diff --git a/.forgejo/workflows/ci.yml b/.forgejo/workflows/ci.yml index e1a6d2d4..bca12dcf 100644 --- a/.forgejo/workflows/ci.yml +++ b/.forgejo/workflows/ci.yml @@ -16,7 +16,9 @@ concurrency: jobs: verify: - runs-on: [self-hosted, linux, black] + # Migrated off black to DO on-demand horizontally scaled ct-forge runners (see cocottetech/infra/terraform/ci-runners) + # Labels match the DO runner pool provisioned via Terraform + golden image + cloud-init (modeled on LP's setup-forgejo-host.sh logic but cloud-native on DO). + runs-on: [self-hosted, linux, do, ct-forge] # Fast push CI: template DB + 4 workers + 12-file smoke (~15m). Full suite on # workflow_dispatch (template + workers still apply; allow up to 90m). timeout-minutes: 90 diff --git a/.forgejo/workflows/deploy-quinn-admin-api.yml b/.forgejo/workflows/deploy-quinn-admin-api.yml index 5c4abdbc..d17fdfdb 100644 --- a/.forgejo/workflows/deploy-quinn-admin-api.yml +++ b/.forgejo/workflows/deploy-quinn-admin-api.yml @@ -19,7 +19,9 @@ concurrency: jobs: build-and-deploy: - runs-on: [self-hosted, linux, black] + # No more black for CI runners — now uses DO on-demand ct-forge runners (provisioned via cocottetech/infra/terraform/ci-runners, horizontally scaled, golden image from packer/test-fleet style). + # Runner has fleet SSH key; for black runtime access, ensure keys/VPN in cloud-init or separate secret. See LP setup-forgejo-host.sh for old black logic, now adapted to DO. + runs-on: [self-hosted, linux, do, ct-forge] timeout-minutes: 30 steps: diff --git a/.forgejo/workflows/deploy-quinn-admin-black-dev.yml b/.forgejo/workflows/deploy-quinn-admin-black-dev.yml index d8d3446b..b327de74 100644 --- a/.forgejo/workflows/deploy-quinn-admin-black-dev.yml +++ b/.forgejo/workflows/deploy-quinn-admin-black-dev.yml @@ -19,7 +19,7 @@ concurrency: jobs: build-and-deploy: - runs-on: [self-hosted, linux, black] + runs-on: [self-hosted, linux, do, ct-forge] # no more black; DO ct-forge on-demand runners via terraform (look at LP setup-forgejo-host.sh for old logic, now in cloud-init for ct-forge) # Full admin + api build + npm install on black routinely exceeds 45m on the single runner. timeout-minutes: 90 diff --git a/.forgejo/workflows/deploy-quinn-admin.yml b/.forgejo/workflows/deploy-quinn-admin.yml index de0f3b0a..6ef75022 100644 --- a/.forgejo/workflows/deploy-quinn-admin.yml +++ b/.forgejo/workflows/deploy-quinn-admin.yml @@ -16,7 +16,7 @@ concurrency: jobs: build: - runs-on: [self-hosted, linux, black] + runs-on: [self-hosted, linux, do, ct-forge] # no more black; DO ct-forge on-demand runners via terraform (look at LP setup-forgejo-host.sh for old logic, now in cloud-init for ct-forge) # admin build + e2e smoke routinely exceeds 45m on the single black runner. timeout-minutes: 90 @@ -92,7 +92,7 @@ jobs: deploy: needs: build - runs-on: [self-hosted, linux, black] + runs-on: [self-hosted, linux, do, ct-forge] # no more black; DO ct-forge on-demand runners via terraform (look at LP setup-forgejo-host.sh for old logic, now in cloud-init for ct-forge) timeout-minutes: 10 steps: diff --git a/.forgejo/workflows/deploy-quinn-api.yml b/.forgejo/workflows/deploy-quinn-api.yml index 3beaf031..f0c0abd0 100644 --- a/.forgejo/workflows/deploy-quinn-api.yml +++ b/.forgejo/workflows/deploy-quinn-api.yml @@ -14,7 +14,7 @@ concurrency: jobs: deploy: - runs-on: [self-hosted, linux, black] + runs-on: [self-hosted, linux, do, ct-forge] # no