A .builds/e2e.yml => .builds/e2e.yml +36 -0
@@ 0,0 1,36 @@
+# End-to-end tests against a real Garage container via testcontainers-go.
+# Requires Docker on the build VM, which is why this is split from unit.yml.
+# Pulls dxflrs/garage:v2.3.0 (~150 MB) once per build then runs ~6 subtests
+# each against a fresh container — total ~30s after the image pull.
+image: ubuntu/noble
+packages:
+ - curl
+ - ca-certificates
+ - docker.io
+sources:
+ - https://git.srht.bigb.es/~bigbes/ci-cacher
+environment:
+ GO_VERSION: "1.26.3"
+ PATH: /home/build/.local/go/bin:/home/build/.local/bin:/usr/local/bin:/usr/bin:/bin
+submitter:
+ git.sr.ht:
+ enabled: true
+ allow-refs:
+ - refs/heads/master
+ - "refs/tags/*"
+tasks:
+ - install_go: |
+ GO_TARBALL="go${GO_VERSION}.linux-amd64.tar.gz"
+ mkdir -p ~/.local
+ curl -sSL "https://go.dev/dl/$GO_TARBALL" -o "/tmp/$GO_TARBALL"
+ tar -xz -C ~/.local -f "/tmp/$GO_TARBALL"
+ rm "/tmp/$GO_TARBALL"
+ go version
+ - docker_start: |
+ sudo systemctl start docker
+ sudo usermod -aG docker build
+ sudo chmod 666 /var/run/docker.sock
+ docker version
+ - test_e2e: |
+ cd ci-cacher
+ go test -tags=e2e -timeout=10m -v ./...
A .builds/publish.yml => .builds/publish.yml +73 -0
@@ 0,0 1,73 @@
+# Publish a linux-amd64 binary on every tag push. Two destinations:
+#
+# 1. Build artifact (cacher-linux-amd64 visible on the job page,
+# pruned by builds.sr.ht after 90 days).
+#
+# 2. pages.sr.ht under cacher.srht.bigb.es so downstream projects
+# can `wget https://cacher.srht.bigb.es/cacher-linux-amd64` with
+# a stable URL. The latest tag overwrites the previous publish;
+# historical versions remain available via the artifact link
+# during the 90-day window.
+#
+# Auto-submission is restricted to tag refs only.
+image: ubuntu/noble
+packages:
+ - curl
+ - ca-certificates
+oauth: pages.sr.ht/PAGES:RW
+sources:
+ - https://git.srht.bigb.es/~bigbes/ci-cacher
+environment:
+ GO_VERSION: "1.26.3"
+ PATH: /home/build/.local/go/bin:/home/build/.local/bin:/home/build/go/bin:/usr/local/bin:/usr/bin:/bin
+ GOPATH: /home/build/go
+ PAGES_DOMAIN: cacher.srht.bigb.es
+submitter:
+ git.sr.ht:
+ enabled: true
+ allow-refs:
+ - "refs/tags/*"
+tasks:
+ - install_go: |
+ GO_TARBALL="go${GO_VERSION}.linux-amd64.tar.gz"
+ mkdir -p ~/.local
+ curl -sSL "https://go.dev/dl/$GO_TARBALL" -o "/tmp/$GO_TARBALL"
+ tar -xz -C ~/.local -f "/tmp/$GO_TARBALL"
+ rm "/tmp/$GO_TARBALL"
+ go version
+ - install_hut: |
+ # hut isn't in ubuntu/noble's repos; build it from source with the
+ # Go we just installed. ~5s on a warm GOPATH, ~30s cold.
+ go install git.sr.ht/~xenrox/hut@latest
+ hut --version
+ - build: |
+ cd ci-cacher
+ VERSION=$(git describe --tags --abbrev=0 2>/dev/null || cat VERSION)
+ echo "Building $VERSION"
+ GOOS=linux GOARCH=amd64 CGO_ENABLED=0 \
+ go build -ldflags "-s -w -X go.bigb.es/cacher/internal/version.version=${VERSION}" \
+ -o /home/build/cacher-linux-amd64 .
