deleted by creator
GitHub Actions mostly.
The rest is usually plumbing and code to support it. The actions are just the automated execution environment.
I do devops at work and my experience is that really any CI/CD system works, they all have enough features to do what you want. They all fundamentally just run scripts on boxes. Therefore, I say pick the easiest one, likely the one that is built into whatever Git system you are using.
Try to keep your pipelines simple-ish when you can, they almost never need to be that complicated. 95% of the time it’s just running a command or two. If a pipeline needs to do something complex, I’d recommend writing that script into the Git repo and calling it, rather than having a CI job that is 100 lines long.
this is my experience as well. we have a bespoke wrapper around Jenkins, and the more we can test locally the less time we have to spend waiting for the system to fail. it’s one of the reasons i’ve adopted
justto script things locally as if it was CI.
Forgejo has their own runner: https://forgejo.org/docs/latest/admin/actions/runner-installation/
I’ve used it on my personal machine, was very easy to setup and mostly compatible with GitHub actions out-of-the-box (including things like
actions/checkout@v4).It’s still yaml shit though.
Every language, that uses functional white spaces, is absolutely awesome!!
— no one
I dislike yaml as much as the next person, but you can always “just” write
JasonJSON (lol autocorrect). Unless I’m misunderstanding your criticism?Yaml is vette than json for this IMO brcausebyou can write comments in yaml, and in general format multiline strings easier. Json is best for system to system comms. Human to system literlaly anything other text formst than json.
What issue do you have with using yaml to define a job?
Forgejo runners are great! I found some simple actions to do docker in docker and now build all my images with them!
please share, I’m interested in doing the same
Sure! I use Kaniko (Although I see now that it’s not maintained anymore). I’ll probably pull the image in locally to protect it…
Kaniko does the Docker in Docker, and I found an action that I use, but it looks like that was taken down… Luckily I archived it! Make an action in Forgejo (I have an
infrastructuregroup that I add public repos to for actions. So this one is calledaction-koniko-buildand all it has is thisaction.ymlfile in it:name: Kaniko description: Build a container image using Kaniko inputs: Dockerfile: description: The Dockerfile to pass to Kaniko required: true image: description: Name and tag under which to upload the image required: true registry: description: Domain of the registry. Should be the same as the first path component of the tag. required: true username: description: Username for the container registry required: true password: description: Password for the container registry required: true context: description: Workspace for the build required: true runs: using: docker image: docker://gcr.io/kaniko-project/executor:debug entrypoint: /bin/sh args: - -c - | mkdir -p /kaniko/.docker echo '{"auths":{"${{ inputs.registry }}":{"auth":"'$(printf "%s:%s" "${{ inputs.username }}" "${{ inputs.password }}" | base64 | tr -d '\n')'"}}}' > /kaniko/.docker/config.json echo Config file follows! cat /kaniko/.docker/config.json /kaniko/executor --insecure --dockerfile ${{ inputs.Dockerfile }} --destination ${{ inputs.image }} --context dir://${{ inputs.context }}Then, you can use it directly like:
name: Build and Deploy Docker Image on: push: branches: - main workflow_dispatch: jobs: build: runs-on: docker steps: # Checkout the repository - name: Checkout code uses: actions/checkout@v3 - name: Get current date # This is just how I label my containers, do whatever you prefer id: date run: echo "::set-output name=date::$(date '+%Y%m%d-%H%M')" - uses: path.to.your.forgejo.instance:port/infrastructure/action-koniko-build@main # This is what I said above, it references your infrastructure action, on the main branch with: Dockerfile: cluster/charts/auth/operator/Dockerfile image: path.to.your.forgejo.instance:port/group/repo:${{ steps.date.outputs.date }} registry: path.to.your.forgejo.instance:port/v1 username: ${{ env.GITHUB_ACTOR }} password: ${{ secrets.RUNNER_TOKEN }} # I haven't found a good secret option that works well, I should see if they have fixed the built-in token context: ${{ env.GITHUB_WORKSPACE }}I run my runners in Kubernetes in the same cluster as my forgejo instance, so this all hooks up pretty easy. Lmk if you want to see that at all if it’s relevant. The big thing is that you’ll need to have them be Privileged, and there’s some complicated stuff where you need to run both the runner and the “dind” container together.
