andrew
13e9e88e0e
Pass registry credentials via env instead of script interpolation
...
CI / build-image (arm64, ubuntu-latest-arm64) (push) Successful in 1m29s
CI / build-image (amd64, ubuntu-latest-amd64) (push) Successful in 1m50s
CI / pre-commit (push) Failing after 1m38s
CI / release (arm64, ubuntu-latest-arm64) (push) Failing after 1m49s
CI / test (-DCMAKE_BUILD_TYPE=Debug, debug) (push) Failing after 42s
CI / test (-DCMAKE_CXX_FLAGS=-DUSE_64_BIT=1, 64-bit-versions) (push) Failing after 42s
CI / test (-DCMAKE_C_COMPILER=gcc -DCMAKE_CXX_COMPILER=g++, gcc) (push) Failing after 41s
CI / test (-DUSE_SIMD_FALLBACK=ON, simd-fallback) (push) Failing after 41s
CI / release (amd64, ubuntu-latest-amd64) (push) Failing after 47s
CI / coverage (push) Failing after 44s
Template interpolation embeds the secret in the generated script file;
env indirection keeps it out of argv and off disk.
2026-06-12 12:21:19 -04:00
andrew
12a62a91cf
Track the CI image hash with a label instead of a tag
...
CI / build-image (arm64, ubuntu-latest-arm64) (push) Failing after 3m47s
CI / build-image (amd64, ubuntu-latest-amd64) (push) Failing after 3m47s
CI / pre-commit (push) Has been skipped
CI / test (-DCMAKE_BUILD_TYPE=Debug, debug) (push) Has been skipped
CI / test (-DCMAKE_CXX_FLAGS=-DUSE_64_BIT=1, 64-bit-versions) (push) Has been skipped
CI / test (-DCMAKE_C_COMPILER=gcc -DCMAKE_CXX_COMPILER=g++, gcc) (push) Has been skipped
CI / test (-DUSE_SIMD_FALLBACK=ON, simd-fallback) (push) Has been skipped
CI / release (amd64, ubuntu-latest-amd64) (push) Has been skipped
CI / release (arm64, ubuntu-latest-arm64) (push) Has been skipped
CI / coverage (push) Has been skipped
Pushing per-hash tags accumulates multi-GB versions in the registry,
and package cleanup rules can't distinguish the hash tags that the
latest-{arch} tags currently point to from stale ones. Push only
latest-{arch} and record the Dockerfile hash as an image label; the
skip-rebuild check reads the label back via buildx imagetools.
2026-06-12 12:16:34 -04:00
andrew
04d02261e9
Install clang from Ubuntu and push image from buildx
...
CI / pre-commit (push) Has been cancelled
CI / test (-DCMAKE_BUILD_TYPE=Debug, debug) (push) Has been cancelled
CI / test (-DCMAKE_CXX_FLAGS=-DUSE_64_BIT=1, 64-bit-versions) (push) Has been cancelled
CI / test (-DCMAKE_C_COMPILER=gcc -DCMAKE_CXX_COMPILER=g++, gcc) (push) Has been cancelled
CI / test (-DUSE_SIMD_FALLBACK=ON, simd-fallback) (push) Has been cancelled
CI / release (amd64, ubuntu-latest-amd64) (push) Has been cancelled
CI / release (arm64, ubuntu-latest-arm64) (push) Has been cancelled
CI / coverage (push) Has been cancelled
CI / build-image (amd64, ubuntu-latest-amd64) (push) Has been cancelled
CI / build-image (arm64, ubuntu-latest-arm64) (push) Has been cancelled
apt.llvm.org has no repository for the current ubuntu:rolling release,
and nothing pins clang 20 - CC=clang already resolved to the distro
clang. Drop the llvm.sh step along with its helper packages.
docker build now runs under the buildx docker-container driver, which
keeps the result in the build cache unless told otherwise, so push
directly from the build instead of tagging locally.
2026-06-12 12:06:45 -04:00
andrew
dd8f006d3f
Remove docker socket debug step and unneeded sudo
...
Jobs run as root in the job container; the earlier permission errors
were SELinux denials on the mounted podman socket, fixed in the runner
config with --security-opt label=disable.
