enricobuehler
ec617f9c6b
ci / rust (push) Failing after 47s
ci / web (push) Successful in 26s
ci / docs-site (push) Successful in 27s
ci / bench (push) Successful in 1m34s
apple / swift (push) Successful in 1m19s
docker / build-push (--build-arg FEDORA_VERSION=44, ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora44-rpm) (push) Successful in 5s
docker / build-push (., web/Dockerfile, punktfunk-web) (push) Successful in 4s
docker / build-push (ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora-rpm) (push) Successful in 3s
docker / build-push (ci, ci/rust-ci.Dockerfile, punktfunk-rust-ci) (push) Successful in 4s
docker / build-push (docs-site, docs-site/Dockerfile, punktfunk-docs) (push) Successful in 3s
deb / build-publish (push) Successful in 2m13s
rpm / build-publish (bazzite, punktfunk-fedora-rpm) (push) Successful in 4m49s
rpm / build-publish (fedora-44, punktfunk-fedora44-rpm) (push) Successful in 4m36s
docker / deploy-docs (push) Failing after 17s
- scripts/bench/compare.py: diff criterion medians (target/criterion/**/estimates.json) vs a committed baseline, print a markdown table to the job summary, flag >threshold regressions, always exit 0 (shared CI hardware is too noisy to gate on). --update rewrites the baseline. - ci.yml `bench` job: runs Tier-1 (criterion) + Tier-2 (loss-harness FEC recovery) GPU-free in the rust-ci container, then compare.py — report-only visibility per push/PR. - scripts/bench/gpu-stream.sh + bench-gpu.yml: Tier-3 real pipeline (virtual output → zero-copy → NVENC → punktfunk/1 → reassemble) on a self-hosted GPU runner; captures encode_us/tx_mbps/ send_dropped + client capture→reassembled latency, compares to gpu-baseline.json (20% threshold). Needs the dev box registered as a `[self-hosted, gpu]` act_runner (one-time, see the workflow header) — the dedicated hardware makes its absolute baseline meaningful, unlike shared CI. - baseline.json: dev-box Tier-1 numbers. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
140 lines
5.6 KiB
YAML
140 lines
5.6 KiB
YAML
# CI for punktfunk (Gitea Actions). Linux jobs run on the `ubuntu-latest` runner; the Rust
|
|
# job runs inside the prebuilt builder image (ci/rust-ci.Dockerfile — system FFmpeg 8,
|
|
# PipeWire, GL/GBM, libcuda link stub, pinned-channel rustup) so the workspace links the
|
|
# same libs as the dev boxes. Apple client CI lives in apple.yml (macOS runner).
|
|
name: ci
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
pull_request:
|
|
|
|
jobs:
|
|
rust:
|
|
runs-on: ubuntu-24.04
|
|
container:
|
|
image: git.unom.io/unom/punktfunk-rust-ci:latest
|
|
timeout-minutes: 90
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
# punktfunk-client-linux link deps. Also baked into rust-ci.Dockerfile — but ci.yml
|
|
# runs against the image from the PREVIOUS push (docker.yml bootstrap note), so this
|
|
# keeps the job green across image-content changes; a no-op once the image has them.
|
|
- name: GTK4/libadwaita/SDL3 dev packages
|
|
run: |
|
|
apt-get update
|
|
apt-get install -y --no-install-recommends libgtk-4-dev libadwaita-1-dev libsdl3-dev
