Getting started with Woodpecker CI
Having moved my personal projects from my selfhosted Gitlab instance to my selfhosted Forgejo instance, there was still the issue of replacing Gitlab-CI.
During this weekend I briefly went back to Jenkins, but I came to the conclusion that it is too involved for what I need. The boilerplate code is to fragile to just edit and run. I also considered a plugin that translates a yaml pipeline definition to jenkins native code, but it still seems a bit of a proof of concept that is not well integrated in the documentation.
A couple of weeks ago at FOSDEM I met people from Codeberg at the codeberg stand and it was suggested to check out Woodpecker CI.
Deploying Woodpecker using Helm
So yesterday I deployed Woodpecker CI to one of my kubernetes environments using the helm chart and some custom values. It did take some trial and error to find out the minimum set of attributes I needed to set to have a successful deployment, but after some time I was able to connect to the WebUI and authenticate. This uses my Codeberg account/organisation which is rather nice and easy.
My cleaned up values.yaml that I used:
agent:
enabled: true
env:
WOODPECKER_SERVER: 'woodpecker-server:9000'
WOODPECKER_AGENT_SECRET: 'XXXXXXXXXXXX'
WOODPECKER_BACKEND: kubernetes
WOODPECKER_BACKEND_K8S_NAMESPACE: XXXXXXXXXXXXXX
WOODPECKER_BACKEND_K8S_STORAGE_CLASS: ''
WOODPECKER_BACKEND_K8S_VOLUME_SIZE: 10G
WOODPECKER_BACKEND_K8S_STORAGE_RWX: false
WOODPECKER_BACKEND_K8S_POD_LABELS: ''
WOODPECKER_BACKEND_K8S_POD_ANNOTATIONS: ''
WOODPECKER_CONNECT_RETRY_COUNT: '1'
server:
enabled: true
env:
WOODPECKER_ADMIN: 'woodpecker,admin'
WOODPECKER_HOST: 'https://automation.example.org'
WOODPECKER_AGENT_SECRET: 'XXXXXXXXXXXXXXXX'
WOODPECKER_OPEN: true
WOODPECKER_GITEA: true
WOODPECKER_GITEA_URL: https://codeberg.org/
WOODPECKER_GITEA_CLIENT: XXXXXXXXXXXXXXXXXX
WOODPECKER_GITEA_SECRET: XXXXXXXXXXXXXXXXXX
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/proxy-body-size: 40m
nginx.ingress.kubernetes.io/configuration-snippet: |
more_set_headers "Strict-Transport-Security: max-age=31536000; includeSubDomains; preload";
ingressClassName: 'nginx'
hosts:
- host: automation.example.org
paths:
- path: /
backend:
serviceName: woodpecker-server
servicePort: 80
tls:
- secretName: automation-example-org-tls
hosts:
- automation.example.org
helm commands to deploy:
helm repo add woodpecker https://woodpecker-ci.org/
helm repo update
helm upgrade --install woodpecker woodpecker/woodpecker -f values.yaml
Creating the first pipeline
Today I was fiddling with "My First Woodpecker Pipeline". It took me a couple of hours to get my first working recipe, including secrets handling etc. But when I got it to work, I really liked what I saw. There is really nice integration of pipelines in Woodpecker on the one side and the code repository in Codeberg on the other side. Like seeing pipeline results in merge requests. I was used to having these type of features in Gitlab Premium and it is great to see I can have this level of functionality using pure open source solutions. There is a lot to like in this, I will most certainly do more exploration in this regard.
The current Woodpecker deployment I have, is linked to Codeberg to do some automation for Mastodon.nl related tasks. But on this rainy day I will most likely try running it against Forgejo and Gitlab too.
This is my first Woodpecker CI pipeline to deploy updates to the hub.mastodon.nl website. It is still rather crude but it does the job for now:
---
steps:
- name: deploy
image: debian
secrets: [ ssh_private_key ]
commands:
- echo "deploying new revision of hub website"
- apt-get update && apt-get install -y wget rsync ssh
- wget -q https://github.com/gohugoio/hugo/releases/download/v0.122.0/hugo_0.122.0_Linux-64bit.tar.gz
- tar -xf hugo*tar.gz
- chmod 750 hugo
- mkdir -p ~/.ssh
- umask 7377; echo "$${SSH_PRIVATE_KEY}" > ~/.ssh/id_ed25519
- umask 0022; bin/deploy.sh
Resulting in successful deployment, but also feedback to the pull request on codeberg:
Time for coffee and celebration!