+ /home/build/cacher-linux-amd64 version
+ sha256sum /home/build/cacher-linux-amd64
+ - package_pages: |
+ # pages.sr.ht expects a tarball whose top-level contents become the
+ # site root — so `tar -C dist .`, not `tar dist/`. The binary lands
+ # at https://$PAGES_DOMAIN/cacher-linux-amd64. A minimal index.html
+ # makes the root URL informative instead of a 404.
+ VERSION=$(cd ci-cacher && (git describe --tags --abbrev=0 2>/dev/null || cat VERSION))
+ SUM=$(sha256sum /home/build/cacher-linux-amd64 | awk '{print $1}')
+ mkdir -p /home/build/dist
+ cp /home/build/cacher-linux-amd64 /home/build/dist/cacher-linux-amd64
+ cat > /home/build/dist/index.html <<EOF
+ <!doctype html><meta charset="utf-8"><title>cacher</title>
+ <h1>cacher $VERSION</h1>
+ <p>S3-backed CI cache helper. <a href="https://git.srht.bigb.es/~bigbes/ci-cacher">Source</a>.</p>
+ <pre>wget https://$PAGES_DOMAIN/cacher-linux-amd64
+ sha256sum cacher-linux-amd64 # expect: $SUM</pre>
+ EOF
+ cd /home/build/dist
+ tar -czvf /home/build/site.tar.gz .
+ - publish_pages: |
+ hut pages publish -d "$PAGES_DOMAIN" /home/build/site.tar.gz
+artifacts:
+ - cacher-linux-amd64
A .builds/unit.yml => .builds/unit.yml +34 -0
@@ 0,0 1,34 @@
+# Unit tests + smoke build. Runs on every push to master and on tags.
+# Pure Go, no docker, so we use ubuntu/noble with a manual Go install
+# (matches the style of tarantool-protobuf .builds, which is the
+# primary downstream consumer of this binary).
+image: ubuntu/noble
+packages:
+ - curl
+ - ca-certificates
+sources:
+ - https://git.srht.bigb.es/~bigbes/ci-cacher
+environment:
+ GO_VERSION: "1.26.3"
+ PATH: /home/build/.local/go/bin:/home/build/.local/bin:/usr/local/bin:/usr/bin:/bin
+submitter:
+ git.sr.ht:
+ enabled: true
+ allow-refs:
+ - refs/heads/master
+ - "refs/tags/*"
+tasks:
+ - install_go: |
+ GO_TARBALL="go${GO_VERSION}.linux-amd64.tar.gz"
+ mkdir -p ~/.local
+ curl -sSL "https://go.dev/dl/$GO_TARBALL" -o "/tmp/$GO_TARBALL"
+ tar -xz -C ~/.local -f "/tmp/$GO_TARBALL"
+ rm "/tmp/$GO_TARBALL"
+ go version
+ - test: |
+ cd ci-cacher
+ go test ./...
+ - build: |
+ cd ci-cacher
+ go build -ldflags "-X go.bigb.es/cacher/internal/version.version=$(cat VERSION)" -o cacher .
+ ./cacher version
M README.md => README.md +6 -2
@@ 25,10 25,14 @@ cacher download "$key" "$out" --url "$url"
## Install
```sh
-# Pre-built linux-amd64 binary:
-wget https://git.srht.bigb.es/~bigbes/ci-cacher/refs/v0.1.0/cacher-linux-amd64 -O ~/.local/bin/cacher
+# Pre-built linux-amd64 binary (latest tag):
+wget https://cacher.srht.bigb.es/cacher-linux-amd64 -O ~/.local/bin/cacher
chmod +x ~/.local/bin/cacher
+# Pin to a specific build by sha256 (printed on the publish.yml job page):
+wget https://cacher.srht.bigb.es/cacher-linux-amd64 -O ~/.local/bin/cacher
+echo "<expected-sha256> /root/.local/bin/cacher" | sha256sum -c
+
# From source:
go install go.bigb.es/cacher@latest
```