punktfunk

Author	SHA1	Message	Date
enricobuehler	627188b4b7	ci(windows): setup-windows-runner.ps1 — Gitea Actions host runner provisioner apple / swift (push) Successful in 54s Details ci / rust (push) Failing after 59s Details ci / docs-site (push) Successful in 28s Details deb / build-publish (push) Successful in 2m23s Details decky / build-publish (push) Successful in 11s Details android / android (push) Failing after 46s Details ci / web (push) Successful in 28s Details docker / build-push (--build-arg FEDORA_VERSION=44, ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora44-rpm) (push) Successful in 4s Details docker / build-push (., web/Dockerfile, punktfunk-web) (push) Successful in 4s Details docker / build-push (ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora-rpm) (push) Successful in 3s Details docker / build-push (ci, ci/rust-ci.Dockerfile, punktfunk-rust-ci) (push) Successful in 5s Details docker / build-push (docs-site, docs-site/Dockerfile, punktfunk-docs) (push) Successful in 5s Details ci / bench (push) Successful in 4m29s Details rpm / build-publish (bazzite, punktfunk-fedora-rpm) (push) Successful in 8m8s Details rpm / build-publish (fedora-44, punktfunk-fedora44-rpm) (push) Successful in 8m15s Details docker / deploy-docs (push) Successful in 20s Details The Windows analogue of scripts/ci/setup-macos-runner.sh: downloads act_runner (gitea-runner) in host mode, bumps Node 20 via nvm4w (actions/checkout@v4), registers against git.unom.io with labels windows-amd64:host, and installs a SYSTEM scheduled task that keeps the daemon alive across reboots. The daemon's env wrapper hard-codes this box's MSVC/WinUI toolchain (cargo/rustup, NASM, CMake, LLVM, FFmpeg, the ASCII CARGO_HOME SDL3's PCH needs) so the Windows workflow inherits a working toolchain. Idempotent; token (from org unom -> Settings -> Actions -> Runners) not persisted. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-16 06:59:40 +00:00
enricobuehler	8265742e74	ci: bust the re-poisoned cargo cache (v3) + burst-guard the runner prune apple / swift (push) Successful in 53s Details android / android (push) Has been cancelled Details deb / build-publish (push) Has been cancelled Details ci / rust (push) Has been cancelled Details ci / web (push) Has been cancelled Details ci / docs-site (push) Has been cancelled Details ci / bench (push) Has been cancelled Details decky / build-publish (push) Has been cancelled Details docker / build-push (--build-arg FEDORA_VERSION=44, ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora44-rpm) (push) Has been cancelled Details docker / build-push (., web/Dockerfile, punktfunk-web) (push) Has been cancelled Details docker / build-push (ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora-rpm) (push) Has been cancelled Details docker / build-push (ci, ci/rust-ci.Dockerfile, punktfunk-rust-ci) (push) Has been cancelled Details docker / build-push (docs-site, docs-site/Dockerfile, punktfunk-docs) (push) Has been cancelled Details docker / deploy-docs (push) Has been cancelled Details rpm / build-publish (bazzite, punktfunk-fedora-rpm) (push) Has been cancelled Details rpm / build-publish (fedora-44, punktfunk-fedora44-rpm) (push) Has been cancelled Details This session's push storm refilled the runner to 100% WITHIN the prune timer's 24h window (it only trims >24h), so a build hit ENOSPC and actions/cache saved a truncated target/ -> `error[E0463]: can't find crate for shlex` in ci.yml's clippy. Two fixes: - Bump cargo-target-v2- -> v3- in ci.yml + deb.yml so the poisoned tarball is bypassed (a suffix bump can't — restore-keys falls back to the old prefix; same as the v1->v2 fix). - Harden scripts/ci/docker-prune: run HOURLY (was 6h) with a burst guard — if the disk is still >85% after the normal until=12h trim, prune ALL idle images + build cache (in-use protected). A fast push-burst can fill 99 GB inside any time window, so the disk-pressure trigger, not the age filter, is the real backstop. Applied live on home-runner-1 (reclaimed 95%->66%) and checked in. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-15 14:25:40 +00:00
enricobuehler	bf65d264fd	ci: bound runner disk + bust the disk-full-corrupted cargo target cache apple / swift (push) Successful in 54s Details ci / bench (push) Successful in 1m35s Details ci / rust (push) Successful in 6m49s Details android / android (push) Failing after 4m5s Details ci / web (push) Successful in 26s Details ci / docs-site (push) Successful in 26s Details decky / build-publish (push) Successful in 29s Details deb / build-publish (push) Failing after 2m33s Details docker / build-push (., web/Dockerfile, punktfunk-web) (push) Successful in 16s Details docker / build-push (--build-arg FEDORA_VERSION=44, ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora44-rpm) (push) Successful in 2m40s Details docker / build-push (ci, ci/fedora-rpm.Dockerfile, punktfunk-fedora-rpm) (push) Successful in 2m32s Details docker / build-push (ci, ci/rust-ci.Dockerfile, punktfunk-rust-ci) (push) Successful in 2m17s Details docker / build-push (docs-site, docs-site/Dockerfile, punktfunk-docs) (push) Successful in 21s Details flatpak / build-publish (push) Failing after 4s Details rpm / build-publish (bazzite, punktfunk-fedora-rpm) (push) Successful in 5m27s Details rpm / build-publish (fedora-44, punktfunk-fedora44-rpm) (push) Successful in 5m28s Details docker / deploy-docs (push) Successful in 20s Details The self-hosted runner filled its disk (95%, builds failing on ENOSPC): every CI push builds a sha-<commit>-tagged Docker image per pipeline, and since those tags are never dangling a plain `docker image prune` skips them — they piled up to 589 images / ~85 GB plus 18 GB of build cache. Two parts: - scripts/ci/docker-prune.