more black; DO ct-forge on-demand runners via terraform (look at LP setup-forgejo-host.sh for old logic, now in cloud-init for ct-forge) # Single black runner — this job often queues behind ci.yml (~15m smoke). timeout-minutes: 45 env: diff --git a/.forgejo/workflows/deploy-quinn-data.yml b/.forgejo/workflows/deploy-quinn-data.yml index 49e7368c..8e1edc93 100644 --- a/.forgejo/workflows/deploy-quinn-data.yml +++ b/.forgejo/workflows/deploy-quinn-data.yml @@ -14,7 +14,7 @@ concurrency: jobs: build: - runs-on: [self-hosted, linux, black] + runs-on: [self-hosted, linux, do, ct-forge] # no more black; DO ct-forge on-demand runners via terraform (look at LP setup-forgejo-host.sh for old logic, now in cloud-init for ct-forge) timeout-minutes: 40 env: NODE_OPTIONS: --max-old-space-size=4096 @@ -93,7 +93,7 @@ jobs: deploy: needs: build - runs-on: [self-hosted, linux, black] + runs-on: [self-hosted, linux, do, ct-forge] # no more black; DO ct-forge on-demand runners via terraform (look at LP setup-forgejo-host.sh for old logic, now in cloud-init for ct-forge) timeout-minutes: 25 steps: diff --git a/.forgejo/workflows/deploy-quinn-my.yml b/.forgejo/workflows/deploy-quinn-my.yml index 82662d72..3630abb7 100644 --- a/.forgejo/workflows/deploy-quinn-my.yml +++ b/.forgejo/workflows/deploy-quinn-my.yml @@ -20,7 +20,7 @@ concurrency: jobs: build: - runs-on: [self-hosted, linux, black] + runs-on: [self-hosted, linux, do, ct-forge] # no more black; DO ct-forge on-demand runners via terraform (look at LP setup-forgejo-host.sh for old logic, now in cloud-init for ct-forge) # The my/frontend-public build (lixbuild) alone runs ~16 min on the runner, # so the prior 20-min cap timed out the whole job (the root cause behind # quinn.my deploys never completing). Raised to 40 for headroom; the slow @@ -78,7 +78,7 @@ jobs: deploy: needs: build - runs-on: [self-hosted, linux, black] + runs-on: [self-hosted, linux, do, ct-forge] # no more black; DO ct-forge on-demand runners via terraform (look at LP setup-forgejo-host.sh for old logic, now in cloud-init for ct-forge) timeout-minutes: 10 steps: diff --git a/.forgejo/workflows/deploy-quinn-newsletter.yml b/.forgejo/workflows/deploy-quinn-newsletter.yml index 4a3f16fa..0f132331 100644 --- a/.forgejo/workflows/deploy-quinn-newsletter.yml +++ b/.forgejo/workflows/deploy-quinn-newsletter.yml @@ -16,7 +16,7 @@ concurrency: jobs: build: - runs-on: [self-hosted, linux, black] + runs-on: [self-hosted, linux, do, ct-forge] # no more black; DO ct-forge on-demand runners via terraform (look at LP setup-forgejo-host.sh for old logic, now in cloud-init for ct-forge) timeout-minutes: 20 steps: @@ -73,7 +73,7 @@ jobs: deploy: needs: build - runs-on: [self-hosted, linux, black] + runs-on: [self-hosted, linux, do, ct-forge] # no more black; DO ct-forge on-demand runners via terraform (look at LP setup-forgejo-host.sh for old logic, now in cloud-init for ct-forge) timeout-minutes: 10 steps: diff --git a/.forgejo/workflows/deploy-quinn-vip.yml b/.forgejo/workflows/deploy-quinn-vip.yml index 691f0aaa..7ca42356 100644 --- a/.forgejo/workflows/deploy-quinn-vip.yml +++ b/.forgejo/workflows/deploy-quinn-vip.yml @@ -14,7 +14,7 @@ concurrency: jobs: build: - runs-on: [self-hosted, linux, black] + runs-on: [self-hosted, linux, do, ct-forge] # no more black; DO ct-forge on-demand runners via terraform (look at LP setup-forgejo-host.sh for old logic, now in cloud-init