From aaba0b9b9fa34953c35343004ba069e5dcd4804c Mon Sep 17 00:00:00 2001 From: John Detter <4099508+jdetter@users.noreply.github.com> Date: Wed, 11 Feb 2026 04:23:17 -0600 Subject: [PATCH 1/5] Test commit --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 86402b98934..3e2efdc7977 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,7 +25,7 @@ jobs: matrix: include: - name: Linux - runner: spacetimedb-new-runner-2 + runner: boppy-experimental - name: Windows runner: windows-latest runs-on: ${{ matrix.runner }} From 2bcf3cb7071b26e19c657fb3d167015acd6c5180 Mon Sep 17 00:00:00 2001 From: John Detter <4099508+jdetter@users.noreply.github.com> Date: Thu, 12 Feb 2026 10:54:24 -0600 Subject: [PATCH 2/5] Don't run any other workflows --- .github/workflows/attach-artifacts.yml | 63 ---- .github/workflows/benchmarks.yml | 352 -------------------- .github/workflows/check-merge-labels.yml | 18 - .github/workflows/check-pr-base.yml | 20 -- .github/workflows/ci.yml | 32 +- .github/workflows/discord-posts.yml | 71 ---- .github/workflows/docker.yml | 129 ------- .github/workflows/docs-publish.yaml | 56 ---- .github/workflows/docs-test.yaml | 44 --- .github/workflows/llm-benchmark-update.yml | 312 ----------------- .github/workflows/package.yml | 85 ----- .github/workflows/rust_matcher.json | 21 -- .github/workflows/tag-release.yml | 22 -- .github/workflows/typescript-lint.yml | 40 --- .github/workflows/typescript-test.yml | 169 ---------- .github/workflows/upgrade-version-check.yml | 30 -- 16 files changed, 16 insertions(+), 1448 deletions(-) delete mode 100644 .github/workflows/attach-artifacts.yml delete mode 100644 .github/workflows/benchmarks.yml delete mode 100644 .github/workflows/check-merge-labels.yml delete mode 100644 .github/workflows/check-pr-base.yml delete mode 100644 .github/workflows/discord-posts.yml delete mode 100644 .github/workflows/docker.yml delete mode 100644 .github/workflows/docs-publish.yaml delete mode 100644 .github/workflows/docs-test.yaml delete mode 100644 .github/workflows/llm-benchmark-update.yml delete mode 100644 .github/workflows/package.yml delete mode 100644 .github/workflows/rust_matcher.json delete mode 100644 .github/workflows/tag-release.yml delete mode 100644 .github/workflows/typescript-lint.yml delete mode 100644 .github/workflows/typescript-test.yml delete mode 100644 .github/workflows/upgrade-version-check.yml diff --git a/.github/workflows/attach-artifacts.yml b/.github/workflows/attach-artifacts.yml deleted file mode 100644 index 23ad34343de..00000000000 --- a/.github/workflows/attach-artifacts.yml +++ /dev/null @@ -1,63 +0,0 @@ -name: Attach client binaries to release - -on: - workflow_dispatch: - inputs: - release_tag: - description: "Release tag (e.g. v1.9.0)" - required: true - -jobs: - upload-assets: - runs-on: spacetimedb-new-runner-2 - permissions: - contents: write # needed to modify releases - - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Download artifacts from private base URL - env: - RELEASE_TAG: ${{ github.event.inputs.release_tag }} - BASE_URL: ${{ secrets.ARTIFACT_BASE_URL }} - run: | - set -euo pipefail - - FULL_URL="$BASE_URL/$RELEASE_TAG" - - mkdir -p artifacts - cd artifacts - - download() { - local filename="$1" - if ! wget -q "${FULL_URL}/${filename}" -O "${filename}"; then - echo "Failed to download ${filename}" - exit 1 - fi - } - - download "spacetime-aarch64-apple-darwin.tar.gz" - download "spacetime-aarch64-unknown-linux-gnu.tar.gz" - download "spacetime-x86_64-apple-darwin.tar.gz" - download "spacetime-x86_64-pc-windows-msvc.zip" - download "spacetime-x86_64-unknown-linux-gnu.tar.gz" - download "spacetimedb-update-aarch64-apple-darwin" - download "spacetimedb-update-aarch64-unknown-linux-gnu" - download "spacetimedb-update-x86_64-apple-darwin" - download "spacetimedb-update-x86_64-pc-windows-msvc.exe" - download "spacetimedb-update-x86_64-unknown-linux-gnu" - - - name: Upload artifacts to GitHub Release - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - RELEASE_TAG: ${{ github.event.inputs.release_tag }} - run: | - set -euo pipefail - - cd artifacts - - gh release upload "$RELEASE_TAG" ./* \ - --repo "$GITHUB_REPOSITORY" \ - --clobber - diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml deleted file mode 100644 index 2785a84d95a..00000000000 --- a/.github/workflows/benchmarks.yml +++ /dev/null @@ -1,352 +0,0 @@ -on: - push: - branches: - - master - - jgilles/fix-callgrind-again - - workflow_dispatch: - inputs: - pr_number: - description: 'Pull Request Number' - required: false - default: '' - - issue_comment: - types: [created] - -name: Benchmarks - -env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_REPO: ${{ github.repository }} - -jobs: - benchmark: - name: run criterion benchmarks - runs-on: benchmarks-runner - # filter for a comment containing 'benchmarks please' - if: ${{ github.event_name != 'issue_comment' || (github.event.issue.pull_request && contains(github.event.comment.body, 'benchmarks please')) }} - env: - PR_NUMBER: ${{ github.event.inputs.pr_number || github.event.issue.number || null }} - steps: - - name: Clear stdb dir - if: always() - run: | - rm -fr /stdb/* - - - name: Enable CPU boost - run: echo "1" | sudo tee /sys/devices/system/cpu/cpufreq/boost - - - name: Check membership - if: ${{ github.event_name == 'issue_comment' }} - env: - CONTRIB_ORG: clockworklabs - COMMENT_AUTHOR: ${{ github.event.comment.user.login }} - ORG_READ_TOKEN: ${{ secrets.ORG_READ_TOKEN }} - run: | - curl -OL https://github.com/cli/cli/releases/download/v2.37.0/gh_2.37.0_linux_amd64.deb && sudo dpkg -i gh_2.37.0_linux_amd64.deb - if [[ $(GH_TOKEN=$ORG_READ_TOKEN gh api --paginate /orgs/{owner}/members --jq 'any(.login == env.COMMENT_AUTHOR)') != true ]]; then - gh pr comment $PR_NUMBER -b "Sorry, you don't have permission to run benchmarks." - exit 1 - fi - - - name: Post initial comment - run: | - if [[ $PR_NUMBER ]]; then - comment_parent=issues/$PR_NUMBER - comment_update=issues/comments - else - comment_parent=commits/$GITHUB_SHA - comment_update=comments - fi - comment_body="Benchmark in progress..." - comment_id=$(gh api "/repos/{owner}/{repo}/$comment_parent/comments" -f body="$comment_body" --jq .id) - echo "COMMENT_UPDATE_URL=/repos/{owner}/{repo}/$comment_update/$comment_id" >>$GITHUB_ENV - - - name: find PR branch - if: ${{ env.PR_NUMBER }} - run: echo "PR_REF=$(gh pr view $PR_NUMBER --json headRefName --jq .headRefName)" >>"$GITHUB_ENV" - - - name: Checkout sources - uses: actions/checkout@v4 - with: - ref: ${{ env.PR_REF || github.ref }} - # if we're on master we want to know what the sha of HEAD~1 is so - # that we can compare results from it to HEAD (in the "Fetch markdown - # summary PR" step). otherwise, we can use a fully shallow checkout - fetch-depth: ${{ env.PR_NUMBER && 1 || 2 }} - - - name: Install Rust toolchain - uses: actions-rs/toolchain@v1 - with: - profile: minimal - components: clippy - toolchain: stable - target: wasm32-unknown-unknown - override: true - - - name: Install .NET toolchain - uses: actions/setup-dotnet@v3 - with: - global-json-file: global.json - env: - DOTNET_INSTALL_DIR: ~/.dotnet - - - name: Build - working-directory: crates/bench/ - run: | - cargo build --release - - - name: Install latest wasm-opt for module optimisations - run: | - curl https://github.com/WebAssembly/binaryen/releases/download/version_116/binaryen-version_116-x86_64-linux.tar.gz -L | sudo tar xz -C /usr/local --strip-components=1 - - - name: Disable CPU boost - run: echo "0" | sudo tee /sys/devices/system/cpu/cpufreq/boost - - - name: Branch; run bench - run: | - if [[ $PR_NUMBER ]]; then - BASELINE_NAME=branch - RESULTS_NAME=pr-$PR_NUMBER - BENCH_FILTER='stdb_raw' - echo "Running benchmarks without sqlite" - else - BASELINE_NAME=master - RESULTS_NAME=$GITHUB_SHA - BENCH_FILTER='(stdb_raw|sqlite)' - echo "Running benchmarks with sqlite" - fi - pushd crates/bench - rm -rf .spacetime - cargo bench --bench generic -- --save-baseline "$BASELINE_NAME" "$BENCH_FILTER" - # sticker price benchmark - cargo bench --bench generic -- --save-baseline "$BASELINE_NAME" 'stdb_module/.*/disk/update_bulk' - cargo bench --bench special -- --save-baseline "$BASELINE_NAME" - cargo run --bin summarize pack "$BASELINE_NAME" - popd - mkdir criterion-results - [[ ! $PR_NUMBER ]] && cp target/criterion/$BASELINE_NAME.json criterion-results/ - cp target/criterion/$BASELINE_NAME.json criterion-results/$RESULTS_NAME.json - - # this will work for both PR and master - - name: Upload criterion results to DO spaces - uses: shallwefootball/s3-upload-action@master - with: - aws_key_id: ${{ secrets.AWS_KEY_ID }} - aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY}} - aws_bucket: "spacetimedb-ci-benchmarks" - source_dir: criterion-results - endpoint: https://nyc3.digitaloceanspaces.com - destination_dir: benchmarks - - - name: Fetch markdown summary PR - run: | - if [[ $PR_NUMBER ]]; then - OLD=master - NEW=pr-$PR_NUMBER - else - OLD=$(git rev-parse HEAD~1) - NEW=$GITHUB_SHA - fi - echo "fetching https://benchmarks.spacetimedb.com/compare/$OLD/$NEW" - curl -sS https://benchmarks.spacetimedb.com/compare/$OLD/$NEW > report.md - - - name: Post comment - run: | - BODY="
Criterion benchmark results - - $(cat report.md) - -
" - - gh api "$COMMENT_UPDATE_URL" -X PATCH -f body="$BODY" - - - name: Post failure comment - if: ${{ failure() && env.COMMENT_UPDATE_URL }} - run: | - BODY="Benchmarking failed. Please check [the workflow run](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}) for details." - gh api "$COMMENT_UPDATE_URL" -X PATCH -f body="$BODY" - - - name: Clean up - if: always() - run: | - rm -fr /stdb/* - - callgrind_benchmark: - name: run callgrind benchmarks - # DON'T run on benchmarks-runner, using docker on a self-hosted runner has - # been broken for 4 years: https://github.com/actions/runner/issues/434 . - # Fortunately, we can run on standard GitHub Actions infra because we don't care - # about other stuff running on the machine! - # runs-on: benchmarks-runner - runs-on: ubuntu-latest - timeout-minutes: 20 # on a successful run, runs in 8 minutes - container: - image: rust:1.93.0 - options: --privileged - # filter for a comment containing 'benchmarks please' - if: ${{ github.event_name != 'issue_comment' || (github.event.issue.pull_request && contains(github.event.comment.body, 'benchmarks please')) }} - env: - PR_NUMBER: ${{ github.event.inputs.pr_number || github.event.issue.number || null }} - steps: - - name: Clear stdb dir - if: always() - shell: bash - run: | - rm -fr /stdb/* - - - name: Install valgrind & iai-callgrind-runner - run: | - apt-get update - apt-get install -y