Add Forgejo CI/CD: auto-build and publish xetup.exe on push

- Forgejo Actions workflow: builds Windows x64 exe on push to main - Runner config: golang:1.24-alpine container on xetup Docker network - docker-compose.yml: runner with docker socket + config mount - nginx: /dl shortlink + /forgejo-api proxy for landing page Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-16 12:07:02 +02:00 · 2026-04-16 12:07:02 +02:00 · 7976ae7b62
commit 7976ae7b62
parent 7850ee7f28
6 changed files with 101 additions and 2 deletions
--- a/.forgejo/workflows/release.yml
+++ b/.forgejo/workflows/release.yml
@ -0,0 +1,74 @@
+name: release
+
+on:
+  push:
+    branches: [main]
+    paths:
+      - '**.go'
+      - 'go.mod'
+      - 'go.sum'
+      - 'scripts/**'
+      - 'assets/**'
+      - 'embed.go'
+      - '.forgejo/workflows/release.yml'
+
+jobs:
+  build-and-release:
+    # Runner label 'ubuntu-latest' maps to golang:1.23-alpine container (see runner config)
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: sh
+        working-directory: /repo
+
+    steps:
+      - name: Setup
+        working-directory: /
+        run: |
+          apk add --no-cache git curl jq
+          git clone --depth=1 \
+            "http://x9:${{ secrets.FORGEJO_TOKEN }}@xetup-forgejo:3000/${{ github.repository }}.git" \
+            /repo
+          cd /repo
+          git checkout "${{ github.sha }}"
+
+      - name: Build xetup.exe
+        run: |
+          GOOS=windows GOARCH=amd64 go build -ldflags="-s -w" -o xetup.exe ./cmd/xetup/
+          echo "Built: $(ls -lh xetup.exe | awk '{print $5}')"
+
+      - name: Publish latest release
+        env:
+          TOKEN: ${{ secrets.FORGEJO_TOKEN }}
+          API:   http://xetup-forgejo:3000/api/v1
+          REPO:  ${{ github.repository }}
+        run: |
+          SHORT=$(echo "${{ github.sha }}" | cut -c1-7)
+
+          # Delete existing 'latest' release and tag to recreate cleanly
+          RID=$(curl -sf -H "Authorization: token $TOKEN" \
+            "$API/repos/$REPO/releases/tags/latest" | jq -r '.id // empty')
+          if [ -n "$RID" ]; then
+            curl -sf -X DELETE -H "Authorization: token $TOKEN" \
+              "$API/repos/$REPO/releases/$RID" || true
+          fi
+          curl -sf -X DELETE -H "Authorization: token $TOKEN" \
+            "$API/repos/$REPO/tags/latest" || true
+
+          # Create new 'latest' release
+          RID=$(curl -sf -X POST \
+            -H "Authorization: token $TOKEN" \
+            -H "Content-Type: application/json" \
+            "$API/repos/$REPO/releases" \
+            -d "{\"tag_name\":\"latest\",\"name\":\"latest\",\"body\":\"Auto-built from ${SHORT}\",\"prerelease\":true}" \
+            | jq -r '.id')
+
+          # Upload xetup.exe
+          curl -sf -X POST \
+            -H "Authorization: token $TOKEN" \
+            -H "Content-Type: application/octet-stream" \
+            "$API/repos/$REPO/releases/$RID/assets?name=xetup.exe" \
+            --data-binary @xetup.exe
+
+          echo "Released xetup.exe (commit ${SHORT})"
+
--- a/cmd/xetup/main.go
+++ b/cmd/xetup/main.go
@ -67,3 +67,4 @@ func main() {
 		log.Fatalf("TUI error: %v", err)
 	}
 }
+// build 1776332628
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -38,6 +38,8 @@ services:
    image: code.forgejo.org/forgejo/runner:6.3.1
    container_name: xetup-runner
    restart: unless-stopped
+    entrypoint: ["/bin/sh", "-c", "forgejo-runner daemon --config /etc/runner/config.yml"]
+    user: "0:996"    # root:docker - needed for /var/run/docker.sock access
    depends_on:
      - forgejo
    environment:
@ -45,6 +47,7 @@ services:
    volumes:
      - runner-data:/data
      - /var/run/docker.sock:/var/run/docker.sock
+      - ./runner-config.yml:/etc/runner/config.yml:ro
    networks:
      - xetup

--- a/runner-config.yml
+++ b/runner-config.yml
@ -0,0 +1,21 @@
+log:
+  level: debug
+
+runner:
+  file: /data/.runner
+  capacity: 1
+  timeout: 3h
+  fetch_timeout: 5s
+  fetch_interval: 2s
+  report_interval: 1s
+
+cache:
+  enabled: true
+
+container:
+  network: xetup
+  privileged: false
+  valid_volumes:
+    - '**'
+  docker_host: "-"
+  force_pull: false
--- a/web/nginx.conf
+++ b/web/nginx.conf
@ -14,9 +14,9 @@ server {
        add_header X-Content-Type-Options nosniff always;
    }

-    # Permanent shortlink to latest xetup.exe – update on each release
+    # Permanent shortlink to latest xetup.exe – never needs updating
    location = /dl {
-        return 302 https://git.xetup.x9.cz/x9/xetup/releases/download/v0.1.0/xetup.exe;
+        return 302 https://git.xetup.x9.cz/x9/xetup/releases/download/latest/xetup.exe;
    }

    # Proxy Forgejo API calls so browser doesn't need CORS or direct access to Forgejo
--- a/xetup.exe
+++ b/xetup.exe