mosaicstack/stack
1
0
Fork 0
Code Issues 31 Pull Requests 3 Actions Packages Projects Releases 15 Wiki Activity
Files
054551b677fbc0b1ff305bdabb306004c95a2375
stack/.woodpecker/ci.yml
Jarvis 054551b677
Some checks failed
ci/woodpecker/push/ci Pipeline failed
Details
ci/woodpecker/pr/ci Pipeline failed
Details
ci: eliminate cold pnpm install via pre-baked CI base image (Phase 1) 
Every pipeline ran a cold pnpm install (network fetch + musl native
rebuilds + apk add python3 make g++), median ~731s, paid twice per push.

Phase 1 (no cluster access, repo commits only):
- Dockerfile.ci: node:22-alpine + python3/make/g++/postgresql-client +
  pnpm@10.6.2 + pnpm fetch to warm the store and compile natives once.
- .woodpecker/ci-image.yml: kaniko build/push of ci-base:latest + a
  lockfile-hash tag, triggered only when pnpm-lock.yaml or Dockerfile.ci
  change. Reuses the publish.yml kaniko/auth pattern.
- ci.yml + publish.yml: install from the baked ci-base:latest, drop the
  per-run apk add, use pnpm install --frozen-lockfile --prefer-offline.
- Framework monorepo template: single cached install other steps depend
  on instead of re-running npm ci across 6 steps.

Node 22->24 bump is a separate follow-up PR. Phase 2 (RWX Longhorn PVC)
is out of scope. Expected install ~731s -> ~30-60s.

Refs #634

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-22 16:42:48 -05:00

102 lines
3.2 KiB
YAML
Raw Blame History

# &node_image is the pre-baked CI base built by .woodpecker/ci-image.yml:
# node:22-alpine + python3/make/g++/postgresql-client + pnpm + a warm pnpm
# store. The install step resolves from the baked store (--prefer-offline)
# instead of paying a ~731s cold fetch + native compile every run.
variables:
- &node_image 'git.mosaicstack.dev/mosaicstack/stack/ci-base:latest'
- &enable_pnpm 'corepack enable'
when:
- event: [push, pull_request, manual]
# Turbo remote cache (turbo.mosaicstack.dev) is configured via Woodpecker
# repository-level environment variables (TURBO_API, TURBO_TEAM, TURBO_TOKEN).
# This avoids from_secret which is blocked on pull_request events.
# If the env vars aren't set, turbo falls back to local cache only.
steps:
install:
image: *node_image
commands:
- corepack enable
# python3/make/g++ are baked into ci-base; --prefer-offline resolves from
# the baked pnpm store.
- pnpm install --frozen-lockfile --prefer-offline
# Blocking gate: public framework package must contain no operator-specific
# personal data or private $HOME defaults. Runs early (no node_modules needed).
sanitization:
image: *node_image
commands:
- apk add --no-cache bash
- bash packages/mosaic/framework/tools/quality/scripts/verify-sanitized.sh
# Resident line-count ceiling over framework-owned resident files
# (Constitution + dispatcher + each RUNTIME.md slice). See DESIGN §7 / R9.
- bash packages/mosaic/framework/tools/quality/scripts/check-resident-budget.sh --self-test
- bash packages/mosaic/framework/tools/quality/scripts/check-resident-budget.sh
typecheck:
image: *node_image
commands:
- *enable_pnpm
- pnpm typecheck
depends_on:
- install
- sanitization
# lint, format, and test are independent — run in parallel after typecheck
lint:
image: *node_image
commands:
- *enable_pnpm
- pnpm lint
depends_on:
- typecheck
format:
image: *node_image
commands:
- *enable_pnpm
- pnpm format:check
depends_on:
- typecheck
test:
image: *node_image
environment:
# Avoid the namespace-level Woodpecker DB service named "postgres".
# The Kubernetes backend exposes service containers by step name.
DATABASE_URL: postgresql://mosaic:mosaic@ci-postgres:5432/mosaic
commands:
- *enable_pnpm
# postgresql-client (pg_isready) is baked into ci-base.
# Wait up to 60s for CI postgres to be ready; fail fast if it never comes up.
- |
ready=0
for i in $(seq 1 60); do
if pg_isready -h ci-postgres -p 5432 -U mosaic; then
ready=1
break
fi
echo "Waiting for ci-postgres ($i/60)..."
sleep 1
done
if [ "$ready" -ne 1 ]; then
echo "ci-postgres did not become ready" >&2
exit 1
fi
# Run migrations (DATABASE_URL is set in environment above)
- pnpm --filter @mosaicstack/db run db:migrate
# Run all tests
- pnpm test
depends_on:
- typecheck
services:
ci-postgres:
image: pgvector/pgvector:pg17
environment:
POSTGRES_USER: mosaic
POSTGRES_PASSWORD: mosaic
POSTGRES_DB: mosaic
Reference in New Issue View Git Blame Copy Permalink