valgrind protobuf-compiler bash sudo curl gh - cargo install --git https://github.com/clockworklabs/iai-callgrind.git --branch main iai-callgrind-runner - git config --global --add safe.directory /__w/SpacetimeDB/SpacetimeDB - - # can't do this off self hosted: - # - name: Enable CPU boost - # shell: bash - # run: echo "1" | sudo tee /sys/devices/system/cpu/cpufreq/boost - - - name: Check membership - if: ${{ github.event_name == 'issue_comment' }} - env: - CONTRIB_ORG: clockworklabs - COMMENT_AUTHOR: ${{ github.event.comment.user.login }} - ORG_READ_TOKEN: ${{ secrets.ORG_READ_TOKEN }} - shell: bash - run: | - curl -OL https://github.com/cli/cli/releases/download/v2.37.0/gh_2.37.0_linux_amd64.deb && sudo dpkg -i gh_2.37.0_linux_amd64.deb - if [[ $(GH_TOKEN=$ORG_READ_TOKEN gh api --paginate /orgs/{owner}/members --jq 'any(.login == env.COMMENT_AUTHOR)') != true ]]; then - gh pr comment $PR_NUMBER -b "Sorry, you don't have permission to run benchmarks." - exit 1 - fi - - - name: find PR branch - if: ${{ env.PR_NUMBER }} - shell: bash - run: echo "PR_REF=$(gh pr view $PR_NUMBER --json headRefName --jq .headRefName)" >>"$GITHUB_ENV" - - - name: Checkout sources - uses: actions/checkout@v3 - with: - ref: ${{ env.PR_REF || github.ref }} - # if we're on master we want to know what the sha of HEAD~1 is so - # that we can compare results from it to HEAD (in the "Fetch markdown - # summary PR" step). otherwise, we can use a fully shallow checkout - fetch-depth: ${{ env.PR_NUMBER && 1 || 2 }} - - - name: Unbork GitHub Actions state - shell: bash - run: | - echo "Letting anybody touch our git repo, in order to avoid breaking other jobs" - echo "This is necessary because we are running as root inside a docker image" - chmod -R a+rw . - - - name: Post initial comment - shell: bash - run: | - set -exo pipefail - if [[ $PR_NUMBER ]]; then - comment_parent=issues/$PR_NUMBER - comment_update=issues/comments - else - comment_parent=commits/$GITHUB_SHA - comment_update=comments - fi - comment_body="Callgrind benchmark in progress..." - comment_id=$(gh api "/repos/{owner}/{repo}/$comment_parent/comments" -f body="$comment_body" --jq .id) - echo "COMMENT_UPDATE_URL=/repos/{owner}/{repo}/$comment_update/$comment_id" >>$GITHUB_ENV - - - name: Install stable toolchain - uses: actions-rs/toolchain@v1 - with: - profile: minimal - components: clippy - toolchain: stable - target: wasm32-unknown-unknown - override: true - - - name: Build - working-directory: crates/bench/ - shell: bash - run: | - cargo build --release - - - name: Install latest wasm-opt for module optimisations - shell: bash - run: | - curl https://github.com/WebAssembly/binaryen/releases/download/version_116/binaryen-version_116-x86_64-linux.tar.gz -L | sudo tar xz -C /usr/local --strip-components=1 - - # leave CPU boost on, doesn't affect callgrind! - - - name: Branch; run bench - shell: bash - run: | - if [[ $PR_NUMBER ]]; then - BASELINE_NAME=branch - RESULTS_NAME=pr-$PR_NUMBER - BENCH_FILTER='(special|stdb_module|stdb_raw)' - echo "Running branch callgrind benchmarks" - else - BASELINE_NAME=master - RESULTS_NAME=$GITHUB_SHA - BENCH_FILTER='.