docs: split CI docs into focused files, add musl/feature/TLS details

Sweattypalms · Sweattypalms · commit 1afb730ff41a · 2026-02-16T21:19:22.000+09:00
- Split monolithic README.md into workflows.md, build.md, releases.md
- README.md is now a short index linking to the three docs
- Document musl static linking, CC/CXX env vars, rustls TLS backend
- Document release feature flag and why tracy/dhat are excluded
- Add retagging workflow and binary download examples
diff --git a/docs/ci/README.md b/docs/ci/README.md
@@ -1,160 +1,9 @@
-# CI/CD Pipeline
+# CI/CD
 
-FerrumC uses GitHub Actions for continuous integration and release automation. The pipeline is split into two workflows: one for PR validation and one for tagged releases.
+Documentation for the CI/CD pipeline, build system, and release process.
 
-## Workflows
-
-### `rust.yml` — PR & Push CI
-
-**Triggers:** Pull requests to `master`, pushes to `master`, manual `workflow_dispatch`.
-
-**Concurrency:** Grouped by PR head ref. New pushes to the same PR cancel in-progress runs.
-
-| Job | Runner | What it does |
-|---|---|---|
-| **Formatting and Security** | `ubuntu-latest` | `cargo fmt --check`, `cargo clippy -D warnings`, `cargo audit` |
-| **Run Tests** | `ubuntu-latest` | `cargo nextest run` with `--all-targets --all-features` (excludes benchmarks) |
-
-Both jobs run in parallel with no dependency between them.
-
-### `release.yml` — Tagged Release Pipeline
-
-**Triggers:** Push of tags matching `v*` (e.g., `v1.0.0`, `v0.2.0-rc1`).
-
-| Job | Runner | What it does |
-|---|---|---|
-| **Validate** | `ubuntu-latest` | Same checks as CI: fmt, clippy, nextest |
-| **Build Release** | 4-platform matrix | Builds with `--profile production --all-features`, packages binaries, generates SHA256 checksums |
-| **Publish Release** | `ubuntu-latest` | Creates GitHub Release with auto-generated notes, attaches all archives and checksums |
-
-#### Build Matrix
-
-| OS | Target | Archive Format |
-|---|---|---|
-| `ubuntu-latest` | `x86_64-unknown-linux-musl` | `.tar.gz` |
-| `ubuntu-24.04-arm` | `aarch64-unknown-linux-musl` | `.tar.gz` |
-| `windows-latest` | `x86_64-pc-windows-msvc` | `.zip` |
-| `macos-14` | `aarch64-apple-darwin` | `.tar.gz` |
-
-#### Release Artifact Naming
-
-Archives: `ferrumc-{tag}-{target}.tar.gz` (or `.zip` for Windows)
-Checksums: `ferrumc-{tag}-{target}.tar.gz.sha256` (or `.zip.sha256`)
-
-Example: `ferrumc-v1.0.0-x86_64-unknown-linux-musl.tar.gz`
-
-Linux binaries are statically linked via musl libc, so they run on any Linux distribution regardless of glibc version. The `musl-tools` package is installed during CI builds. The project uses `rustls-tls` (pure Rust) instead of `native-tls` (OpenSSL) to avoid native library dependencies.
-
-#### Platform-Specific Packaging
-
-| Platform | Archive tool | Checksum tool |
-|---|---|---|
-| Linux | `tar -czf` | `sha256sum` |
-| macOS | `tar -czf` | `shasum -a 256` (macOS lacks `sha256sum`) |
-| Windows | PowerShell `Compress-Archive` (runs under `shell: pwsh`) | PowerShell `Get-FileHash` |
-
-Windows steps use `shell: pwsh` explicitly since the workflow default shell is `bash`.
