steve/restic-manager
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases 1 Wiki Activity

ci+infra: provisioning script for gitea runners + drop setup-go cache

Browse Source 
scripts/provision-gitea-runner.sh is a one-shot, idempotent host
setup for an act_runner LXC. It mounts persistent host volumes for
GOMODCACHE / GOCACHE / act-clones, pre-pulls the runner image,
pre-clones the common GitHub actions, installs golangci-lint, and
sets up a nightly cron to refresh the lot. Generic — no per-project
state.

With those persistent volumes in place, `cache: true` on
actions/setup-go becomes a net negative — the action keeps tar-ing /
un-tar-ing GOMODCACHE+GOCACHE through the Gitea cache backend on
every job, adding ~10s per job and overwriting the volume contents.
Drop it from all three jobs in ci.yml. Add a header comment block
explaining the runner-side expectations and the Go version / build
matrix / upload-artifact context for anyone reading later.
This commit is contained in:
Steve Cliff
2026-05-04 09:40:27 +01:00
parent 2ba2c9c7db
commit bd460d7532
2 changed files with 373 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/ci.yml
+46 -4
View File
@@ -1,3 +1,46 @@
# CI workflow — runs on every PR into main.
#
# Notes for anyone editing this file:
#
# Self-hosted runner expectations
# The Gitea runners are provisioned via scripts/provision-gitea-runner.sh.
# That script bind-mounts persistent host volumes for /root/go/pkg/mod
# (GOMODCACHE), /root/.cache/go-build (GOCACHE), and /root/.cache/act
# (action clones) into every job container. As a result:
# * `cache: true` on actions/setup-go is intentionally OMITTED — the
# action would otherwise tar/untar GOMODCACHE+GOCACHE through the
# Gitea cache backend on every job, undoing the host-volume cache
# and adding ~10s of redundant zstd round-trip per job.
# * Common GitHub actions (actions/checkout, actions/setup-go,
# actions/upload-artifact, golangci/golangci-lint-action) are
# pre-cloned into /root/.cache/act on the runner, so the per-job
# "git clone https://github.com/actions/..." step is a fetch, not
# a full clone.
# * golangci-lint is pre-installed at /usr/local/bin/golangci-lint
# on the runner (latest v2.x). The golangci-lint-action below
# still pins a specific version and re-downloads — that's fine
# (deterministic CI > marginal speed) but means the host-installed
# binary is currently unused. Drop the `version:` arg below to
# use the host-installed one if you want to trade determinism
# for speed.
#
# Build matrix
# Linux amd64 + arm64 + Windows amd64. CGO_ENABLED=0 throughout —
# modernc.org/sqlite is pure-Go so no cross-compile toolchain is
# needed. -trimpath + -ldflags="-s -w" for reproducible, smaller
# binaries.
#
# Go version
# The GO_VERSION env var anchors all three jobs. Floor is set by the
# heaviest dep (modernc.org/sqlite v1.50+ requires Go 1.23+ today;
# we run 1.25 so golangci-lint's Go-version compatibility check is
# happy — see the version pin in the lint job).
#
# upload-artifact
# Pinned at v3 historically; v3 was deprecated upstream. v4 should
# work but hasn't been validated against this runner's act_runner
# version yet. Bump when convenient.
name: CI
on:
@@ -5,7 +48,6 @@ on:
branches: [main]
env:
# Floor is set by the heaviest dep (modernc.org/sqlite v1.50+).
GO_VERSION: "1.25"
jobs:
@@ -17,7 +59,7 @@ jobs:
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache: true
# cache: true intentionally omitted — see header notes.
- name: go vet
run: go vet ./...
- name: go test
@@ -33,7 +75,7 @@ jobs:
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache: true
# cache: true intentionally omitted — see header notes.
- uses: golangci/golangci-lint-action@v7
with:
# Must be built against the same Go release as go.mod targets,
@@ -63,7 +105,7 @@ jobs:
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
cache: true
# cache: true intentionally omitted — see header notes.
- name: build server + agent
env:
GOOS: ${{ matrix.goos }}