First steps in Gitea Actions

.drone.yml

@@ -1,132 +0,0 @@
-kind: secret
-name: mastodon_access_token
-get:
-  path: mastodon-creds
-  name: access_token
----
-kind: pipeline
-name: hello-world
-type: docker
-
-platform:
-  os: linux
-  arch: arm64
-
-
-steps:
-  - name: block-posts-containing-tk
-    image: busybox
-    commands:
-#      # This is necessary because, if `grep ...` doesn't find anything, it will _return_ (not print) a value of 1
-#      # (non-zero return codes indicating errors in Unix - since there are many more ways for something to go wrong
-#      # than there are for it to go right!), and so the `files=` assignment will also return 1, and the whole operation
-#      # will be considered a failure.
-#      #
-#      # Since a non-zero value is truthy in Linux, we can use the OR operator (`||`) to only execute the second command
-#      # if the first one errors out. So, this line can be translated to English as:
-#      # "Set the variable `files` to a list of all the files that contain `TK` - unless there aren't any, in which case
-#      # set it to `FILES NOT FOUND"
-      - files=$(grep -rl 'TK' blog/content/posts || echo "FILES NOT FOUND")
-#      # We have to filter out (`grep -v`) the "marker" value of `FILES NOT FOUND`, otherwise the no-matches case would
-#      # be recorded as having 1 matching file, leading to an error-out below.
-#      # (I guess _technically_ there's an edge case in that, if I ever make a blog post titled "FILES NOT FOUND" _which also_
-#      # contains the string `TK`, it would slip through this check. But that feels pretty unlikely - not least because spaces
-#      # are very rare in my filesystem names - so I'm ok taking that risk)
-      - count=$(wc -l <(echo "$files" | grep -v "FILES NOT FOUND") | awk '{print $1}')
-      - if [[ "$count" -gt "0" ]]; then
-      -   echo "Found TK in $count files:"
-      -   echo $files
-      -   exit 1 # TODO - and alerting via Matrix!
-      - fi
-  - name: build-blog
-    image: alpine
-    # Very unlikely to need updates, and pulling images seems slow on this setup -
-    # can manually reset this if necessary
-    pull: if-not-exists
-    commands:
-      # I considered caching this install in a pre-built image in registry,
-      # but the install seems pretty quick!
-      - apk update
-      - apk add hugo git
-      - git submodule init
-      - git submodule update --recursive
-      - hugo --source blog
-  - name: docker-build-and-push
-    image: thegeeklab/drone-docker-buildx # Absurd that this isn't offered as first-party!
-    privileged: true
-    settings:
-      registry: gitea.scubbo.org
-      username: scubbo
-      password:
-        from_secret: gitea_password
-      repo: gitea.scubbo.org/scubbo/blog_helm
-      tags:
-        - ${DRONE_COMMIT_SHA:0:10}
-      platforms:
-        - linux/arm64
-        - linux/amd64
-  - name: auto-update-infra-repo
-    image: gitea.scubbo.org/scubbo/auto-repo-update-drone-plugin:latest
-    settings:
-      branch: main
-      git_repo: https://gitea.scubbo.org/scubbo/blog-infrastructure
-      image_tag: ${DRONE_COMMIT_SHA:0:10}
-      destination_file: helm/deployed-images/prod
-      author_email: scubbojj@gmail.com
-      author_name: Jack Jackson
-      commit_message: "[Auto] Update Prod to ${DRONE_COMMIT_SHA:0:10}"
-      access_token:
-        from_secret: gitea_pat
-  - name: update-argo
-    image: curlimages/curl
-    environment:
-      ARGO_TOKEN:
-        from_secret: argo_token
-    commands:
-      - "curl -sS -X POST \"argo-cd-argocd-server.argo.svc.cluster.local/api/v1/applications/blog-infrastructure/sync\" -H \"Authorization: Bearer ${ARGO_TOKEN}\" -H \"Content-Type: application/json\""
-  - name: purge-cache
-    image: curlimages/curl
-    environment:
-      CLOUDFLARE_TOKEN:
-        from_secret: cloudflare_token
-    commands:
-      - "curl -sS -X POST \"https://api.cloudflare.com/client/v4/zones/c86d55d225ed973d5da45239beac2f99/purge_cache\" -H \"Authorization: Bearer ${CLOUDFLARE_TOKEN}\" -H \"Content-Type:application/json\" -d '{\"files\":[\"https://blog.scubbo.com\"]}'"
-  - name: telegram_notification
-    image: appleboy/drone-telegram
-    when:
-      status:
-        - failure
-        - success
-    settings:
-      token:
-        from_secret: telegram_token
-      to:
-        from_secret: telegram_convo_id
-  # TODO - parse the file itself to a) extract title, and b) not post if it's a draft post (or, conversely, post if it's
-  # a draft that's been published - which would require changing the "is new file" logic)
-  - name: mastodon_post
-    image: alpine
-    environment:
-      MASTODON_TOKEN:
-        from_secret: mastodon_access_token
-    commands:
-      - apk add curl git perl
-      - "ADDED_FILES=$(git show --name-status --pretty=format: HEAD | grep '^A' | awk '{print $2}')"
-      - if [[ "$( echo -n $ADDED_FILES | grep -c '^')" -ne 1 ]]; then
-      -   echo "Non-single file added"
-      - "  echo \"(DEBUG: $ADDED_FILES)\""
-      -   return
-      - fi
-      - NEW_FILE=$(echo $ADDED_FILES | head -n1)
-      - echo "New File is $NEW_FILE"
-      - if ! [[ "$NEW_FILE" =~ ^blog/content/posts/.*  ]]; then
-      -   echo "Sole added file was not a blog post";
-      -   return;
-      - fi
-      # Debug - checking value
-      - echo $MASTODON_TOKEN | perl -pe 's/(.)/$1:/g'
-      # TODO - parameterize hostname
-      - BLOG_URL=$(echo "$NEW_FILE" | perl -pe 's|blog/content|https://blog.scubbo.org|' | perl -pe 's/\.md$//')
-      - echo $BLOG_URL
-      - "curl -v https://fosstodon.org/api/v1/statuses -H \"Authorization: Bearer $MASTODON_TOKEN\" -F \"status=I just blogged! Check it out at $BLOG_URL\""
-      - echo "Another command to give some extra output"

