fix: PR CI works without secrets — use committed El runtime for pull_request builds
Dev — Build & local smoke test / build-smoke (pull_request) Failing after 17m6s
Dev — Build & local smoke test / build-smoke (pull_request) Failing after 17m6s
Gitea does not inject secrets for pull_request events. All push/workflow_dispatch
CI was already working. PR builds were failing at Clone el and Authenticate to GCP.
Fix: for pull_request events, skip El clone and GCP auth entirely. Instead build
EL_HOME from committed files: bin/elc-linux-amd64 + runtime/{el_runtime.c,.h,.js}.
build-stage.sh already knows about bin/elc-linux-amd64 for JS compilation; this
extends that pattern to the native compiler and JS runtime.
Docker --cache-from is skipped implicitly (no docker auth configured for PR builds)
— BuildKit handles unauthenticated cache-from gracefully, continuing without cache.
This commit is contained in:
@@ -47,6 +47,8 @@ jobs:
|
||||
fetch-depth: 2
|
||||
|
||||
- name: Clone el (provides elc compiler)
|
||||
# push/workflow_dispatch only — pull_request events don't get secrets injected
|
||||
if: github.event_name != 'pull_request'
|
||||
env:
|
||||
CHECKOUT_TOKEN: ${{ secrets.CHECKOUT_TOKEN }}
|
||||
run: |
|
||||
@@ -58,20 +60,41 @@ jobs:
|
||||
"$DEST"
|
||||
echo "EL_HOME=$DEST" >> "$GITHUB_ENV"
|
||||
|
||||
- name: Set up El SDK from committed runtime (PR builds)
|
||||
# pull_request events have no secrets — build from committed bin/ and runtime/
|
||||
if: github.event_name == 'pull_request'
|
||||
run: |
|
||||
set -euo pipefail
|
||||
DEST="${{ github.workspace }}/../foundation-el"
|
||||
mkdir -p "$DEST/dist/platform" "$DEST/el-compiler/runtime"
|
||||
cp bin/elc-linux-amd64 "$DEST/dist/platform/elc"
|
||||
cp bin/elc-linux-amd64 "$DEST/dist/platform/elc-linux-amd64"
|
||||
chmod +x "$DEST/dist/platform/elc" "$DEST/dist/platform/elc-linux-amd64"
|
||||
cp runtime/el_runtime.c "$DEST/el-compiler/runtime/"
|
||||
cp runtime/el_runtime.h "$DEST/el-compiler/runtime/"
|
||||
cp runtime/el_runtime.js "$DEST/el-compiler/runtime/"
|
||||
echo "EL_HOME=$DEST" >> "$GITHUB_ENV"
|
||||
echo "El SDK set up from committed runtime files (no CHECKOUT_TOKEN needed)"
|
||||
|
||||
- name: Authenticate to GCP
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: google-github-actions/auth@v2
|
||||
with:
|
||||
credentials_json: ${{ secrets.GCP_SA_KEY }}
|
||||
|
||||
- name: Set up gcloud SDK
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: google-github-actions/setup-gcloud@v2
|
||||
with:
|
||||
project_id: neuron-785695
|
||||
|
||||
- name: Configure docker auth for Artifact Registry
|
||||
if: github.event_name != 'pull_request'
|
||||
run: gcloud auth configure-docker us-central1-docker.pkg.dev --quiet
|
||||
|
||||
- name: Get elc (pre-built linux/amd64 from El repo)
|
||||
# Only needed for push/workflow_dispatch — PR builds set up elc from committed bin/
|
||||
if: github.event_name != 'pull_request'
|
||||
run: |
|
||||
set -euo pipefail
|
||||
ELC_SRC="$EL_HOME/dist/platform/elc-linux-amd64"
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user