vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-05 16:10:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci(actions): optimize main CI lanes (#51912)

Browse Source 
* ci(actions): optimize main ci lanes

* ci(actions): drop unused secrets lane

* ci(actions): keep build-smoke on prs
This commit is contained in:
Vincent Koc
2026-03-21 16:15:58 -07:00
committed by GitHub
parent 9dea537bae
commit 9854466a04
2 changed files with 14 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/actions/setup-node-env/action.yml vendored
View File

@@ -63,7 +63,7 @@ runs:
- name: Setup Bun - name: Setup Bun
if: inputs.install-bun == 'true' if: inputs.install-bun == 'true'
uses: oven-sh/setup-bun@v2.1.3 uses: oven-sh/setup-bun@v2.2.0
with: with:
bun-version: "1.3.9" bun-version: "1.3.9"

93
.github/workflows/ci.yml vendored
View File

@@ -223,7 +223,9 @@ jobs:
cache_key_suffix: "node22" cache_key_suffix: "node22"
command: | command: |
pnpm build pnpm build
pnpm test node openclaw.mjs --help
node openclaw.mjs status --json --timeout 1
pnpm test:build:singleton
node scripts/stage-bundled-plugin-runtime-deps.mjs node scripts/stage-bundled-plugin-runtime-deps.mjs
node --import tsx scripts/release-check.ts node --import tsx scripts/release-check.ts
steps: steps:
@@ -406,8 +408,8 @@ jobs:
build-smoke: build-smoke:
name: "build-smoke" name: "build-smoke"
needs: [docs-scope, changed-scope] needs: [docs-scope, changed-scope, build-artifacts]
if: needs.docs-scope.outputs.docs_only != 'true' && needs.changed-scope.outputs.run_node == 'true' if: always() && needs.docs-scope.outputs.docs_only != 'true' && needs.changed-scope.outputs.run_node == 'true' && (github.event_name != 'push' || needs.build-artifacts.result == 'success')
runs-on: blacksmith-16vcpu-ubuntu-2404 runs-on: blacksmith-16vcpu-ubuntu-2404
steps: steps:
- name: Checkout - name: Checkout
@@ -421,7 +423,15 @@ jobs:
install-bun: "false" install-bun: "false"
use-sticky-disk: "false" use-sticky-disk: "false"
- name: Download dist artifact
if: github.event_name == 'push'
uses: actions/download-artifact@v8
with:
name: dist-build
path: dist/
- name: Build dist - name: Build dist
if: github.event_name != 'push'
run: pnpm build run: pnpm build
- name: Smoke test CLI launcher help - name: Smoke test CLI launcher help
@@ -482,83 +492,6 @@ jobs:
- name: Test skill Python scripts - name: Test skill Python scripts
run: python -m pytest -q skills run: python -m pytest -q skills
secrets:
if: github.event_name != 'pull_request' || !github.event.pull_request.draft
runs-on: blacksmith-16vcpu-ubuntu-2404
steps:
- name: Checkout
uses: actions/checkout@v6
with:
submodules: false
- name: Ensure secrets base commit
uses: ./.github/actions/ensure-base-commit
with:
base-sha: ${{ github.event_name == 'push' && github.event.before || github.event.pull_request.base.sha }}
fetch-ref: ${{ github.event_name == 'push' && github.ref_name || github.event.pull_request.base.ref }}
- name: Setup Node environment
uses: ./.github/actions/setup-node-env
with:
install-bun: "false"
use-sticky-disk: "false"
install-deps: "false"
- name: Setup Python
id: setup-python
uses: actions/setup-python@v6
with:
python-version: "3.12"
cache: "pip"
cache-dependency-path: |
pyproject.toml
.pre-commit-config.yaml
.github/workflows/ci.yml
- name: Restore pre-commit cache
uses: actions/cache@v5
with:
path: ~/.cache/pre-commit
key: pre-commit-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('.pre-commit-config.yaml') }}
- name: Install pre-commit
run: |
python -m pip install --upgrade pip
python -m pip install pre-commit
- name: Detect committed private keys
run: pre-commit run --all-files detect-private-key
- name: Audit changed GitHub workflows with zizmor
env:
BASE_SHA: ${{ github.event_name == 'push' && github.event.before || github.event.pull_request.base.sha }}
run: |
set -euo pipefail
if [ -z "${BASE_SHA:-}" ] || [ "${BASE_SHA}" = "0000000000000000000000000000000000000000" ]; then
echo "No usable base SHA detected; skipping zizmor."
exit 0
fi
if ! git cat-file -e "${BASE_SHA}^{commit}" 2>/dev/null; then
echo "Base SHA ${BASE_SHA} is unavailable; skipping zizmor."
exit 0
fi
mapfile -t workflow_files < <(
git diff --name-only "${BASE_SHA}" HEAD -- '.github/workflows/*.yml' '.github/workflows/*.yaml'
)
if [ "${#workflow_files[@]}" -eq 0 ]; then
echo "No workflow changes detected; skipping zizmor."
exit 0
fi
printf 'Auditing workflow files:\n%s\n' "${workflow_files[@]}"
pre-commit run zizmor --files "${workflow_files[@]}"
- name: Audit production dependencies
run: pre-commit run --all-files pnpm-audit-prod
checks-windows: checks-windows:
needs: [docs-scope, changed-scope] needs: [docs-scope, changed-scope]
if: needs.docs-scope.outputs.docs_only != 'true' && needs.changed-scope.outputs.run_windows == 'true' if: needs.docs-scope.outputs.docs_only != 'true' && needs.changed-scope.outputs.run_windows == 'true'