CI/CD Week Day 2! Security is key! Running directly on the host (bareMetal) is fast, but system admins need control over what processes run.
Enter Executor 2: bwrap (bubblewrap). This creates a very light container/sandbox, similar to what Flatpak uses!
You get the same execution capability (e.g., running `echo "hello" > README.md`), but in a confined, isolated way. It's the best of both worlds: speed and security!
Ready for the executor that lets you run any process? Follow me for tomorrow's reveal! 馃惓
#CICD #DevOps #Bubblewrap #Security #Containers
Debugging CI/CD pipelines locally has been unexplored. The complexity of mapping pipeline execution to local environments made it prohibitively expensive.
AI coding tools changed that鈥攖he cost dropped dramatically.
We built Magnolia鈥攁 CLI to run GitHub Actions, GitLab CI, and Forgejo pipelines locally.
https://github.com/tuist/magnolia
Not feature-complete yet, but open to contributions. Our goal: help teams move to forge-native CI.
No more push-pray-wait cycles.
Jan :rust: :ferris:
boosted
Say hello to the new plugin: `Hop`. Thanks to the new #rust plugin-sdk we can code plugins in rust!
This plugin will be the base of the CI/CD of GitRoot. It permit to execute process on the host server.
This process could be executed in an oci container #podman or #docker
But for now I want to try to exec in a #chroot jail. The approache is much more in the spirit of GitRoot (less ressource needed, more simple to use... or not will see...) even if I know oci container are mandatory.
It will be the responsibility of the instance administrator to choose what strategy they want to offer to their users.
#git #forge #cicd #rustlang
Say hello to the new plugin: `Hop`. Thanks to the new #rust plugin-sdk we can code plugins in rust!
This plugin will be the base of the CI/CD of GitRoot. It permit to execute process on the host server.
This process could be executed in an oci container #podman or #docker
But for now I want to try to exec in a #chroot jail. The approache is much more in the spirit of GitRoot (less ressource needed, more simple to use... or not will see...) even if I know oci container are mandatory.
It will be the responsibility of the instance administrator to choose what strategy they want to offer to their users.
#git #forge #cicd #rustlang
Stefano Marinelli
boosted
Proxmox fully automated! From ClickOps to Code: Automated. Audited. Revisioned. Repeatable.
Starting from the base by automating:
- Cluster initialization
- Cluster join
- Storage Integration
- Proxmox Backup Server Integration
- SDN Networks (different ones for pros/dev)
- Guest Resources utilizing the cluster infrastructure
#Proxmox#PVE#Pbs#ProxmoxBackupServer #opensource#Automation#Ansible #python #devops #terraform #cicd #pipeline #cluster #nfs #iscsi
Proxmox fully automated! From ClickOps to Code: Automated. Audited. Revisioned. Repeatable.
Starting from the base by automating:
- Cluster initialization
- Cluster join
- Storage Integration
- Proxmox Backup Server Integration
- SDN Networks (different ones for pros/dev)
- Guest Resources utilizing the cluster infrastructure
#Proxmox#PVE#Pbs#ProxmoxBackupServer #opensource#Automation#Ansible #python #devops #terraform #cicd #pipeline #cluster #nfs #iscsi
You can see the code and adapt it to your situation.
It assumes that you have some number of esp32-s3 meshcore devices plugged in over USB to a Linux based device which the Action's runner can access.
Shout if you have patches, improvements or questions!
https://git.devhack.net/Hammers/MeshcoreDeployer
#opensource #meshcore #meshcoredeployer #lora #radio #cicd #devops #forgejo
Woot, just finished implementing my first GitHub / Forgejo Actions which allows me to programmatically push meshcore builds to my radios on the roof from the comfort of my browser.
It currently only supports deploying to esp32s3 based LoRa devices so far.
#meshcore #lora #radio #esp32 #cicd #meshcoredeployer #devops #forgejo
This is what a successful build will look like
This is my roof top development box. It has four esp32-s3 based Xiao Wio lora boards connected over USB to a raspberry pi.
The raspi is intrun powered by PoE
When deploying you'll be prompted to select a device to deploy to and configure the type of build needed.
Stefano Marinelli
boosted
How I quickly spawn my #Proxmox Labs - Proxmox Cloud Image & Proxmox Bare-Metal Auto Installer
This way, you can just spin up your cluster in less than 5 minutes and continue your tests :)
#opensource #virtualization #devops#ProxmoxVE #labs #infrastructure #cicd
https://gyptazy.com/proxmox-cloud-image-bare-metal-auto-installation-image/
How I quickly spawn my #Proxmox Labs - Proxmox Cloud Image & Proxmox Bare-Metal Auto Installer
This way, you can just spin up your cluster in less than 5 minutes and continue your tests :)
#opensource #virtualization #devops#ProxmoxVE #labs #infrastructure #cicd
https://gyptazy.com/proxmox-cloud-image-bare-metal-auto-installation-image/
Stefano Marinelli
boosted
To continue our Bastille Day release extravaganza we're also announcing Rocinante 1.0 series is now available! 
This release brings most of the Rocinante commands up to par with Bastille functionality and now includes a bastilletesting directory which has been designed to validate code changes in both projects.
Bastille and Rocinante can now be combined to build simple CI/CD pipelines to validate deployments!
To continue our Bastille Day release extravaganza we're also announcing Rocinante 1.0 series is now available!
This release brings most of the Rocinante commands up to par with Bastille functionality and now includes a bastilletesting directory which has been designed to validate code changes in both projects.
Bastille and Rocinante can now be combined to build simple CI/CD pipelines to validate deployments!
Status update: I'm now automatically building and releasing a signed fork of stable moshidon with my patches. #CI is cool!