Skip to content

Commit 2fb7cf5

Browse files
castrojocastrojo
authored
refactor(ci): Justfile-First pipeline — delegate YAML shell to just targets (#21)
* refactor(ci): Justfile-First pipeline — delegate YAML shell to just targets Moves all inline shell from build.yml into just recipes, shrinking build.yml from 1153 to 774 lines while keeping all CI-only concerns (SBOM, attestation, layer cache, cosign signing) in YAML. Moves e2e-install from build.yml into update-index.yml so the install test always exercises the freshly-updated gh-pages index, closing the stale-digest bug class that was previously invisible. What moved to Justfile: - install-tools-yq / install-tools-podman / install-tools-oras / install-tools - metadata app key (reads release.yaml or manifest.yaml, handles x-prefix) - _skip-arch app arch (arch exclusion check) - _repack app arch / _compile app arch (build-path helpers) - _process-oci app arch (labels + chunkah + verify) - push app arch [registry] (push to ghcr.io or localhost:5000) - push-manifest-list app [registry] (multi-arch manifest via oras) - run-test app arch (E2E install from live gh-pages index) - loop-all expanded to all 8 apps What stayed in YAML (CI-only): - cosign signing and SBOM/attestation upload - layer cache (actions/cache) - staging tags and merge-queue gating (build-complete job) - workflow_run trigger and artifact download (update-index.yml) Line counts: - build.yml: 1153 → 774 (-379 lines, target was <800 ✓) - update-index.yml: 96 → 161 (+65 lines, e2e-install job added) - Justfile: ~400 → 838 (+438 lines, all new recipes) CI evidence: run 23021287076 — all 9 jobs passed Fixes: - validate recipe $$ expansion bug (shebang-style recipe) - arch-detect in install-tools-yq and install-tools-oras (uname -m) - install just before first just call in sign-and-push/publish-manifest-list/annotate-packages - brew full path in install-tools-podman - GH_TOKEN env for push-manifest-list - oras upgraded to 1.3.1 (manifest index create added in v1.3.0) Assisted-by: Claude Sonnet 4.6 via OpenCode * fix(justfile): remove unused OCI_ARCH variable in push recipe Assisted-by: Claude Sonnet 4.6 via OpenCode
1 parent f160997 commit 2fb7cf5

File tree

4 files changed

+742
-715
lines changed

4 files changed

+742
-715
lines changed

0 commit comments

Comments
 (0)