Thanks for the write-up! I’ve been trying and failing to do DOOD and POOP runners via forgejo, but I haven’t had the time or energy to really dig in and figure out the issue. At this point I just want something to work so I’ll give your setup a try 😎
Of course! Let me know how you run your containers and I may be able to help on that side too
We use Azure Devops at my current gig. It works pretty well for our setup. I’ve used GHA before; it definitely didn’t “spark joy”. I
wastedspent way too many hours in the “update yaml file, commit, push, wait 5 minutes for it to fail again”spiral of despairfeedback loop.Nice thing with ADO is its release dashboard – you get a really nice summary of recent builds and where they went:
$project - dev - test - prod
I didn’t see anything similar for GHA.
A lot of that pain can be reduced by writing and running your code locally before pushing it to a CI environment. Generally with our automation we write a CLI, And GitHub actions is just an execution environment that calls the CLI.
And if what you’re trying to do must execute inside an action. You can run workflows locally with docker!
That’s a great idea if it’s possible, but I want to say it wouldn’t have helped with our environment at the time.
I almost wish I could look back at that repo and share the yaml file here, maybe I was missing something back then. I’m certainly more proficient with yaml now.
I do recall wishing there was a way to simulate the execution locally. I think I remember hearing about a local runner, but it had too many caveats to help.
deleted by creator
Gitlab CI/CD pipelines are my go-to tool. At work we self host an instance, for personal projects I use gitlab.com.
Self-hosted Forgejo Actions on a Codeberg repository. It was relatively easy to setup and I don’t even need a VPS through my dynamic IP 5G connexion. See also: https://codeberg.org/trougnouf/cfait
connexion
I’m imagining you saying “connex-yun”, and it reminds me of Stewie saying “cool-hhhwip”.
I self-host https://woodpecker-ci.org/ and I love it. It was easy to set up, and I never have to worry about CI/CD minutes.
fwiw, you can self host a GitHub actions runner
Don’t they want to monetize those as well?
yes, according to this morning’s email
ah right, my bad
But you are charged for it.
Woodpecker. No BS CI which can be attached to pretty much anything. It just need a webhook and way to pull your project.
nice. simple and modular i like. i deal with far too many “one stop shops” at work to bring that home
Watching this thread because CI/CD is something that I’d like to get into.
Ditto
Are you a programmer?
I…uh…I pretend I am from time to time.
IMO, Gitlab CI/CD blows Github out of the water. They’re not even in the same league. I recommend Gitlab + self hosted runners (it’s so easy).
I’ve been using Gitlab for many years and host my own runners as of the past 6 months because I nearly exhausted my monthly free tier runner minutes one month.
I had someone swear to me that Github templating was better, but I’ve only worked with Gitlabs templates. Why do you like Gitlab over Github?
Gitlab CI feels native. Github offers similar functionality but it feels/looks like an afterthought. I think the Gitlab .yaml structure is more intuitive. Also, how the Gitlab UI visually represents a pipeline is mcuh better, IMO. Self hosting runners on my server (Ubuntu) is so easy and free. I hadn’t tried it with Github but it sounds like it still costs money?!
Note: I don’t work for Gitlab
I second GitLab CI/CD - it’s a CI/CD system that just makes sense to me. That doesn’t mean it doesn’t have its complexities depending on your needs, but I’ve overall enjoyed my time working with it.
Edit: I forgot this was self-hosted community, disregard.
How does organization work out?
We have dozens of workflows for our monorepo CI/CD stuff. GitHub organization with the flat structure is incredibly annoying.
GitLab is a single file?? (Or am I misinformed? )How does that work out?
The repo specific config is a single file. You can also import templates/other files if need be. I worked in a shop where Devops set up a bunch of templates for generic, common jobs which made getting started easy. If custom config/code is required, overriding a templated job was easy. I was responsible for migrating my team’s ~50 repos (services, libraries, etc) from Jenkins + Bitbucket into Gitlab and found it to be pretty straightforward.
Git lab CI is my goto for git repo based things (unit tests, integration tests, etc). Fleet through Rancher for real deployments (manages and maintains state because kubernetes). Tekton is my in between catchall.
