SourceHut build

The bulid.sr.ht system is much simpler than some of it's counterparts, and I actually really like this. There is way too much complexity in Github actions, it's essentially not possible to test the workflows, and it encourages users to push all complexity out of the projects and into the pipeline, these pipelines become fragile and prone to attach because they rely on loads of shared code to function.

There are a few of things that are nice about this, for one thing, you can easily connect multiple repositories to a single job. But the main feature that really stands out is being able to run a job with just a build manifest, without needing to commit/push which is so common in workflows these days.

This also means that you can author scripts and then test the builds via launching small portions of your build. This reduces the cycle time, and the stupidiy involved is using modern CI systems. You can tell the system is broken when people author empty commits to artificially create events.

You can also ssh in to debug. I don't know why Github actions don't allow sshing in to investigate. We use self-hosted runners at work and it's not built into the product to support this from what I know. This makes it so frustrating to test and verify anything, it makes Github Actions a real time waster.

Having secrets just be files makes adding configurations much simpler and safer, I can limit what is exposed and often include the entire configuration of a program as a secret. It's much simpler than having env vars that need to be copied back into templated files and all that run around. This also protects any other parts of the configuration, rather than having to choose what I should or shouldn't be including as a secret.

All in all, it was a very good experience, it reminded me of some of what we lost in the "modern" pipeline based build systems.