-
-## Build Profiles
-
-| Profile | Use case | Key settings |
-|---|---|---|
-| `dev` | Local development | Default + per-package optimizations for heavy deps (yazi, bevy_ecs, tokio) |
-| `release` | Standard release | Cargo defaults |
-| `production` | CI release builds | release + `strip`, `lto`, `opt-level = 3`, `codegen-units = 1` |
-| `profiling` | Tracy profiling | release + `debug = true` |
-| `hyper` | Maximum performance | production + `panic = "abort"`, no overflow checks, no debug assertions |
-
-The `production` profile is used by the release workflow. It's similar to `hyper` but keeps panic unwinding (no `panic = "abort"`), which is safer for a server binary — a panic unwinds and logs a backtrace instead of hard-crashing.
-
-## Caching
-
-Jobs use `Swatinem/rust-cache@v2`. Cache keys are set up intentionally:
-
-- **`rust.yml` formatting job**: default key (job-name based). Compiles to `target/debug/` (no `--target` flag).
-- **`rust.yml` test job**: `shared-key: "ferrumc-test"`. Compiles to `target/x86_64-unknown-linux-gnu/debug/` (explicit `--target` flag).
-- **`release.yml` validate job**: `shared-key: "ferrumc-test"`. Reuses the test job's cache from `rust.yml`, since both compile with the same target and features. Clippy does a small incremental rebuild for `target/debug/`, but all dependencies are already cached.
-- **`release.yml` build-release jobs**: `shared-key: "ferrumc"`. Separate from CI caches since these use `--profile production` on different platforms.
-
-The formatting and test jobs in `rust.yml` must NOT share a cache key — they compile to different target directories, and GitHub Actions cache is immutable (first write wins). Sharing a key causes whichever job saves second to permanently lose its artifacts.
-
-### Cache performance
-
-With warm caches, typical CI times are:
-- Formatting and Security: ~30-40s
-- Run Tests: ~50-60s
-
-Cold cache (first run or after Cargo.lock changes): ~2-3 minutes per job.
-
-## Versioning
-
-FerrumC follows [Semantic Versioning](https://semver.org/) (SemVer).
-
-### Version Format
-
-**`MAJOR.MINOR.PATCH`** — e.g., `1.4.2`
-
-| Component | When to bump | Example |
-|---|---|---|
-| **MAJOR** | Breaking changes — config format changes, protocol rewrites, removed features | `1.0.0` → `2.0.0` |
-| **MINOR** | New features, backwards compatible — new commands, new packet support, new config options | `1.0.0` → `1.1.0` |
-| **PATCH** | Bug fixes only — no new features, no breaking changes | `1.0.0` → `1.0.1` |
-
-### Pre-release Versions
-
-A `0.x.x` major version means the project is not yet stable — any release can contain breaking changes.
-
-Pre-release labels are appended with a hyphen to indicate the release isn't final:
-
-| Label | Meaning | Example |
-|---|---|---|
-| `alpha` | Early preview. Features incomplete, expect breakage. | `v0.2.0-alpha.1` |
-| `beta` | Feature complete but not fully tested. | `v0.2.0-beta.1` |
-| `rc` | Release Candidate. "We think this is ready, testing before making it official." | `v0.2.0-rc1` |
-| *(none)* | Final release. Stable, tested, ready for use. | `v0.2.0` |
-
-The typical progression is: **alpha → beta → rc → release**. Not all stages are required — most releases go straight from development to `rc` → final, or skip `rc` entirely for small patches.
-
-If a bug is found in `rc1`, the fix gets tagged as `rc2`. Once the RC is validated, the final version is tagged (same commit or a new one).
-
-### Versioning in Practice
-
-FerrumC is currently at `0.1.0` (pre-stable). A realistic release flow looks like:
-
-1. Development happens on `master`, PRs get merged.
-2. A set of changes is deemed worth releasing.
-3. Tag `v0.1.0-rc1` to test the release pipeline and binaries.
-4. If everything works, tag `v0.1.0` as the final release.
-5. Bug fix needed? Fix on master, tag `v0.1.1`.
-6. New feature? Tag `v0.2.0`.
-7. Massive breaking change (stable protocol, config rewrite)? Tag `v1.0.0`.
-
-## Creating a Release
-
-1. Ensure `master` is in a releasable state (CI green).
