/uci

Simple CI for self-hosting

Primary LanguageRust

uCI

https://uci.iliay.ar/api/badge/ghlike.svg?project_id=uci&pipeline_id=deploy&job_id=build
Simple lightweight ci/cd for self-hosting

Build

Cargo

Clone repo first. Then:

cargo install --path uci

and for `cli`

cargo install --path uci_cli

Nix

Flake with packages: ucid, uci.

inputs = {
  # ...

  uci.url = "github:iliayar/uci";
}

and then `uci.packages.${system}.ucid`

Usage

Example

Assume configs repository structure

.
├── projects.yaml
└── uci.yaml 

# uci.yaml
data_dir: ${~/.uci}
secrets: ${load(~/.uci-secrets.yaml)}
tokens:
  - token: ${config.secrets.admin-token}
    permissions: [ 'read', 'write' ]
projects:
  'some-project': ${load(./path/to/project.yaml)}
# ~/.uci-secrets.yaml
admin-token: <TOKEN>

Repository is located at remote’s ~/uci-config. Then daemon is running as follows

RUST_LOG=info ucid --config-repo ~/uci-config --prefix ''

With client config at host’s .uci/config.yaml:

__default__:
  runner_url: http://<HOST>
  ws_runner_url: ws://<HOST>
  token: <TOKEN>
  • uci config reload - will pull repo with configs on the server and reload config

Example projects

  • Handling update of uci in itself Link
  • Static generation of Html from Org Link, Link

Corresponding project.yaml for the second example:

config:
  - ${load(/${project.repos.main.path}/.uci/project.yaml)}
  - ${load(/${project.repos.conspects.path}/.uci/project.yaml)}
repos:
  main:
    source: git@github.com:iliayar/iliayar.git
    branch: master

  conspects:
    source: git@github.com:iliayar/itmo.git
    branch: master

tokens:
  - token: ${config.secrets.admin-token}
    permissions:
      - read
      - write
      - execute

  - token: ${config.secrets.webhook-secret}
    permissions:
      - write

  - # anonymous
    permissions:
      - read

secrets: ${load(~/.uci-secrets/personal-site.yaml)}

CLI

Example

Trigger action manually and watch logs
https://asciinema.org/a/596894.svg