2026-06-12 11:58:30 -04:00
andrew
776d06963b
Add temporary docker socket debug step
CI / test (-DCMAKE_CXX_FLAGS=-DUSE_64_BIT=1, 64-bit-versions) (push) Has been skipped
CI / test (-DCMAKE_C_COMPILER=gcc -DCMAKE_CXX_COMPILER=g++, gcc) (push) Has been skipped
CI / test (-DUSE_SIMD_FALLBACK=ON, simd-fallback) (push) Has been skipped
CI / release (arm64, ubuntu-latest-arm64) (push) Has been skipped
CI / build-image (amd64, ubuntu-latest-amd64) (push) Failing after 55s
CI / pre-commit (push) Has been cancelled
CI / test (-DCMAKE_BUILD_TYPE=Debug, debug) (push) Has been cancelled
CI / release (amd64, ubuntu-latest-amd64) (push) Has been cancelled
CI / coverage (push) Has been cancelled
CI / build-image (arm64, ubuntu-latest-arm64) (push) Has been cancelled
2026-06-12 11:52:51 -04:00
andrew
e03afe0651
Run docker with sudo in build-image
...
CI / test (-DCMAKE_CXX_FLAGS=-DUSE_64_BIT=1, 64-bit-versions) (push) Has been skipped
CI / test (-DCMAKE_C_COMPILER=gcc -DCMAKE_CXX_COMPILER=g++, gcc) (push) Has been skipped
CI / test (-DUSE_SIMD_FALLBACK=ON, simd-fallback) (push) Has been skipped
CI / release (arm64, ubuntu-latest-arm64) (push) Has been skipped
CI / build-image (amd64, ubuntu-latest-amd64) (push) Failing after 2s
CI / build-image (arm64, ubuntu-latest-arm64) (push) Failing after 21s
CI / pre-commit (push) Has been skipped
CI / test (-DCMAKE_BUILD_TYPE=Debug, debug) (push) Has been skipped
CI / release (amd64, ubuntu-latest-amd64) (push) Has been skipped
CI / coverage (push) Has been skipped
The default job image runs as a non-root user that lacks access to the
mounted docker socket.
2026-06-12 11:30:28 -04:00
andrew
6eecf6e4ac
Use a registry bot account for the container registry
...
CI / build-image (arm64, ubuntu-latest-arm64) (push) Failing after 21s
CI / pre-commit (push) Has been cancelled
CI / test (-DCMAKE_BUILD_TYPE=Debug, debug) (push) Has been cancelled
CI / test (-DCMAKE_CXX_FLAGS=-DUSE_64_BIT=1, 64-bit-versions) (push) Has been cancelled
CI / test (-DCMAKE_C_COMPILER=gcc -DCMAKE_CXX_COMPILER=g++, gcc) (push) Has been cancelled
CI / test (-DUSE_SIMD_FALLBACK=ON, simd-fallback) (push) Has been cancelled
CI / release (amd64, ubuntu-latest-amd64) (push) Has been cancelled
CI / release (arm64, ubuntu-latest-arm64) (push) Has been cancelled
CI / coverage (push) Has been cancelled
CI / build-image (amd64, ubuntu-latest-amd64) (push) Has been cancelled
Gitea's ephemeral Actions token is not accepted by the container
registry, so docker login and image pulls use REGISTRY_USER /
REGISTRY_TOKEN secrets (a dedicated low-privilege account and its
personal access token with package read/write scope) instead.
2026-06-12 11:16:33 -04:00
andrew
d74a12b5a4
Convert Jenkins CI to Gitea Actions
...
CI / build-image (arm64, ubuntu-latest-arm64) (push) Failing after 19s
CI / build-image (amd64, ubuntu-latest-amd64) (push) Failing after 37s
CI / pre-commit (push) Has been skipped
CI / test (-DCMAKE_BUILD_TYPE=Debug, debug) (push) Has been skipped
CI / test (-DCMAKE_CXX_FLAGS=-DUSE_64_BIT=1, 64-bit-versions) (push) Has been skipped
CI / test (-DCMAKE_C_COMPILER=gcc -DCMAKE_CXX_COMPILER=g++, gcc) (push) Has been skipped
CI / test (-DUSE_SIMD_FALLBACK=ON, simd-fallback) (push) Has been skipped
CI / release (amd64, ubuntu-latest-amd64) (push) Has been skipped
CI / release (arm64, ubuntu-latest-arm64) (push) Has been skipped
CI / coverage (push) Has been skipped
Replace the Jenkinsfile with .gitea/workflows/ci.yml. The CI image is
built from the Dockerfile and pushed to the Gitea container registry,
rebuilt only when the Dockerfile or pre-commit config changes. The
aarch64 release build now runs natively on an arm64 runner instead of
cross-compiling, so the cross toolchain and qemu are dropped from the
image. Artifacts still go to MinIO (via mc, skipped gracefully if
credentials are not configured); ccache uses actions/cache instead of a
host volume.
2026-06-12 11:13:32 -04:00
andrew