-2. Tag the commit:
-   ```bash
-   git tag v0.1.0        # final release
-   git tag v0.1.0-rc1    # release candidate (for testing)
-   ```
-3. Push the tag:
-   ```bash
-   git push origin v0.1.0
-   ```
-4. The release workflow runs automatically: validate → build (4 platforms) → publish GitHub Release.
-5. If validation or build fails, fix the issue on master, then tag again (e.g., `v0.1.0-rc2`).
-
-### Deleting a Bad Tag
-
-To delete a tag that was pushed by mistake or needs to be redone:
-
-```bash
-git tag -d v0.1.0-rc1              # delete locally
-git push origin :refs/tags/v0.1.0-rc1  # delete from remote
-```
-
-Then delete the draft/failed GitHub Release from the Releases page if one was created.
-
-## Suppressed Advisories
-
-`cargo audit` ignores `RUSTSEC-2023-0071`. If this advisory is resolved upstream, the ignore can be removed from the workflow.
+| Document | What it covers |
+|---|---|
+| [Workflows](workflows.md) | GitHub Actions workflows, job structure, caching strategy |
+| [Build Profiles & Features](build.md) | Cargo profiles, feature flags, static linking, TLS backend |
+| [Releases](releases.md) | Versioning (SemVer), creating releases, retagging, downloading binaries |
diff --git a/docs/ci/build.md b/docs/ci/build.md
@@ -0,0 +1,44 @@
+# Build Profiles & Features
+
+## Cargo Features
+
+Features are defined in `src/bin/Cargo.toml`:
+
+| Feature | What it includes | Used in |
+|---|---|---|
+| `dashboard` | Web dashboard (Axum server) | Default, release builds |
+| `tracy` | Tracy profiler client | Local profiling only |
+| `dhat` | Heap profiler | Local profiling only |
+| `release` | All features suitable for distribution (`dashboard`) | Release builds |
+
+Release builds use `--features release` (scoped to `-p ferrumc`) instead of `--all-features`. This is intentional — `tracy` and `dhat` are profiling tools that include C/C++ code incompatible with musl static linking (`tracy-client-sys` uses glibc-specific functions like `__snprintf_chk` and `__memcpy_chk`). When adding new features intended for release builds, add them to the `release` feature list.
+
+## Build Profiles
+
+| Profile | Use case | Key settings |
+|---|---|---|
+| `dev` | Local development | Default + per-package optimizations for heavy deps (yazi, bevy_ecs, tokio) |
+| `release` | Standard release | Cargo defaults |
+| `production` | CI release builds | release + `strip`, `lto`, `opt-level = 3`, `codegen-units = 1` |
+| `profiling` | Tracy profiling | release + `debug = true` |
+| `hyper` | Maximum performance | production + `panic = "abort"`, no overflow checks, no debug assertions |
+
+The `production` profile is used by the release workflow. It's similar to `hyper` but keeps panic unwinding (no `panic = "abort"`), which is safer for a server binary — a panic unwinds and logs a backtrace instead of hard-crashing.
+
+## Static Linking (Linux)
+
+Linux binaries are statically linked via musl libc, producing fully self-contained binaries that run on any Linux distribution regardless of glibc version. This avoids the common `GLIBC_X.XX not found` error on older distros.
+
+Requirements for musl builds:
+- `musl-tools` package (installed automatically in CI)
+- `CC=musl-gcc` and `CXX=g++` environment variables (set in CI build step)
+- `rustls` instead of `native-tls` for TLS (see below)
+
+### TLS Backend
+
+The project uses `rustls` (pure Rust TLS) instead of `native-tls` (OpenSSL) for the `reqwest` HTTP client. This is required for musl static builds — `native-tls` depends on system OpenSSL which cannot be statically linked with musl. The `rustls` backend has no native dependencies and works across all targets.
+
+Configured in the root `Cargo.toml`:
+```toml
+reqwest = { version = "0.13.1", features = ["json", "rustls", "blocking", "http2"], default-features = false }
+```
diff --git a/docs/ci/releases.md b/docs/ci/releases.md
@@ -0,0 +1,84 @@
+# Releases & Versioning
+
+## Versioning
+
+FerrumC follows [Semantic Versioning](https://semver.org/) (SemVer).
