From 99ac6b87b1afd43ec665e2509d849a42a5cf0f82 Mon Sep 17 00:00:00 2001 From: "Michael H." Date: Wed, 6 May 2026 03:00:20 +0200 Subject: [PATCH] ci: make blacksmith usage internal only --- .github/workflows/daedalus-docker.yml | 28 +++++++++++++---- .github/workflows/labrinth-docker.yml | 28 +++++++++++++---- .github/workflows/prepare-pnpm-cache.yml | 1 + .github/workflows/turbo-ci.yml | 40 ++++++++++++++++++------ 4 files changed, 75 insertions(+), 22 deletions(-) diff --git a/.github/workflows/daedalus-docker.yml b/.github/workflows/daedalus-docker.yml index 64fd44b3a..3f11eb4ed 100644 --- a/.github/workflows/daedalus-docker.yml +++ b/.github/workflows/daedalus-docker.yml @@ -31,11 +31,25 @@ jobs: runs-on: ubuntu-latest outputs: skip: ${{ steps.check.outputs.skip }} + internal: ${{ steps.check-internal.outputs.internal }} if: ${{ always() }} steps: - name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - name: Check if workflow runs on an internal branch + id: check-internal + env: + EVENT_NAME: ${{ github.event_name }} + HEAD_REPO: ${{ github.event.pull_request.head.repo.full_name }} + REPO: ${{ github.repository }} + run: | + if [ "$EVENT_NAME" != "pull_request" ] || [ "$HEAD_REPO" = "$REPO" ]; then + echo "internal=true" >> $GITHUB_OUTPUT + else + echo "internal=false" >> $GITHUB_OUTPUT + fi + - name: Merge Queue CI Check Skipper id: merge-queue-ci-skipper uses: ./.github/merge-queue-ci-skipper @@ -58,18 +72,18 @@ jobs: fi docker: - runs-on: blacksmith-4vcpu-ubuntu-2404 + runs-on: ${{ needs.skip-if-clean.outputs.internal == 'true' && 'blacksmith-4vcpu-ubuntu-2404' || 'ubuntu-latest' }} env: - SCCACHE_DIR: '/mnt/sccache' - SCCACHE_CACHE_SIZE: '10G' - SCCACHE_MULTILEVEL_CHAIN: 'disk,s3' - SCCACHE_S3_KEY_PREFIX: '${{ github.repository }}/' + SCCACHE_DIR: ${{ needs.skip-if-clean.outputs.internal == 'true' && '/mnt/sccache' || '' }} + SCCACHE_CACHE_SIZE: ${{ needs.skip-if-clean.outputs.internal == 'true' && '10G' || '' }} + SCCACHE_MULTILEVEL_CHAIN: ${{ needs.skip-if-clean.outputs.internal == 'true' && 'disk,s3' || '' }} + SCCACHE_S3_KEY_PREFIX: ${{ needs.skip-if-clean.outputs.internal == 'true' && format('{0}/', github.repository) || '' }} SCCACHE_BUCKET: ${{ secrets.SCCACHE_BUCKET }} SCCACHE_REGION: ${{ secrets.SCCACHE_REGION }} SCCACHE_ENDPOINT: ${{ secrets.SCCACHE_ENDPOINT }} AWS_ACCESS_KEY_ID: ${{ secrets.SCCACHE_S3_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.SCCACHE_S3_SECRET_ACCESS_KEY }} - RUSTC_WRAPPER: 'sccache' + RUSTC_WRAPPER: ${{ needs.skip-if-clean.outputs.internal == 'true' && 'sccache' || '' }} needs: [skip-if-clean] if: ${{ needs.skip-if-clean.outputs.skip != 'true' }} steps: @@ -92,12 +106,14 @@ jobs: key: ${{ runner.os }}-${{ runner.arch }}-cargo-${{ hashFiles('**/Cargo.lock') }} - name: Mount sccache disk cache + if: needs.skip-if-clean.outputs.internal == 'true' uses: useblacksmith/stickydisk@13af8883542ca949a717e70fef89d15edbb29d88 # v1.2.0 with: key: ${{ github.repository }}-daedalus-sccache path: /mnt/sccache - name: Setup sccache + if: needs.skip-if-clean.outputs.internal == 'true' uses: mozilla-actions/sccache-action@9e7fa8a12102821edf02ca5dbea1acd0f89a2696 # v0.0.10 - name: Build daedalus_client diff --git a/.github/workflows/labrinth-docker.yml b/.github/workflows/labrinth-docker.yml index 262ea1953..50e565a29 100644 --- a/.github/workflows/labrinth-docker.yml +++ b/.github/workflows/labrinth-docker.yml @@ -29,11 +29,25 @@ jobs: runs-on: ubuntu-latest outputs: skip: ${{ steps.check.outputs.skip }} + internal: ${{ steps.check-internal.outputs.internal }} if: ${{ always() }} steps: - name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - name: Check if workflow runs on an internal branch + id: check-internal + env: + EVENT_NAME: ${{ github.event_name }} + HEAD_REPO: ${{ github.event.pull_request.head.repo.full_name }} + REPO: ${{ github.repository }} + run: | + if [ "$EVENT_NAME" != "pull_request" ] || [ "$HEAD_REPO" = "$REPO" ]; then + echo "internal=true" >> $GITHUB_OUTPUT + else + echo "internal=false" >> $GITHUB_OUTPUT + fi + - name: Merge Queue CI Check Skipper id: merge-queue-ci-skipper uses: ./.github/merge-queue-ci-skipper @@ -56,22 +70,22 @@ jobs: fi docker: - runs-on: blacksmith-4vcpu-ubuntu-2404 + runs-on: ${{ needs.skip-if-clean.outputs.internal == 'true' && 'blacksmith-4vcpu-ubuntu-2404' || 'ubuntu-latest' }} needs: [skip-if-clean] if: ${{ needs.skip-if-clean.outputs.skip != 'true' }} env: SQLX_OFFLINE: 'true' GIT_HASH: ${{ github.sha }} - SCCACHE_DIR: '/mnt/sccache' - SCCACHE_CACHE_SIZE: '10G' - SCCACHE_MULTILEVEL_CHAIN: 'disk,s3' - SCCACHE_S3_KEY_PREFIX: '${{ github.repository }}/' + SCCACHE_DIR: ${{ needs.skip-if-clean.outputs.internal == 'true' && '/mnt/sccache' || '' }} + SCCACHE_CACHE_SIZE: ${{ needs.skip-if-clean.outputs.internal == 'true' && '10G' || '' }} + SCCACHE_MULTILEVEL_CHAIN: ${{ needs.skip-if-clean.outputs.internal == 'true' && 'disk,s3' || '' }} + SCCACHE_S3_KEY_PREFIX: ${{ needs.skip-if-clean.outputs.internal == 'true' && format('{0}/', github.repository) || '' }} SCCACHE_BUCKET: ${{ secrets.SCCACHE_BUCKET }} SCCACHE_REGION: ${{ secrets.SCCACHE_REGION }} SCCACHE_ENDPOINT: ${{ secrets.SCCACHE_ENDPOINT }} AWS_ACCESS_KEY_ID: ${{ secrets.SCCACHE_S3_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.SCCACHE_S3_SECRET_ACCESS_KEY }} - RUSTC_WRAPPER: 'sccache' + RUSTC_WRAPPER: ${{ needs.skip-if-clean.outputs.internal == 'true' && 'sccache' || '' }} steps: - name: Check out code uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 @@ -95,12 +109,14 @@ jobs: key: ${{ runner.os }}-${{ runner.arch }}-cargo-${{ hashFiles('**/Cargo.lock') }} - name: Mount sccache disk cache + if: needs.skip-if-clean.outputs.internal == 'true' uses: useblacksmith/stickydisk@13af8883542ca949a717e70fef89d15edbb29d88 # v1.2.0 with: key: ${{ github.repository }}-labrinth-sccache path: /mnt/sccache - name: Setup sccache + if: needs.skip-if-clean.outputs.internal == 'true' uses: mozilla-actions/sccache-action@9e7fa8a12102821edf02ca5dbea1acd0f89a2696 # v0.0.10 - name: Build labrinth diff --git a/.github/workflows/prepare-pnpm-cache.yml b/.github/workflows/prepare-pnpm-cache.yml index a7e479878..16c563c94 100644 --- a/.github/workflows/prepare-pnpm-cache.yml +++ b/.github/workflows/prepare-pnpm-cache.yml @@ -13,6 +13,7 @@ concurrency: jobs: prepare: + if: github.repository_owner == 'modrinth' runs-on: blacksmith-2vcpu-ubuntu-2404 steps: - name: Checkout diff --git a/.github/workflows/turbo-ci.yml b/.github/workflows/turbo-ci.yml index 1a7420653..e25448c86 100644 --- a/.github/workflows/turbo-ci.yml +++ b/.github/workflows/turbo-ci.yml @@ -18,11 +18,25 @@ jobs: runs-on: ubuntu-latest outputs: skip: ${{ steps.check.outputs.skip }} + internal: ${{ steps.check-internal.outputs.internal }} if: ${{ always() }} steps: - name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - name: Check if workflow runs on an internal branch + id: check-internal + env: + EVENT_NAME: ${{ github.event_name }} + HEAD_REPO: ${{ github.event.pull_request.head.repo.full_name }} + REPO: ${{ github.repository }} + run: | + if [ "$EVENT_NAME" != "pull_request" ] || [ "$HEAD_REPO" = "$REPO" ]; then + echo "internal=true" >> $GITHUB_OUTPUT + else + echo "internal=false" >> $GITHUB_OUTPUT + fi + - name: Merge Queue CI Check Skipper id: merge-queue-ci-skipper uses: ./.github/merge-queue-ci-skipper @@ -31,14 +45,16 @@ jobs: - name: Check merge_group synthetic commit id: check + env: + EVENT_NAME: ${{ github.event_name }} + SKIP_CHECK: ${{ steps.merge-queue-ci-skipper.outputs.skip-check }} run: | - # PR mode: never skip - if [ "${{ github.event_name }}" != "merge_group" ]; then + if [ "$EVENT_NAME" != "merge_group" ]; then echo "skip=false" >> $GITHUB_OUTPUT exit 0 fi - if [ "${{ steps.merge-queue-ci-skipper.outputs.skip-check }}" = "true" ]; then + if [ "$SKIP_CHECK" = "true" ]; then echo "skip=true" >> $GITHUB_OUTPUT else echo "skip=false" >> $GITHUB_OUTPUT @@ -46,7 +62,7 @@ jobs: build: name: Lint and Test - runs-on: blacksmith-4vcpu-ubuntu-2404 + runs-on: ${{ needs.skip-if-clean.outputs.internal == 'true' && 'blacksmith-4vcpu-ubuntu-2404' || 'ubuntu-latest' }} needs: [skip-if-clean] if: ${{ needs.skip-if-clean.outputs.skip != 'true' }} @@ -60,17 +76,19 @@ jobs: # since we don't want warnings to become errors # while developing) RUSTFLAGS: -Dwarnings - # sccache config - SCCACHE_DIR: '/mnt/sccache' - SCCACHE_CACHE_SIZE: '10G' - SCCACHE_MULTILEVEL_CHAIN: 'disk,s3' - SCCACHE_S3_KEY_PREFIX: '${{ github.repository }}/' + # sccache config (only populated for internal branches; secrets aren't + # available to forked PRs, and blacksmith stickydisk requires a + # blacksmith runner) + SCCACHE_DIR: ${{ needs.skip-if-clean.outputs.internal == 'true' && '/mnt/sccache' || '' }} + SCCACHE_CACHE_SIZE: ${{ needs.skip-if-clean.outputs.internal == 'true' && '10G' || '' }} + SCCACHE_MULTILEVEL_CHAIN: ${{ needs.skip-if-clean.outputs.internal == 'true' && 'disk,s3' || '' }} + SCCACHE_S3_KEY_PREFIX: ${{ needs.skip-if-clean.outputs.internal == 'true' && format('{0}/', github.repository) || '' }} SCCACHE_BUCKET: ${{ secrets.SCCACHE_BUCKET }} SCCACHE_REGION: ${{ secrets.SCCACHE_REGION }} SCCACHE_ENDPOINT: ${{ secrets.SCCACHE_ENDPOINT }} AWS_ACCESS_KEY_ID: ${{ secrets.SCCACHE_S3_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.SCCACHE_S3_SECRET_ACCESS_KEY }} - RUSTC_WRAPPER: 'sccache' + RUSTC_WRAPPER: ${{ needs.skip-if-clean.outputs.internal == 'true' && 'sccache' || '' }} steps: - name: Check out code @@ -121,12 +139,14 @@ jobs: key: ${{ runner.os }}-${{ runner.arch }}-cargo-${{ hashFiles('**/Cargo.lock') }} - name: Mount sccache disk cache + if: needs.skip-if-clean.outputs.internal == 'true' uses: useblacksmith/stickydisk@13af8883542ca949a717e70fef89d15edbb29d88 # v1.2.0 with: key: ${{ github.repository }}-turbo-sccache path: /mnt/sccache - name: Setup sccache + if: needs.skip-if-clean.outputs.internal == 'true' uses: mozilla-actions/sccache-action@9e7fa8a12102821edf02ca5dbea1acd0f89a2696 # v0.0.10 - name: Setup binstall