-
Notifications
You must be signed in to change notification settings - Fork 12
149 lines (130 loc) · 4.43 KB
/
integration.yml
File metadata and controls
149 lines (130 loc) · 4.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
name: Integration
on:
push:
branches: [main]
pull_request:
branches: [main]
workflow_dispatch:
concurrency:
group: integration-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
jobs:
docs-scope:
runs-on: &default-runner ubuntu-latest
outputs:
docs_only: ${{ steps.check.outputs.docs_only }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Detect docs-only changes
id: check
shell: bash
run: |
set -euo pipefail
if [ "${{ github.event_name }}" = "push" ]; then
BASE="${{ github.event.before }}"
else
BASE="${{ github.event.pull_request.base.sha }}"
fi
CHANGED="$(git diff --name-only "$BASE" HEAD 2>/dev/null || echo "UNKNOWN")"
if [ "$CHANGED" = "UNKNOWN" ] || [ -z "$CHANGED" ]; then
echo "docs_only=false" >> "$GITHUB_OUTPUT"
exit 0
fi
docs_only=true
while IFS= read -r path; do
[ -z "$path" ] && continue
case "$path" in
docs/*|*.md|*.mdx|LICENSE)
continue
;;
*)
docs_only=false
break
;;
esac
done <<< "$CHANGED"
echo "docs_only=$docs_only" >> "$GITHUB_OUTPUT"
integration:
needs: [docs-scope]
if: needs.docs-scope.outputs.docs_only != 'true'
runs-on: *default-runner
strategy:
fail-fast: false
matrix:
include:
- distro: ubuntu
image: ubuntu-24-04-x64
setup_script: bin/ci/setup-ubuntu.sh
- distro: arch
image: "217410218"
setup_script: bin/ci/setup-arch.sh
name: ${{ matrix.distro }}
timeout-minutes: 15
steps:
- uses: actions/checkout@v4
- name: Gate external fork PRs
id: gate
shell: bash
run: |
if [ "${{ github.event_name }}" = "pull_request" ] && [ "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]; then
echo "enabled=false" >> "$GITHUB_OUTPUT"
else
echo "enabled=true" >> "$GITHUB_OUTPUT"
fi
- name: Skip integration for external fork PRs
if: steps.gate.outputs.enabled != 'true'
run: |
echo "Skipping droplet integration for external fork pull requests (secrets are unavailable)."
- name: Generate ephemeral SSH key
if: steps.gate.outputs.enabled == 'true'
run: |
mkdir -p ~/.ssh
ssh-keygen -t ed25519 -f ~/.ssh/ci_key -N "" -q
- name: Create droplet
if: steps.gate.outputs.enabled == 'true'
id: droplet
env:
DO_API_TOKEN: ${{ secrets.DO_API_TOKEN }}
run: |
output=$(bash bin/ci/droplet.sh create \
"ci-${{ matrix.distro }}-${{ github.run_id }}" \
"${{ matrix.image }}" \
~/.ssh/ci_key.pub)
echo "$output" >> "$GITHUB_OUTPUT"
echo "$output"
- name: Wait for SSH
if: steps.gate.outputs.enabled == 'true'
env:
DO_API_TOKEN: ${{ secrets.DO_API_TOKEN }}
run: |
bash bin/ci/droplet.sh wait-ssh \
"${{ steps.droplet.outputs.DROPLET_IP }}" \
~/.ssh/ci_key
- name: Upload source
if: steps.gate.outputs.enabled == 'true'
run: |
tar czf /tmp/baudbot-src.tar.gz \
--exclude=node_modules --exclude=.git .
scp -o StrictHostKeyChecking=no -o BatchMode=yes \
-i ~/.ssh/ci_key \
/tmp/baudbot-src.tar.gz \
"root@${{ steps.droplet.outputs.DROPLET_IP }}:/tmp/baudbot-src.tar.gz"
- name: Setup and test
if: steps.gate.outputs.enabled == 'true'
run: |
bash bin/ci/droplet.sh run \
"${{ steps.droplet.outputs.DROPLET_IP }}" \
~/.ssh/ci_key \
"${{ matrix.setup_script }}" \
"CI_ANTHROPIC_API_KEY=${{ secrets.CI_ANTHROPIC_API_KEY }}"
- name: Cleanup
if: always() && steps.gate.outputs.enabled == 'true'
env:
DO_API_TOKEN: ${{ secrets.DO_API_TOKEN }}
run: |
bash bin/ci/droplet.sh destroy \
"${{ steps.droplet.outputs.DROPLET_ID }}" \
"${{ steps.droplet.outputs.SSH_KEY_ID }}" \
"ci-${{ matrix.distro }}-${{ github.run_id }}"