perf(ci): use the prebuilt release binary for interface collection#76
Merged
perf(ci): use the prebuilt release binary for interface collection#76
Conversation
The publish job's `Start local worker for interface collection` step was running `cargo run --bin $WORKER --`, paying a full cold cargo compile (200+ deps for skills/mcp) before the worker could even register with the engine. That added 50-90s to every publish despite the `binary-build` job having already produced a working linux-gnu binary on the GitHub Release that publish depends on. Add a `release-binary` mode that, for any `deploy: binary` worker, downloads `$BIN-x86_64-unknown-linux-gnu.tar.gz` from `releases/download/$TAG/`, extracts it, and runs the binary directly. Cargo compile drops out of the critical path; the Collect step now waits ~5s of curl + a fresh process boot instead of ~60s of compile. The mode-detection now prefers `release-binary` whenever `deploy == binary` (the only path that reaches publish — dry runs short-circuit upstream, and `_rust-binary.yml` is a `needs:` of `publish` so the asset is guaranteed to exist). `cargo-run` is kept as a fallback for any future Rust worker that ships via `image` deploy or otherwise has no release asset; `iii-add` (Node/Python via `scripts.start`) is unaffected.
📝 WalkthroughWalkthroughThe pull request extends the GitHub Actions publish workflow to support deploying and running prebuilt worker binaries during interface collection. When ChangesBinary Deployment Path in Publish Workflow
Estimated code review effort🎯 2 (Simple) | ⏱️ ~12 minutes Possibly related PRs
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
🧹 Nitpick comments (1)
.github/workflows/_publish-registry.yml (1)
139-140: 💤 Low valueTar extraction assumes a flat tarball root — add a post-extract existence check
tar -xzf /tmp/worker-bin.tar.gz -C /tmp/extracts into/tmp/, then the code immediately assumes the binary will be at/tmp/${bin_name}. If the binary-build job wraps the binary in a directory (e.g.,tar czf ... bin/myworker),bin_pathwon't exist andchmod +xwill fail with a confusing "No such file or directory" rather than an actionable error.🛠️ Proposed fix: validate extraction result
tar -xzf /tmp/worker-bin.tar.gz -C /tmp/ bin_path="/tmp/${bin_name}" + if [[ ! -f "$bin_path" ]]; then + echo "::error::Expected binary not found at $bin_path after extracting tarball" + echo "Contents of /tmp after extraction:" + ls /tmp/ + exit 1 + fi chmod +x "$bin_path"🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.github/workflows/_publish-registry.yml around lines 139 - 140, After extracting /tmp/worker-bin.tar.gz, verify that the expected binary exists at bin_path="/tmp/${bin_name}" and handle cases where the tarball has a nested root; update the extraction step to check for the file (or search under /tmp for a matching ${bin_name} if not found), set bin_path accordingly, and emit a clear error and exit if the binary cannot be located before calling chmod +x. Ensure the logic references the existing bin_path and bin_name variables so the workflow fails with an actionable message instead of a generic "No such file or directory".
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In @.github/workflows/_publish-registry.yml:
- Around line 139-140: After extracting /tmp/worker-bin.tar.gz, verify that the
expected binary exists at bin_path="/tmp/${bin_name}" and handle cases where the
tarball has a nested root; update the extraction step to check for the file (or
search under /tmp for a matching ${bin_name} if not found), set bin_path
accordingly, and emit a clear error and exit if the binary cannot be located
before calling chmod +x. Ensure the logic references the existing bin_path and
bin_name variables so the workflow fails with an actionable message instead of a
generic "No such file or directory".
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 5074b426-2115-4c4f-ba15-614dfff2d8dc
📒 Files selected for processing (1)
.github/workflows/_publish-registry.yml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Collect worker interfacewas paying a full coldcargo run(~50-90s for skills/mcp because of 200+ deps) every publish, even though thebinary-buildjob upstream already produced a workingx86_64-unknown-linux-gnuartifact on the GitHub Release that publish depends on. The compile is the dominant cost of the publish step today — seeskills/v0.1.4(run) whereStarting local worker→HTTP 200was ~2 minutes wall-clock.Fix
Add a
release-binarymode toStart local worker for interface collectionfor anydeploy: binaryworker:$BIN-x86_64-unknown-linux-gnu.tar.gzfrom$REPO_URL/releases/download/$TAG/(same URL pattern thatresolve_binary_artifacts.py:37-49uses)./tmp/,chmod +x../config.yamlresolves the waycargo rundid).Mode-detection priority becomes:
binarydeploy →release-binary→iii-add(Node/Python withscripts.start) →cargo-run(Rust without binary deploy, if anyone ever adds one) →unsupported.Why it's safe
_rust-binary.ymlis aneeds:ofpublishinrelease.yml, so when publish runs the asset is guaranteed to be on the release.release.yml:190), so we never hitrelease-binarywithout a release.cargo-runstays as a defensive fallback; nothing in main currently exercises it but it costs nothing.Expected impact
Start local workerCollect worker interfaceNet: ~50-80s saved per Rust worker publish.
Test plan
create-tag.ymlfor one fast worker (image-resize) and one heavy worker (skillsormcp); both should publish in well under a minute end-to-end.Start local workerstep logs showFetching prebuilt worker: ...releases/download/...rather thancargo run.Collect worker interfacefinishes within ~10s of the worker download.POST /publishreturns 200 with the same payload shape (functions, triggers, etc.) as before.Summary by CodeRabbit