learning_ai_common_plat

bytelyst/learning_ai_common_plat

Fork 0

Commit Graph

Author	SHA1	Message	Date
saravanakumardb1	d1bdcdd9a7	docs(devops): pivot to Gitea Actions as canonical CI; mark GitHub-runner doc as Plan B Adds two new docs and a banner on the existing GitHub-runner doc. WHY: the user already has Gitea Actions configured across all 20+ repos (.gitea/workflows/ci.yml). Building a parallel GitHub Actions self-hosted runner pipeline is unnecessary work that also drags in GitHub Organization migration pressure (with Vercel/Netlify pricing side-effects on free tiers). The canonical architecture instead: - Each Gitea instance (corp Mac local + Hostinger VM) runs its own act_runner. - A single publish-packages.yml workflow lives in every package- publishing repo. - When the same git tag is pushed to both Giteas, each one builds inside the same pinned Docker image (node:20-bookworm@sha256:...) with the same lockfile, producing BYTE-IDENTICAL tarballs. - No sync script is needed; the shared git tag IS the sync mechanism. - Lockfile integrity hashes match across both registries, so corp Mac and personal Mac + Hostinger prod all see the same packages. New: HOSTINGER_GITEA_ACT_RUNNER_SETUP.md - Codex-actionable prompt to install act_runner on the Hostinger VM - Pre-flight checks (arch detection, Docker daemon, Gitea reachable) - Idempotent user creation, SHA-verified binary download - Docker mode runner config with labels mapping ubuntu-latest to pinned Node image - Smoke test + full E2E with throwaway @bytelyst/_runner-e2e-test package - The architectural invariant check: cross-Gitea SHA comparison — same tag pushed to both must produce identical tarballs - Monitoring (Gitea UI, API, systemd journal) - Hardening, rollback, deliverables, guardrails, questions New: GITEA_PACKAGES_PUBLISH_WORKFLOW.md - The actual publish-packages.yml triggered by v* tags - Docker image pinned by digest for build determinism - pnpm@9.12.0 pinned, --frozen-lockfile, host-network container - Token mounted as read-only secret file (not env var) - Concurrency cancel-in-progress: false (never cancel a publish) - Pack tarballs + SHA512 manifest as Gitea Release assets for audit trail - Two propagation strategies: reusable workflow (preferred) vs sync-publish-workflow.sh script - Operator runbook for cutting a release - Failure-mode table + remediation - Deliverables checklist Updated: HOSTINGER_GITHUB_RUNNER_SETUP.md - Added 'PLAN B' banner at the top - Cross-links to the Gitea Actions docs - Kept the doc intact as a valid alternative if priorities ever shift to making GitHub Actions the publish driver	2026-05-24 18:15:48 -07:00

Author

SHA1

Message

Date

saravanakumardb1

d1bdcdd9a7

docs(devops): pivot to Gitea Actions as canonical CI; mark GitHub-runner doc as Plan B

Adds two new docs and a banner on the existing GitHub-runner doc.

WHY: the user already has Gitea Actions configured across all 20+
repos (.gitea/workflows/ci.yml). Building a parallel GitHub Actions
self-hosted runner pipeline is unnecessary work that also drags in
GitHub Organization migration pressure (with Vercel/Netlify pricing
side-effects on free tiers).

The canonical architecture instead:
- Each Gitea instance (corp Mac local + Hostinger VM) runs its own
  act_runner.
- A single publish-packages.yml workflow lives in every package-
  publishing repo.
- When the same git tag is pushed to both Giteas, each one builds
  inside the same pinned Docker image (node:20-bookworm@sha256:...)
  with the same lockfile, producing BYTE-IDENTICAL tarballs.
- No sync script is needed; the shared git tag IS the sync mechanism.
- Lockfile integrity hashes match across both registries, so corp Mac
  and personal Mac + Hostinger prod all see the same packages.

New: HOSTINGER_GITEA_ACT_RUNNER_SETUP.md
  - Codex-actionable prompt to install act_runner on the Hostinger VM
  - Pre-flight checks (arch detection, Docker daemon, Gitea reachable)
  - Idempotent user creation, SHA-verified binary download
  - Docker mode runner config with labels mapping ubuntu-latest to
    pinned Node image
  - Smoke test + full E2E with throwaway @bytelyst/_runner-e2e-test
    package
  - The architectural invariant check: cross-Gitea SHA comparison —
    same tag pushed to both must produce identical tarballs
  - Monitoring (Gitea UI, API, systemd journal)
  - Hardening, rollback, deliverables, guardrails, questions

New: GITEA_PACKAGES_PUBLISH_WORKFLOW.md
  - The actual publish-packages.yml triggered by v* tags
  - Docker image pinned by digest for build determinism
  - pnpm@9.12.0 pinned, --frozen-lockfile, host-network container
  - Token mounted as read-only secret file (not env var)
  - Concurrency cancel-in-progress: false (never cancel a publish)
  - Pack tarballs + SHA512 manifest as Gitea Release assets for audit
    trail
  - Two propagation strategies: reusable workflow (preferred) vs
    sync-publish-workflow.sh script
  - Operator runbook for cutting a release
  - Failure-mode table + remediation
  - Deliverables checklist

Updated: HOSTINGER_GITHUB_RUNNER_SETUP.md
  - Added 'PLAN B' banner at the top
  - Cross-links to the Gitea Actions docs
  - Kept the doc intact as a valid alternative if priorities ever
    shift to making GitHub Actions the publish driver

2026-05-24 18:15:48 -07:00

1 Commits