+
+### Version Format
+
+**`MAJOR.MINOR.PATCH`** — e.g., `1.4.2`
+
+| Component | When to bump | Example |
+|---|---|---|
+| **MAJOR** | Breaking changes — config format changes, protocol rewrites, removed features | `1.0.0` → `2.0.0` |
+| **MINOR** | New features, backwards compatible — new commands, new packet support, new config options | `1.0.0` → `1.1.0` |
+| **PATCH** | Bug fixes only — no new features, no breaking changes | `1.0.0` → `1.0.1` |
+
+### Pre-release Versions
+
+A `0.x.x` major version means the project is not yet stable — any release can contain breaking changes.
+
+Pre-release labels are appended with a hyphen to indicate the release isn't final:
+
+| Label | Meaning | Example |
+|---|---|---|
+| `alpha` | Early preview. Features incomplete, expect breakage. | `v0.2.0-alpha.1` |
+| `beta` | Feature complete but not fully tested. | `v0.2.0-beta.1` |
+| `rc` | Release Candidate. "Believed to be ready, testing before making it official." | `v0.2.0-rc1` |
+| *(none)* | Final release. Stable, tested, ready for use. | `v0.2.0` |
+
+The typical progression is: **alpha → beta → rc → release**. Not all stages are required — most releases go straight from development to `rc` → final, or skip `rc` entirely for small patches.
+
+If a bug is found in `rc1`, the fix gets tagged as `rc2`. Once the RC is validated, the final version is tagged (same commit or a new one).
+
+### Versioning in Practice
+
+FerrumC is currently at `0.1.0` (pre-stable). A realistic release flow:
+
+1. Development happens on `master`, PRs get merged.
+2. A set of changes is deemed worth releasing.
+3. Tag `v0.1.0-rc1` to test the release pipeline and binaries.
+4. If everything works, tag `v0.1.0` as the final release.
+5. Bug fix needed? Fix on master, tag `v0.1.1`.
+6. New feature? Tag `v0.2.0`.
+7. Massive breaking change (stable protocol, config rewrite)? Tag `v1.0.0`.
+
+## Creating a Release
+
+1. Ensure `master` is in a releasable state (CI green).
+2. Tag the commit:
+   ```bash
+   git tag v0.1.0        # final release
+   git tag v0.1.0-rc1    # release candidate (for testing)
+   ```
+3. Push the tag:
+   ```bash
+   git push origin v0.1.0
+   ```
+4. The release workflow runs automatically: validate → build (4 platforms) → publish GitHub Release.
+5. If validation or build fails, fix the issue on master, then tag again (e.g., `v0.1.0-rc2`).
+
+## Retagging a Failed Release
+
+To move a tag to a new commit (e.g., after fixing a build issue):
+
+```bash
+git tag -d v0.1.0-rc2                    # delete locally
+git push origin :refs/tags/v0.1.0-rc2    # delete from remote
+# fix the issue, commit, then:
+git tag v0.1.0-rc2                       # retag on current HEAD
+git push origin v0.1.0-rc2
+```
+
+Delete any draft/failed GitHub Release from the Releases page if one was created.
+
+## Downloading Release Binaries
+
+Latest release URL via GitHub API:
+```bash
+# Latest stable release (skips pre-releases)
+curl -s https://api.github.com/repos/ferrumc-rs/ferrumc/releases/latest
+
+# Direct download (predictable URL pattern)
+curl -sL https://github.com/ferrumc-rs/ferrumc/releases/download/v0.1.0/ferrumc-v0.1.0-x86_64-unknown-linux-musl.tar.gz -o ferrumc.tar.gz
+```
diff --git a/docs/ci/workflows.md b/docs/ci/workflows.md
@@ -0,0 +1,77 @@
+# Workflows
+
+FerrumC uses GitHub Actions for continuous integration and release automation. The pipeline is split into two workflows: one for PR validation and one for tagged releases.
+
+## `rust.yml` — PR & Push CI
+
+**Triggers:** Pull requests to `master`, pushes to `master`, manual `workflow_dispatch`.