|
|
|
|
# Best-effort caches (act_runner's built-in cache server). Keyed on Cargo.lock:
|
|
# registry/git are download caches, target/ the incremental build. The target key
|
|
# carries the rustc version — rust-toolchain.toml pins the floating "stable"
|
|
# channel, so the file alone wouldn't invalidate stale incremental state.
|
|
- name: Cache keys
|
|
run: echo "rustc=$(rustc --version | cut -d' ' -f2)" >> "$GITHUB_ENV"
|
|
- uses: actions/cache@v4
|
|
with:
|
|
path: |
|
|
/usr/local/cargo/registry
|
|
/usr/local/cargo/git
|
|
key: cargo-home-${{ hashFiles('Cargo.lock') }}
|
|
restore-keys: cargo-home-
|
|
- uses: actions/cache@v4
|
|
with:
|
|
path: target
|
|
key: cargo-target-${{ env.rustc }}-${{ hashFiles('Cargo.lock') }}
|
|
restore-keys: cargo-target-${{ env.rustc }}-
|
|
|
|
- name: Format
|
|
run: cargo fmt --all --check
|
|
|
|
- name: Clippy (deny warnings)
|
|
run: cargo clippy --workspace --all-targets --locked -- -D warnings
|
|
|
|
- name: Build
|
|
run: cargo build --workspace --locked
|
|
|
|
- name: Test (unit + loopback + proptest + C ABI harness)
|
|
run: cargo test --workspace --locked
|
|
|
|
- name: C ABI harness (standalone link proof)
|
|
run: bash crates/punktfunk-core/tests/c/run.sh
|
|
|
|
- name: Verify generated header is committed & up to date
|
|
run: |
|
|
cargo build -p punktfunk-core --locked
|
|
git config --global --add safe.directory "$PWD"
|
|
git diff --exit-code include/punktfunk_core.h \
|
|
|| (echo "include/punktfunk_core.h is stale — commit the regenerated header" && exit 1)
|
|
|
|
web:
|
|
runs-on: ubuntu-24.04
|
|
container:
|
|
image: oven/bun:1
|
|
timeout-minutes: 30
|
|
defaults:
|
|
run:
|
|
working-directory: web
|
|
steps:
|
|
# oven/bun ships neither git nor a real node (only a bun shim) — actions/checkout
|
|
# needs both. The slim Debian base also lacks ca-certificates, so without it git's
|
|
# HTTPS fetch of the repo dies with "Problem with the SSL CA cert (path? access
|
|
# rights?)" — no CA bundle to validate git.unom.io's (public) Let's Encrypt cert.
|
|
- name: Install git + node + CA certs
|
|
working-directory: /
|
|
run: apt-get update && apt-get install -y --no-install-recommends ca-certificates git nodejs
|
|
- uses: actions/checkout@v4
|
|
- name: Install dependencies
|
|
run: bun install --frozen-lockfile --ignore-scripts
|
|
# Build first: it generates the orval API client + paraglide messages that
|
|
# typechecking imports.
|
|
- name: Build
|
|
run: bun run build
|
|
- name: Typecheck
|
|
run: bun run lint
|
|
|
|
docs-site:
|
|
runs-on: ubuntu-24.04
|
|
container:
|
|
image: oven/bun:1
|
|
timeout-minutes: 30
|
|
defaults:
|
|
run:
|
|
working-directory: docs-site
|
|
steps:
|
|
# ca-certificates: the slim Debian base lacks a CA bundle, so actions/checkout's
|
|
# HTTPS fetch otherwise fails with "Problem with the SSL CA cert" (see web job).
|
|
- name: Install git + CA certs
|
|
working-directory: /
|
|
run: apt-get update && apt-get install -y --no-install-recommends ca-certificates git
|
|
- uses: actions/checkout@v4
|
|
- name: Install dependencies
|
|
run: bun install --frozen-lockfile --ignore-scripts
|
|
# Build first: fumadocs-mdx emits the .source typegen the typecheck imports.
|
|
- name: Build
|
|
run: bun run build
|
|
- name: Typecheck
|
|
run: bun run lint
|
|
|
|
bench:
|
|
# Tier-1 (criterion microbenchmarks) + Tier-2 (FEC loss recovery) — GPU-free, so they run here.
|
|
# Report-only: prints the numbers + a diff vs the committed baseline to the job summary and never
|
|
# fails the build (shared CI hardware is too noisy to gate on). The tight regression gate + the
|
|
# real encode/stream path live on the self-hosted GPU runner (Tier 3, bench-gpu.yml).
|
|
runs-on: ubuntu-24.04
|
|
container:
|
|
image: git.unom.io/unom/punktfunk-rust-ci:latest
|
|
timeout-minutes: 30
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Prep
|
|
run: |
|
|
git config --global --add safe.directory "$PWD"
|
|
command -v python3 >/dev/null || { apt-get update && apt-get install -y --no-install-recommends python3; }
|
|
- name: Tier-1 microbenchmarks (criterion)
|
|
run: cargo bench -p punktfunk-core --bench pipeline -- --warm-up-time 1 --measurement-time 3
|
|
- name: Tier-2 FEC loss recovery (loss-harness)
|
|
run: cargo run -q -p loss-harness
|
|
- name: Compare vs baseline (report-only)
|
|
run: python3 scripts/bench/compare.py --threshold 0.5
|