{service,timer}: a host-level systemd timer (every 6h, Persistent) that prunes images/build-cache/containers older than 24h — in-use images stay protected. Checked in (the runner is hand-provisioned and shared across orgs) and already installed live; reclaimed 89 GB -> 39 GB (95% -> 42%). - ci.yml / deb.yml: bump the `cargo-target-<rustc>-*` cache key to `-v2-`. The disk-full build let actions/cache save a truncated target/ (a dep's .rmeta went missing -> "error[E0463]: can't find crate for pem_rfc7468" while compiling der). A suffix bump is useless here — restore-keys would fall back to the poisoned prefix — so the prefix is versioned to force one clean rebuild. cargo-home is untouched (sources were intact; the failure was a missing build artifact). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-15 09:10:56 +00:00
enricobuehler	57e7f9fe25	feat(release): production Apple builds — notarized macOS dmg + iOS TestFlight release.yml (v* tags / dispatch, macos-arm64 runner): universal mac + iOS xcframework -> xcodebuild archive -> Developer ID export -> notarytool + staple -> dmg on the Gitea release; iOS archive uploads to TestFlight (app-store-connect/upload). Per-run throwaway keychain; ASC API key authenticates notarization, upload, and automatic-signing profile fetch. macOS App Store lane deferred (needs App Sandbox); tvOS deferred (tier-3 Rust targets). All app targets now share bundle ID io.unom.punktfunk — ONE App Store listing with universal purchase (decided pre-submission; effectively unchangeable after). ITSAppUsesNonExemptEncryption=false declared (standard-algorithm AES-GCM, exempt). build-xcframework.sh resolves Apple toolchains itself: cargo's HOST artifacts (proc-macros, build scripts) are loaded by the running OS, and a newer-than-OS beta Xcode ld emits LINKEDIT layouts dyld rejects ("mis-aligned LINKEDIT string pool" -> misleading E0463) — so prefer a non-beta Xcode for everything, fall back to CLT for mac-only slices (env untouched: an explicit DEVELOPER_DIR=<CLT> trips xcrun's license check), refuse iOS/tvOS without a real Xcode (CLT has no iOS SDK). The runner plist no longer injects DEVELOPER_DIR for the same reason. punktfunk_Logo.icon: dropped the Xcode-27-beta-only Icon Composer features (refractivity, specular-location) — 26.5's actool crashes on them, and store builds must use release Xcode. Visual delta is the refraction/specular nuance only; re-author when 27 ships. Validated on home-mac-mini-1 with Xcode 26.5: mac+iOS xcframework slices, unified bundle IDs, signing-free app build. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>	2026-06-12 14:34:45 +00:00
enricobuehler	47a69a0063	fix(ci): match real runner labels + survivable Mac runner daemon ci / web (push) Failing after 51s Details ci / docs-site (push) Failing after 34s Details docker / build-push (., web/Dockerfile, punktfunk-web) (push) Successful in 15s Details docker / build-push (ci, ci/rust-ci.Dockerfile, punktfunk-rust-ci) (push) Successful in 2m8s Details docker / build-push (docs-site, docs-site/Dockerfile, punktfunk-docs) (push) Successful in 20s Details ci / rust (push) Successful in 6m23s Details apple / swift (push) Successful in 1m24s Details runs-on: ubuntu-24.04 (the label the existing Linux runner actually advertises — ubuntu-latest queued forever). Mac runner: strip the docker:// default labels generate-config seeds (they override the host-mode registration labels and make the daemon demand a Docker engine), and ship the service as a root LaunchDaemon — macOS Local Network privacy silently blocks LAN dials from unbundled CLI binaries in gui/user launchd domains ("no route to host"), system daemons are exempt. Without sudo the script leaves an interim nohup daemon. CI surface documented in CLAUDE.md + docs-site ci.md. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>	2026-06-12 12:40:36 +00:00
enricobuehler	f1af74b403	feat(ci): Gitea Actions — dockerized web/docs/rust-ci images, Apple client CI, Mac runner apple / swift (push) Failing after 3s Details docker / build-push (docs-site, docs-site/Dockerfile, punktfunk-docs) (push) Has been cancelled Details docker / build-push (ci, ci/rust-ci.Dockerfile, punktfunk-rust-ci) (push) Has been cancelled Details docker / build-push (., web/Dockerfile, punktfunk-web) (push) Has been cancelled Details ci / docs-site (push) Has been cancelled Details ci / web (push) Has been cancelled Details ci / rust (push) Has been cancelled Details Three workflows: ci.yml (Rust workspace inside the punktfunk-rust-ci builder image + web/docs-site build+typecheck), docker.yml (build+push punktfunk-web, punktfunk-docs, punktfunk-rust-ci to git.unom.io — host and native clients stay un-dockerized by design), apple.yml (host-mode macos-arm64 runner: Rust core -> PunktfunkCore.xcframework -> swift build + swift test). ci/rust-ci.Dockerfile: Ubuntu 26.04 with the workspace's link deps (FFmpeg 8, PipeWire, Opus, GL/EGL/GBM, xkbcommon, libcuda via the 580-server userspace as a link stub) + pinned rustup + node for the JS actions. Verified end to end in-container: build, 141/141 tests, C ABI harness; all three images seeded to the registry manually. scripts/ci/setup-macos-runner.sh provisions the Mac (rustup + darwin targets, Node tarball, gitea-runner 1.0.8 host mode, LaunchAgent with DEVELOPER_DIR auto-detect for sudo-free Xcode selection). Docs in docs-site/content/docs/ci.md. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>	2026-06-12 12:28:13 +00:00

6 Commits