ab6c097819
Some checks failed
CI / Lint (bash) (push) Has been cancelled
CI / Lint (markdown) (push) Has been cancelled
CI / Lint (nickel) (push) Has been cancelled
CI / Lint (nushell) (push) Has been cancelled
CI / Lint (rust) (push) Has been cancelled
CI / Code Coverage (push) Has been cancelled
CI / Test (macos-latest) (push) Has been cancelled
CI / Test (ubuntu-latest) (push) Has been cancelled
CI / Test (windows-latest) (push) Has been cancelled
CI / Build (macos-latest) (push) Has been cancelled
CI / Build (ubuntu-latest) (push) Has been cancelled
CI / Build (windows-latest) (push) Has been cancelled
CI / Benchmark (push) Has been cancelled
CI / Security Audit (push) Has been cancelled
CI / License Compliance (push) Has been cancelled
Woodpecker CI Configuration
Pipelines for Gitea/Forgejo + Woodpecker CI.
Files
CI Pipeline
ci.yml- Main CI pipeline (push, pull requests)ci-advanced.yml- Advanced CI with multi-OS matrix, coverage, benchmarks
Release Pipelines
release.yml- Basic release (Linux only, no Docker)release-advanced.yml- Advanced release (multi-OS, Gitea API, auto-upload)release-docker.yml- Docker-based release (uses .woodpecker/Dockerfile.cross)
Docker Images
CI Images (pre-install tools, speed up CI ~5min):
Dockerfile- Original (2.47GB, ❌ too large)Dockerfile.optimized- Multi-stage build (~800MB)Dockerfile.alpine- Alpine-based (~400MB, smallest)Dockerfile.prebuilt- Pre-compiled binaries (1.68GB, 3min build, recommended)Dockerfile.minimal- Prebuilt without nu (~1.6GB, 2min build, fastest)
Build Images:
Dockerfile.cross- Cross-compilation image for multi-platform builds
Setup
1. Activate Woodpecker CI
Enable Woodpecker CI in your Gitea/Forgejo repository settings.
2. (Optional) Build Custom Image
Speeds up CI by pre-installing tools (~5 min faster per run).
Five Dockerfile options available:
| Dockerfile | Size | Build Time | Tools | Use Case |
|---|---|---|---|---|
Dockerfile |
2.47GB | ~20 min | All + cargo cache | ❌ Too large (original) |
Dockerfile.optimized |
~800MB | ~15 min | All (multi-stage) | ✅ Multi-stage, Debian-based |
Dockerfile.alpine |
~400MB | ~12 min | All (Alpine) | ✅ Alpine-based, smallest |
Dockerfile.prebuilt |
1.68GB | ~3 min | All (cargo-binstall) | ✅ Pre-compiled binaries, fastest |
Dockerfile.minimal |
~1.6GB | ~2 min | All except nu | ✅ Fastest + smallest (no nushell lint) |
Recommended: Use Dockerfile.prebuilt (fastest builds, all tools)
For minimal size: Use Dockerfile.minimal if you can skip nushell linting (saves 46MB + 1min build)
# Build optimized image (choose one)
docker build -t your-registry/typedialog-ci:latest -f .woodpecker/Dockerfile.prebuilt .
# Or for smallest size (Alpine)
docker build -t your-registry/typedialog-ci:alpine -f .woodpecker/Dockerfile.alpine .
# Push to your registry
docker push your-registry/typedialog-ci:latest
# Update .woodpecker/ci.yml and ci-advanced.yml
# Change: image: rust:latest
# To: image: your-registry/typedialog-ci:latest
```text
**Size comparison breakdown**:
```text
Original (Dockerfile):
Base Debian + buildtools: 1.6GB
Rust toolchain: 538MB
cargo install (5 tools): 823MB (includes cargo cache)
--------------------------------
TOTAL: 2.47GB
Optimized (Dockerfile.prebuilt):
Base Rust slim: 400MB
Runtime deps: 60MB
Binaries only: 140MB (no cargo cache)
--------------------------------
TOTAL: ~600MB
```text
### 3. Secrets Configuration
Configure these secrets in Gitea/Forgejo repository settings:
- `GITEA_TOKEN` - Gitea/Forgejo API token (for auto-creating releases)
- `CARGO_TOKEN` - crates.io token (optional, for publishing to crates.io)
- `SONAR_TOKEN` - SonarQube token (optional, for ci-advanced.yml coverage)
**To create a Gitea token**:
1. Go to Settings → Applications → Manage Access Tokens
2. Create token with scopes: `write:repository`, `write:issue`
3. Add as secret `GITEA_TOKEN` in repository settings
### 4. Docker Access (for release-docker.yml)
The `release-docker.yml` pipeline requires access to Docker socket. Configure in Woodpecker server:
**Option A: Privileged mode** (simpler, less secure):
```yaml
# In Woodpecker server config
WOODPECKER_BACKEND_DOCKER_ENABLE_PRIVILEGED: true
```text
**Option B: Volume mount** (recommended):
Already configured in pipeline via:
```yaml
volumes:
- /var/run/docker.sock:/var/run/docker.sock
```text
Ensure Woodpecker agent has permission to access Docker socket.