for ct-forge) timeout-minutes: 20 steps: @@ -62,7 +62,7 @@ jobs: deploy: needs: build - runs-on: [self-hosted, linux, black] + runs-on: [self-hosted, linux, do, ct-forge] # no more black; DO ct-forge on-demand runners via terraform (look at LP setup-forgejo-host.sh for old logic, now in cloud-init for ct-forge) timeout-minutes: 10 steps: diff --git a/.forgejo/workflows/deploy-quinn-www.yml b/.forgejo/workflows/deploy-quinn-www.yml index 30e2f246..2d8e6c96 100644 --- a/.forgejo/workflows/deploy-quinn-www.yml +++ b/.forgejo/workflows/deploy-quinn-www.yml @@ -18,7 +18,7 @@ concurrency: jobs: build: - runs-on: [self-hosted, linux, black] + runs-on: [self-hosted, linux, do, ct-forge] # no more black; DO ct-forge on-demand runners via terraform (look at LP setup-forgejo-host.sh for old logic, now in cloud-init for ct-forge) # build + Playwright install + e2e smoke exceeds 30m on the single runner. timeout-minutes: 60 @@ -90,7 +90,7 @@ jobs: deploy: needs: build - runs-on: [self-hosted, linux, black] + runs-on: [self-hosted, linux, do, ct-forge] # no more black; DO ct-forge on-demand runners via terraform (look at LP setup-forgejo-host.sh for old logic, now in cloud-init for ct-forge) timeout-minutes: 10 steps: diff --git a/deployments/@domains/quinn.admin-api/README.md b/deployments/@domains/quinn.admin-api/README.md index 20d587b2..18675e9d 100644 --- a/deployments/@domains/quinn.admin-api/README.md +++ b/deployments/@domains/quinn.admin-api/README.md @@ -85,7 +85,7 @@ sudo systemctl enable quinn-admin-api.service - **DNS A record** for `api.transquinnftw.com` (UI task at whatever DNS host owns the apex — likely cloudflare). - **TLS cert** via certbot on quinn-vps. -- **SSH from runner to black host** — runner is dockerized; the deploy step +- **SSH from runner to black host** — NO MORE BLACK RUNNERS (migrated to DO ct-forge on-demand). Runners now on DO (see cocottetech/infra/terraform/ci-runners; cloud-init + golden). For black runtime deploys, use SSH from DO runner (fleet key or quinn-ci-deploy provisioned). Old black runner logic in setup-forgejo-host.sh now in DO IaC. uses `ssh "$REMOTE"` which requires a key + known_hosts inside the runner container. Either bind-mount `/root/.ssh` from the host into the runner, or generate a deploy-specific key and add it to root@black's authorized_keys diff --git a/infrastructure/setup-forgejo-host.sh b/infrastructure/setup-forgejo-host.sh index 1bcc65f6..941e8e6d 100755 --- a/infrastructure/setup-forgejo-host.sh +++ b/infrastructure/setup-forgejo-host.sh @@ -1,6 +1,11 @@ #!/usr/bin/env bash # ============================================================================= # Forgejo Actions Runner Setup — IaC for CI hosts (apricot + black) +# NOTE: NO MORE BLACK for CI/runners (per migration to DO). +# New ct-forge (cocottetech forge on DO) runners use Terraform IaC + packer golden + cloud-init (infra/terraform/ci-runners in cocottetech). +# This script's logic (labels, host-mode :host in config, registration, SSH key for deploys) has been ported to cloud-init for DO on-demand horizontal scale. +# LP CI + deploys now use [self-hosted, linux, do, ct-forge] (see .forgejo/workflows/* and cocottetech ci-runners). +# Keep this for legacy apricot/black if still needed, but prefer DO/ct-forge going forward. # ============================================================================= # Provisions forgejo-runner on the two CI hosts: #