Internal GitOps CI/CD Pipeline https://maat.aninix.net/
Go to file
2024-04-04 17:04:19 -05:00
precommit-hooks Rearchitecting testing to have extended tests in pre-commit & minimal tests during CI/CD 2023-10-03 13:01:50 -05:00
.gitignore Adding cleanup on sources; fix for Gitea change in classes 2024-04-04 16:57:43 -05:00
aur.list Updates to maat-builder web page; adding aur.list to revision control 2020-02-07 16:12:39 -06:00
installscript Fixing Makefile conflict 2023-02-22 21:41:40 -06:00
LICENSE Making package source links more intuitively clickable 2023-10-14 14:16:27 -05:00
maat Adding cleaning function 2024-04-04 17:04:19 -05:00
maat.service Updating README; changing service from oneshot to simple; restoring .gitignore of src/** 2023-02-22 22:45:48 -06:00
maat.timer Syncing Maat with current state; adding MaatIcon for favicon; updating install with maat user; moved maat-builder name to just maat 2023-02-22 17:56:30 -06:00
MaatIcon.png Syncing Maat with current state; adding MaatIcon for favicon; updating install with maat user; moved maat-builder name to just maat 2023-02-22 17:56:30 -06:00
Makefile Adding cleanup on sources; fix for Gitea change in classes 2024-04-04 16:57:43 -05:00
PKGBUILD Adding cleanup on sources; fix for Gitea change in classes 2024-04-04 16:57:43 -05:00
README.md Adding cleanup on sources; fix for Gitea change in classes 2024-04-04 16:57:43 -05:00

Continuous integration and continuous delivery (CI/CD) are integral to current DevOps mentality -- a step further is GitOps, wherein developers only need to interact with Git and their artifacts are magically available downstream. AniNIX/Maat is intended to provide this for AniNIX and ArchLinux AUR packages.

Etymology

Maat is named for the Egyptian goddess of truth and order -- Maat was deeply tied into the idea of honorable contribution to community and the flow of the Nile, from which came the lifeblood of Egypt. Truth is reflected in the Maat service's use of testing and GPG signing prior to delivering packages, and the communal aspect is that Maat is how we deliver AniNIX and AUR packages for the world to use.

Relevant Files and Software

Maat runs as a systemd.timer nightly, invoking our build script. Ad hoc builds can be requested from admins. Output gets published on the landing page from our build pipeline -- there you can download packages, view build logs, see testing status, etc.

Our CI/CD pipeline attempts to pull directly from Git sources, either from the AniNIX or the curated AUR, build those packages, and make the available to systems downstream. The /usr/local/etc/Maat/aur.list file allows the admin to control which AUR packages are pulled and built -- output files from builds can help identify issues like missing public GPG keys or dependency issues.

Maat also consumes a GPG key. The admin will need to set up this key and publish it. You will need to add our GPG key to use the AniNIX's CI/CD.

Available Clients

As Maat is a pipeline for ArchLinux systems, the primary client is Pacman. You can see how to subscribe your host to Maat in this configuration snippet.

Equivalents or Competition

General equivalents are Jenkins or GitLab CI/CD Runners. We chose to write our own because these are resource-intensive and often insecure. AniNIX/Maat enacts exactly the steps as detailed by Arch and only offers a noninteractive dashboard -- users are only able to see the artifacts and all changes must be done in upstream.