.gitea/workflows/publish.yaml

@@ -0,0 +1,19 @@
+name: Gitea Actions Demo
+run-name: ${{ gitea.actor }} is testing out Gitea Actions 🚀
+on: [push]
+
+jobs:
+  Explore-Gitea-Actions:
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo "🎉 The job was automatically triggered by a ${{ gitea.event_name }} event."
+      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by Gitea!"
+      - run: echo "🔎 The name of your branch is ${{ gitea.ref }} and your repository is ${{ gitea.repository }}."
+      - name: Check out repository code
+        uses: actions/checkout@v4
+      - run: echo "💡 The ${{ gitea.repository }} repository has been cloned to the runner."
+      - run: echo "🖥️ The workflow is now ready to test your code on the runner."
+      - name: List files in the repository
+        run: |
+          ls ${{ gitea.workspace }}
+      - run: echo "🍏 This job's status is ${{ job.status }}."

blog/content/posts/weeknotes-the-first.md

@@ -79,7 +79,7 @@ Anyway - this is well-trodden ground, and I'm sure you can sketch out the next f
 
 ## Gitea Actions and Helm
 
-I've been meaning to migrate away from Drone as my CI/CD provider for a while now. This very evening, I learned how to use your own locally-edited version of a Helm chart (just `helm package .` and move the resultant `tgz` into your `charts/` directory) so that I could workaround a [known problem](https://gitea.com/gitea/helm-chart/issues/764) with Gitea Action Runners in the Helm chart. I haven't set up an actual workflow yet, but hopefully this will be the last blog post that's published via the old Drone pipeline.
+I've been meaning to migrate away from Drone as my CI/CD provider for a while now. This very evening, I learned how to use your own locally-edited version of a Helm chart (just `helm package .` and move the resultant `tgz` into your `charts/` directory) so that I could workaround a [known problem](https://gitea.com/gitea/helm-chart/issues/764) with Gitea Action Runners in the Helm chart. I haven't set up an actual workflow yet, but hopefully this will be the last blog post that's published via the old Drone pipeline[^gitea-actioned].
 
 # What I'd like to do
 
@@ -94,3 +94,4 @@ I've been meaning to migrate away from Drone as my CI/CD provider for a while no
 [^untrustworthy]: I particularly appreciated the recognition that "_a lot of better informed people have sworn off LLMs entirely because they can’t see how anyone could benefit from a tool with so many flaws. The key skill in getting the most out of LLMs is learning to work with tech that is both inherently unreliable and incredibly powerful at the same time. This is a decidedly non-obvious skill to acquire!_"
 [^writing-to-think]: in fact that would entirely defeat the purpose of "_writing in order to figure out what you think_". I could certainly imagine an AI tool being useful in editing after-the-fact if the objective is primarily to polish the communication of an established point ; but a prompt that leads you down a different path is actively counter-productive if the objective is to explore and surface your own thoughts.
 [^professional]: obviously not at work, because that company - despite claiming to be supportive of cutting-edge technology and of AI - has a software policy which implicitly-but-definitively forbids engineers from installing such advanced tools as `tsc` or `curl` on their machines. Lawyers, man...
+[^gitea-actioned]: if you can see this footnote, this diff was published via Gitea Actions! :)