+
+**Concurrency:** Grouped by PR head ref. New pushes to the same PR cancel in-progress runs.
+
+| Job | Runner | What it does |
+|---|---|---|
+| **Formatting and Security** | `ubuntu-latest` | `cargo fmt --check`, `cargo clippy -D warnings`, `cargo audit` |
+| **Run Tests** | `ubuntu-latest` | `cargo nextest run` with `--all-targets --all-features` (excludes benchmarks) |
+
+Both jobs run in parallel with no dependency between them.
+
+Tests use `--all-features` to ensure gated features (dashboard, tracy, etc.) are always tested. This is safe on the gnu target used by CI — the musl incompatibility with tracy only affects release builds.
+
+## `release.yml` — Tagged Release Pipeline
+
+**Triggers:** Push of tags matching `v*` (e.g., `v1.0.0`, `v0.2.0-rc1`).
+
+| Job | Runner | What it does |
+|---|---|---|
+| **Validate** | `ubuntu-latest` | Same checks as CI: fmt, clippy, nextest (with `--all-features` on gnu target) |
+| **Build Release** | 4-platform matrix | Builds with `--profile production --features release`, packages binaries, generates SHA256 checksums |
+| **Publish Release** | `ubuntu-latest` | Creates GitHub Release with auto-generated notes, attaches all archives and checksums |
+
+### Build Matrix
+
+| OS | Target | Archive Format |
+|---|---|---|
+| `ubuntu-latest` | `x86_64-unknown-linux-musl` | `.tar.gz` |
+| `ubuntu-24.04-arm` | `aarch64-unknown-linux-musl` | `.tar.gz` |
+| `windows-latest` | `x86_64-pc-windows-msvc` | `.zip` |
+| `macos-14` | `aarch64-apple-darwin` | `.tar.gz` |
+
+### Artifact Naming
+
+Archives: `ferrumc-{tag}-{target}.tar.gz` (or `.zip` for Windows)
+Checksums: `ferrumc-{tag}-{target}.tar.gz.sha256` (or `.zip.sha256`)
+
+Example: `ferrumc-v1.0.0-x86_64-unknown-linux-musl.tar.gz`
+
+### Platform-Specific Packaging
+
+| Platform | Archive tool | Checksum tool |
+|---|---|---|
+| Linux | `tar -czf` | `sha256sum` |
+| macOS | `tar -czf` | `shasum -a 256` (macOS lacks `sha256sum`) |
+| Windows | PowerShell `Compress-Archive` (runs under `shell: pwsh`) | PowerShell `Get-FileHash` |
+
+Windows steps use `shell: pwsh` explicitly since the workflow default shell is `bash`.
+
+## Caching
+
+Jobs use `Swatinem/rust-cache@v2`. Cache keys are set up intentionally:
+
+- **`rust.yml` formatting job**: default key (job-name based). Compiles to `target/debug/` (no `--target` flag).
+- **`rust.yml` test job**: `shared-key: "ferrumc-test"`. Compiles to `target/x86_64-unknown-linux-gnu/debug/` (explicit `--target` flag).
+- **`release.yml` validate job**: `shared-key: "ferrumc-test"`. Reuses the test job's cache from `rust.yml`, since both compile with the same target and features.
+- **`release.yml` build-release jobs**: `shared-key: "ferrumc"`. Separate from CI caches since these use `--profile production` on different platforms.
+
+The formatting and test jobs in `rust.yml` must NOT share a cache key — they compile to different target directories, and GitHub Actions cache is immutable (first write wins). Sharing a key causes whichever job saves second to permanently lose its artifacts.
+
+### Cache Performance
+
+With warm caches, typical CI times are:
+- Formatting and Security: ~30-40s
+- Run Tests: ~50-60s
+
+Cold cache (first run or after Cargo.lock changes): ~2-3 minutes per job.
+
+## Suppressed Advisories
+
+`cargo audit` ignores `RUSTSEC-2023-0071`. If this advisory is resolved upstream, the ignore can be removed from the workflow.