## Pipelines
### CI Pipeline (`ci.yml`)
**Triggers**: Push to `main`/`develop`, Pull Requests
**Jobs**:
1. Lint (Rust, Bash, Nickel, Nushell, Markdown) - Parallel
2. Test (all features)
3. Build (release)
4. Security audit
5. License compliance check
**Duration**: ~15-20 minutes (without custom image), ~10-15 minutes (with custom image)
### Release Pipelines
All release pipelines trigger on Git tags `v*` (e.g., `v0.1.0`).
#### Option 1: Basic Release (`release.yml`)
**Use case**: Simple Linux-only releases, no Docker required
**Platforms**: x86_64-unknown-linux-gnu only
**Artifacts**:
- `typedialog-${VERSION}-x86_64-linux.tar.gz`
- `typedialog-${VERSION}-x86_64-linux.tar.gz.sha256`
- `sbom-spdx.json`, `sbom-cyclonedx.json`
**Duration**: ~20-25 minutes
#### Option 2: Advanced Release (`release-advanced.yml`)
**Use case**: Multi-platform builds with auto-upload to Gitea
**Platforms**: 5 targets (Linux x86_64/aarch64, macOS x86_64/aarch64, Windows x86_64)
**Features**:
- Auto-creates Gitea release via API
- Matrix builds with `cross` tool
- Auto-uploads all artifacts to release
- Optional crates.io publishing
**Requirements**: `GITEA_TOKEN` secret
**Duration**: ~30-40 minutes (parallel builds)
#### Option 3: Docker-based Release (`release-docker.yml`)
**Use case**: Consistent builds using existing .woodpecker/Dockerfile.cross
**Platforms**: 5 targets (same as advanced)
**Features**:
- Uses project's `.woodpecker/Dockerfile.cross` for reproducible builds
- Includes BUILD_INFO.json manifest
- Auto-creates Gitea release and uploads artifacts
- Optional crates.io publishing
**Requirements**:
- `GITEA_TOKEN` secret
- Docker socket access (see Setup section)
**Duration**: ~35-45 minutes (includes Docker builds)
**Comparison**:
| Feature | Basic | Advanced | Docker-based |
|---------|-------|----------|--------------|
| Platforms | 1 (Linux x86_64) | 5 | 5 |
| Gitea API | ❌ Manual | ✅ Auto | ✅ Auto |
| Docker required | ❌ | ❌ | ✅ |
| Build method | cargo | cross CLI | .woodpecker/Dockerfile.cross |
| Consistency | Standard | Standard | High (containerized) |
| Manifest | ❌ | ❌ | ✅ BUILD_INFO.json |
## Differences from GitHub Actions
| Feature | GitHub Actions | Woodpecker CI |
|---------|---------------|---------------|
| Matrix builds | ✅ 3 OS | ❌ Linux only* |
| Coverage | ✅ Codecov | ❌ Not configured |
| Benchmarks | ✅ On PRs | ❌ Not configured |
| Caching | ✅ Built-in | ⚠️ Server-side** |
| SBOM | ✅ Auto-upload | ⚠️ Manual*** |
\* Multi-OS builds require multiple Woodpecker agents
\*\* Configure in Woodpecker server settings
\*\*\* Manual upload to Gitea/Forgejo releases
## Triggering Pipelines
```bash
# CI pipeline (automatic on push/PR)
git push origin main
# Release pipeline (manual tag)
git tag v0.1.0
git push origin v0.1.0
```text
**Selecting Release Pipeline**:
By default, all three release pipelines will trigger on tags. To use only one:
1. **Rename the pipeline you want to use** to `release.yml`
2. **Rename others** to `.release-*.yml.disabled` (Woodpecker ignores these)
Example:
```bash
# Use Docker-based release only
mv .woodpecker/release.yml .woodpecker/.release-basic.yml.disabled
mv .woodpecker/release-advanced.yml .woodpecker/.release-advanced.yml.disabled
mv .woodpecker/release-docker.yml .woodpecker/release.yml
```text
Or configure in Woodpecker UI to enable/disable specific pipelines.
## Viewing Results
- **Gitea/Forgejo**: Repository → Actions → Pipeline runs
- **Woodpecker UI**: https://your-woodpecker.instance/repos/{user}/{repo}