CI/CD Infrastructure¶

AC/DC uses Forgejo Actions with native shell runners for continuous integration and deployment.

Overview¶

┌─────────────────────────────────────────────────────────────────────┐
│                        CI/CD Pipeline                                │
├─────────────────────────────────────────────────────────────────────┤
│                                                                      │
│  ┌─────────┐     ┌─────────┐     ┌─────────┐     ┌─────────┐        │
│  │  Push   │ ──► │  Build  │ ──► │  Test   │ ──► │ Deploy  │        │
│  └─────────┘     └─────────┘     └─────────┘     └─────────┘        │
│       │               │               │               │              │
│       │               │               │               │              │
│       ▼               ▼               ▼               ▼              │
│  ┌─────────────────────────────────────────────────────────┐        │
│  │                    Radicle Sync                          │        │
│  └─────────────────────────────────────────────────────────┘        │
│                                                                      │
└─────────────────────────────────────────────────────────────────────┘

Runner Configuration¶

Native Runner¶

CI jobs execute directly on the CI Runner server (no Docker containers):

Property	Value
Runner Type	Native shell
Server	ci.ac-dc.network (10.106.0.3)
User	devops
Labels	`native`
Work Directory	`/home/devops/working-repos/`

Available Tools¶

Pre-installed on the CI Runner: - Rust: rustc, cargo (with nightly toolchain) - Node.js: node, npm, pnpm, bun - Python: python3, pip - Aleo: snarkos, leo (for ALPHA chain contracts) - Git: Full git tooling - Radicle: rad CLI

Workflow Structure¶

Standard Rust Project¶

name: CI

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

concurrency:
  group: ci-${{ github.ref }}
  cancel-in-progress: true

jobs:
  build:
    runs-on: native
    steps:
      - uses: actions/checkout@v4

      - name: Build
        run: cargo build --release

      - name: Test
        run: cargo test

      - name: Clippy
        run: cargo clippy -- -D warnings

  radicle-sync:
    runs-on: native
    needs: [build]
    if: github.ref == 'refs/heads/main'
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
          path: forgejo-src

      - name: Sync to Radicle
        run: |
          export PATH=$HOME/.radicle/bin:$PATH
          RID="rad:YOUR_REPO_ID"
          # ... sync logic ...

      - name: Sync to network via source server
        run: |
          $HOME/radicle-full-sync.sh "rad:YOUR_REPO_ID"

Standard Node.js Project¶

jobs:
  build:
    runs-on: native
    steps:
      - uses: actions/checkout@v4

      - name: Install dependencies
        run: pnpm install

      - name: Build
        run: pnpm build

      - name: Test
        run: pnpm test

ADL Contract Project¶

jobs:
  build:
    runs-on: native
    steps:
      - uses: actions/checkout@v4

      - name: Build contracts
        run: |
          for contract in contracts/*/; do
            cd "$contract"
            leo build
            cd ../..
          done

      - name: Test contracts
        run: |
          for contract in contracts/*/; do
            cd "$contract"
            leo test
            cd ../..
          done

CI Dashboard¶

Access¶

URL: http://source.ac-dc.network:8081
No authentication required (internal network)

Features¶

Real-time build status for all repositories
Forgejo-Radicle sync status comparison
Build history and logs
Webhook status

API Endpoints¶

# Get all repos with CI and sync status
curl http://source.ac-dc.network:8081/api/repos

# Get CI status for specific repo
curl http://source.ac-dc.network:8081/api/ci/REPO_NAME

# Get sync status
curl http://source.ac-dc.network:8081/api/sync/REPO_NAME

Best Practices¶

Workflow Design¶

Use concurrency groups to prevent overlapping runs
Keep jobs focused - separate build, test, and deploy
Use needs for job dependencies
Radicle sync should be last - only after tests pass

Resource Management¶

Clean up artifacts - use if: always() cleanup steps
Limit parallel jobs - native runner has finite resources
Cache dependencies when possible

Security¶

Never commit secrets - use Forgejo secrets
Pin action versions - actions/checkout@v4 not @main
Validate inputs - especially for deployment workflows

Troubleshooting¶

Build Fails: "Command not found"¶

Check if the tool is installed on the runner:

ssh -p 2584 devops@ci.ac-dc.network "which TOOL"

Build Hangs¶

Check for interactive prompts or blocking operations: - Ensure all commands are non-interactive - Add timeouts to long-running steps

Radicle Sync Fails¶

See Radicle Sync Architecture for troubleshooting.

Disk Space Issues¶

The CI runner has limited disk space. Clean up old artifacts:

ssh -p 2584 devops@ci.ac-dc.network "/home/devops/cleanup-tmp-radicle.sh"

Adding CI to a New Repository¶

Create .forgejo/workflows/ci.yml (or sync.yml for docs repos)
Add the repository to the CI dashboard configuration
Set up Radicle tracking: rad track RID
Push to trigger first CI run
Verify sync status on dashboard

Radicle ID Assignment¶

New repositories need a Radicle ID. Initialize with:

cd REPO
rad init --name "repo-name" --description "Description"

The RID will be output. Use this in your CI workflow.