Clean CI/CD

Over the last few days, I completed several smaller tasks while finishing the new IP Overview web app. This gave me the opportunity to look more closely at GitHub itself—and it quickly became clear that a cleanup was overdue: too many repositories and too little structure.

A few months ago, I deleted old repositories in a last-ditch attempt to regain control. This time, however, I wanted to approach it systematically.

GitHub Organization Restructuring

The first step was introducing GitHub Organizations. I created two:

  • Labs – to fully move the WTF project into a dedicated organization
  • Vault – to deep-archive outdated or deprecated, but still valuable, repositories
Setting up GH Organizations

Migrating roughly half a dozen WTF-related repositories into an organization required coordinated changes:

  • Updating existing scripts
  • Migrating and reconfiguring self-hosted runners

Runners are now bound at the organization level instead of individual repositories and can be shared across the entire pool—resulting in a much cleaner and more scalable setup.

Setting up SelfHosted Runners

Getting everything operational took some time, mainly due to new challenges around pipeline concurrency and runner coordination.

SelfHosted Runners in GH Organization

Monitoring and Exporter Rewrite

With the new runner model in place, I updated the Grafana dashboard to correctly reflect the organization-level setup. During this process, I completely rewrote:

  • the GitHub API exporter
  • the HTTP health check exporter

Both exporters were rewritten in Python, and the dashboard now monitors a total of 11 containers in a consistent and reliable way.

Updating Monitoring Dashboard

Although a full rewrite sounds extensive, most of the work was handled by my AI-assisted VS Code setup:

  • OpenAI Codex for larger refactors
  • GitHub Copilot for codebase questions, smaller tasks, and inline edits

I spent a full day preparing proper guidance using:

  • copilot-instructions.md
  • AGENTS.md
  • fullstack-ops.agent.md

This upfront investment paid off. The rewrite was completed quickly and resulted in improved polling behavior, higher stability, and cleaner overall logic compared to the previous implementation.

OpenAI Codex & GH Copilot

Pipeline Cleanup and Hardening

After stabilizing monitoring, I moved on to cleaning up the existing .yml pipeline workflows.

First, I introduced explicitly named parameters to improve readability and long-term maintainability.

Named Parameters

Next, I added LZMA2 compression for all outgoing uploads.

Compress Uploads

This was implemented as a generic step using reusable .ps1 and .sh scripts and significantly reduced bandwidth usage—which matters given my limited upload speed.

Compress Uploads

I also uploaded newly created GPG keys to GitHub to enable signed commits, establishing a security baseline that will be important for future collaboration.

GPG Commit Signing

Finally, I continued refining pipelines and composite actions by:

  • standardizing path notation ("/" instead of "\\")
  • enforcing multi-line argument formatting
  • improving inline documentation

Together, these changes resulted in a stable, predictable, and maintainable deployment pipeline.

Deployment Pipeline

Closing Thoughts

That is essentially how I spent the holidays, and it was time well spent. I made solid progress on the IP Overview application, which I now estimate to be 80–90% complete. I will likely cover it in more detail in one of the upcoming posts.

comments powered by Disqus