Some checks failed
ci/woodpecker/push/build Pipeline was canceled
Adopt the documented owned-app deploy model (infra CLAUDE.md, ref tuya_bridge/.woodpecker.yml): build.yml now tags the image with the 8-char commit SHA (alongside :latest) and adds a `deploy` step that `kubectl set image`s the deployment to that SHA tag + waits for rollout. A unique SHA tag forces a fresh pull under the deployment's imagePullPolicy: IfNotPresent (a re-pushed :latest would not). The woodpecker-agent SA is cluster-admin so the in-cluster kubectl needs no kubeconfig; Keel stays enrolled as a redundant net. Also stop deploy.yml firing on push: it's a manual-only targeted-deploy tool now. Its IMAGE_TAG-absent exit-78 used to mark the whole push pipeline red (build.yml + deploy.yml are workflows in one pipeline run), masking real build/deploy status. Removes the manual deploy step the recall fix required. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
84 lines
2.8 KiB
YAML
84 lines
2.8 KiB
YAML
when:
|
|
event: push
|
|
branch: [main, master]
|
|
|
|
clone:
|
|
git:
|
|
image: woodpeckerci/plugin-git
|
|
settings:
|
|
attempts: 5
|
|
backoff: 10s
|
|
|
|
steps:
|
|
- name: test
|
|
image: python:3.12-slim
|
|
# The woodpecker ns LimitRange defaults containers to a 256Mi memory limit.
|
|
# `uv sync` + mypy over fastapi/pydantic/sqlalchemy needs far more, so the
|
|
# step was OOM-killed (exit 137) on every run since the 2026-05-07 Forgejo
|
|
# switch — repo never built. Pin explicit memory so it never OOMs again.
|
|
backend_options:
|
|
kubernetes:
|
|
resources:
|
|
requests:
|
|
cpu: 500m
|
|
memory: 1Gi
|
|
limits:
|
|
memory: 2Gi
|
|
commands:
|
|
- pip install --no-cache-dir uv
|
|
- uv sync --all-extras
|
|
- uv run ruff check src/ tests/
|
|
- uv run mypy src/claude_memory/
|
|
- uv run pytest tests/ -v --tb=short
|
|
|
|
- name: build-and-push
|
|
image: woodpeckerci/plugin-docker-buildx
|
|
depends_on:
|
|
- test
|
|
# buildx + image export also exceeds the 256Mi ns default; give it room.
|
|
backend_options:
|
|
kubernetes:
|
|
resources:
|
|
requests:
|
|
cpu: 500m
|
|
memory: 1Gi
|
|
limits:
|
|
memory: 2Gi
|
|
settings:
|
|
# Phase 4 of forgejo-registry-consolidation 2026-05-07 — Forgejo only.
|
|
# The DockerHub mirror stays as the public-facing release target via
|
|
# the GitHub `release.yml` workflow (still enabled), but the cluster
|
|
# pulls from Forgejo (infra/stacks/claude-memory/main.tf flipped 2026-05-07).
|
|
repo:
|
|
- forgejo.viktorbarzin.me/viktor/claude-memory-mcp
|
|
logins:
|
|
- registry: forgejo.viktorbarzin.me
|
|
username:
|
|
from_secret: forgejo_user
|
|
password:
|
|
from_secret: forgejo_push_token
|
|
dockerfile: docker/Dockerfile
|
|
context: .
|
|
# Tag :latest AND the 8-char commit SHA. The SHA tag is what the deploy
|
|
# step pins — a unique tag forces a fresh pull under the deployment's
|
|
# imagePullPolicy: IfNotPresent (a re-pushed :latest would not).
|
|
tags:
|
|
- "latest"
|
|
- "${CI_COMMIT_SHA:0:8}"
|
|
platforms:
|
|
- linux/amd64
|
|
|
|
- name: deploy
|
|
image: bitnami/kubectl:latest
|
|
depends_on:
|
|
- build-and-push
|
|
when:
|
|
branch: [main, master]
|
|
event: [push, manual]
|
|
# Owned-app deploy model (infra CLAUDE.md): the build pipeline drives the
|
|
# rollout, so a push self-deploys — no manual `kubectl set image`. The
|
|
# woodpecker-agent SA is cluster-admin, so the in-cluster kubectl needs no
|
|
# kubeconfig. Keel stays enrolled as a redundant net.
|
|
commands:
|
|
- "kubectl set image deployment/claude-memory claude-memory=forgejo.viktorbarzin.me/viktor/claude-memory-mcp:${CI_COMMIT_SHA:0:8} -n claude-memory"
|
|
- "kubectl rollout status deployment/claude-memory -n claude-memory --timeout=300s"
|