Last weekend I had to redo my CI setup because it decided to not work anymore… Not really sure what happened, but I have been wanting to switch out the drone-ci setup I had with a woodpecker-ci one for a very specific reason that relates directly to the text you’re reading right now.

I have been tinkering with CI for a long time, first time I used it for something that wasn’t just play, was back when I used github actions to push my neovim configuration to its own repository using git-subtrees. This has come in handy many times, as I sometimes just want to have the neovim config without all the extra system setup. Although it’s not complicated, it does one thing that is very important to me. It does it for me.

Optimizing away tasks that I had to do either way, is enough for me to spend hours figuring out how to set up a CI server on my own infrastructure, learn how it handles pipelines and create my own based on what I need. Initially I wanted to use woodpecker-ci which was recommended to me by a friend, however, after spending 20 minutes setting up the basics, several of hours of googling around in frustration (even went to the second page of results) about something-something-authorization, made me switch gears and try out drone-ci the following weekend.

Drone had the same 20-ish minutes of setup and then, BAM! A carbon copy of the issue I had on woodpecker. For the uninitiated, woodpecker is an open source fork of drone, so I googled the same issue again, only difference being that it was now in the context of drone. It took about ten seconds to find DRONE_GIT_ALWAYS_AUTH which apparently you have to set to tell drone to always authenticate on public repos and then it just worked. I realized quickly that it was probably exactly the same issue on woodpecker, however, I felt an abundance of both relief and frustration about the fact that I’d spent so much time on figuring out such a seemingly insignificant detail. For the time being, I stuck with drone, closed my computer and went outside.

At this point I had also been through quite a bit of the documentation for pipelines, looking for a solution to the issue, which meant that when it started working I practically had a setup that took a new commit to this blog’s repository, built all the static content using hugo, and published it to a caddy webserver. Neat!

Not all good things last though. Fast forward to yesterday I was writing up this post and when I pushed it… Nothing happened… So I go to my drone server, and it said that my authentication token had expired… Oh happy day. While this was really annoying, it was a great time to go back to woodpecker and see if I was right about that auth flag being required for git servers in private mode. The woodpecker FAQ had since had a section added which confirmed my suspicion. I still had the docker-compose.yml file for woodpecker lying around so It was simply adding the woodpecker equivalent line to the environment section like so:

services:
  woodpecker-server:
    [...]
    environment:
      - [...]
      - WOODPECKER_AUTHENTICATE_PUBLIC_REPOS=true

And after about another ten minutes, I had converted the drone config to a woodpecker config in my blog repository and it was now publishing on push again. Lovely!

I have also ported my DSP framework to woodpecker matrix pipelines which enables be to build with different compilers and run unit tests on different platforms without me doing anything other than writing code and pushing every once in a while. It’s certainly not magic, but it’s awfully convenient.