*' - echo "Running master callgrind benchmarks" - fi - pushd crates/bench - rm -rf .spacetime - cargo bench --bench callgrind -- --save-summary pretty-json - cargo run --bin summarize pack-callgrind "$BASELINE_NAME" - popd - mkdir callgrind-results - [[ ! $PR_NUMBER ]] && cp target/iai/$BASELINE_NAME.json callgrind-results/ - cp target/iai/$BASELINE_NAME.json callgrind-results/$RESULTS_NAME.json - - # this will work for both PR and master - - name: Upload callgrind results to DO spaces - uses: shallwefootball/s3-upload-action@master - with: - aws_key_id: ${{ secrets.AWS_KEY_ID }} - aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY}} - aws_bucket: "spacetimedb-ci-benchmarks" - source_dir: callgrind-results - endpoint: https://nyc3.digitaloceanspaces.com - destination_dir: callgrind-benchmarks - - - name: Fetch markdown summary PR - shell: bash - run: | - if [[ $PR_NUMBER ]]; then - OLD=master - NEW=pr-$PR_NUMBER - else - OLD=$(git rev-parse HEAD~1) - NEW=$GITHUB_SHA - fi - echo "fetching https://benchmarks.spacetimedb.com/compare_callgrind/$OLD/$NEW" - curl -sS https://benchmarks.spacetimedb.com/compare_callgrind/$OLD/$NEW > report.md - - - name: Post comment - shell: bash - run: | - BODY="
Callgrind benchmark results - $(cat report.md) -
" - gh api "$COMMENT_UPDATE_URL" -X PATCH -f body="$BODY" - - - name: Post failure comment - if: ${{ failure() && env.COMMENT_UPDATE_URL }} - shell: bash - run: | - BODY="Benchmarking failed. Please check [the workflow run](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}) for details." - gh api "$COMMENT_UPDATE_URL" -X PATCH -f body="$BODY" - - - name: Clean up - if: always() - shell: bash - run: | - rm -fr /stdb/* - echo "Letting anybody touch our git repo, in order to avoid breaking other jobs" - echo "This is necessary because we are running as root inside a docker image" - chmod -R a+rw . diff --git a/.github/workflows/check-merge-labels.yml b/.github/workflows/check-merge-labels.yml deleted file mode 100644 index 4b54295c32e..00000000000 --- a/.github/workflows/check-merge-labels.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: Check merge labels - -on: - pull_request: - types: [labeled, unlabeled] - merge_group: -permissions: read-all - -jobs: - label_checks: - runs-on: ubuntu-latest - steps: - - id: manually_blocked - if: | - contains(github.event.pull_request.labels.*.name, 'do not merge') - run: | - echo "This is labeled \"Do not merge\"." - exit 1 diff --git a/.github/workflows/check-pr-base.yml b/.github/workflows/check-pr-base.yml deleted file mode 100644 index 6c3f020dbe9..00000000000 --- a/.github/workflows/check-pr-base.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: Git tree checks - -on: - pull_request: - types: [opened, edited] - merge_group: -permissions: read-all - -jobs: - check_base_ref: - name: Based on `master` - runs-on: ubuntu-latest - steps: - - id: not_based_on_master - if: | - github.event_name == 'pull_request' && - github.event.pull_request.base.ref != 'master' - run: | - echo "This PR is not based on master. Please wait until the base PR merges." - exit 1 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3e2efdc7977..bb0d00c1dcc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -27,7 +27,7 @@ jobs: - name: Linux runner: boppy-experimental - name: Windows - runner: windows-latest + runner: none runs-on: ${{ matrix.runner }} timeout-minutes: 120 env: @@ -135,10 +135,10 @@ jobs: matrix: include: - name: Linux - runner: spacetimedb-new-runner-2 + runner: none smoketest_args: --docker - name: Windows - runner: windows-latest + runner: none smoketest_args: --no-build-cli runs-on: ${{ matrix.runner }} timeout-minutes: 120 @@ -257,7 +257,7 @@ jobs: test: needs: [lints] name: Test Suite - runs-on: spacetimedb-new-runner-2 + runs-on: none env: CARGO_TARGET_DIR: ${{ github.workspace }}/target @@ -326,7 +326,7 @@ jobs: lints: name: Lints - runs-on: spacetimedb-new-runner-2 + runs-on: none env: CARGO_TARGET_DIR: ${{ github.workspace }}/target steps: @@ -356,7 +356,7 @@ jobs: wasm_bindings: name: Build and test wasm bindings - runs-on: spacetimedb-new-runner-2 + runs-on: none env: CARGO_TARGET_DIR: ${{ github.workspace }}/target steps: @@ -381,7 +381,7 @@ jobs: publish_checks: name: Check that packages are publishable - runs-on: spacetimedb-new-runner-2 + runs-on: none permissions: read-all steps: - uses: actions/checkout@v3 @@ -413,10 +413,10 @@ jobs: strategy: matrix: include: - - { target: x86_64-unknown-linux-gnu, runner: spacetimedb-new-runner-2 } - - { target: aarch64-unknown-linux-gnu, runner: arm-runner } - - { target: aarch64-apple-darwin, runner: macos-latest } - - { target: x86_64-pc-windows-msvc, runner: windows-latest } + - { target: x86_64-unknown-linux-gnu, runner: none } + - { target: aarch64-unknown-linux-gnu, runner: none } + - { target: aarch64-apple-darwin, runner: none } + - { target: x86_64-pc-windows-msvc, runner: none } runs-on: ${{ matrix.runner }} steps: - name: Checkout @@ -462,7 +462,7 @@ jobs: name: Unreal Engine Tests # This can't go on e.g. ubuntu-latest because that runner runs out of disk space. ChatGPT suggested that the general solution tends to be to use # a custom runner. - runs-on: spacetimedb-new-runner-2 + runs-on: none # Disable the tests because they are very flaky at the moment. # TODO: Remove this line and re-enable the `if` line just below here. if: false @@ -551,7 +551,7 @@ jobs: ci_command_docs: name: Check CI command docs - runs-on: spacetimedb-new-runner-2 + runs-on: none steps: - name: Find Git ref env: @@ -581,7 +581,7 @@ jobs: cli_docs: name: Check CLI docs permissions: read-all - runs-on: spacetimedb-new-runner-2 + runs-on: none env: CARGO_TARGET_DIR: ${{ github.workspace }}/target steps: @@ -683,7 +683,7 @@ jobs: permissions: contents: read checks: write - runs-on: spacetimedb-unity-runner + runs-on: none timeout-minutes: 30 env: CARGO_TARGET_DIR: ${{ github.workspace }}/target @@ -822,7 +822,7 @@ jobs: csharp-testsuite: needs: [lints] - runs-on: spacetimedb-new-runner-2 + runs-on: none timeout-minutes: 30 env: CARGO_TARGET_DIR: ${{ github.workspace }}/target diff --git a/.github/workflows/discord-posts.yml b/.github/workflows/discord-posts.yml deleted file mode 100644 index b1e55497401..00000000000 --- a/.github/workflows/discord-posts.yml +++ /dev/null @@ -1,71 +0,0 @@ -name: Discord notifications - -on: - pull_request: - types: [closed] - -jobs: - discordNotification: - runs-on: ubuntu-latest - if: github.event.pull_request.merged == true && - github.event.pull_request.base.ref == 'master' - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - steps: - - name: Set up GitHub CLI - run: | - curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo tee /usr/share/keyrings/githubcli-archive-keyring.gpg > /dev/null - sudo apt-get install -y apt-transport-https - echo "deb [arch=amd64 signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list - sudo apt-get update - sudo apt-get install -y gh - - - name: Send Discord notification - env: - DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK_URL }} - PR_TITLE: ${{ github.event.pull_request.title }} - PR_NUMBER: ${{ github.event.pull_request.number }} - PR_URL: ${{ github.event.pull_request.html_url }} - MENTION_ON_FAILURE: ${{ secrets.DEV_OPS_ROLE_ID }} - DISCORD_USER_MAP: ${{ secrets.DISCORD_USER_MAP }} - run: | - message="PR merged: [(#${PR_NUMBER}) ${PR_TITLE}](<${PR_URL}>)" - # Note that anything besides success is treated as a failure (e.g. if the check did not run at all, or if it is still pending). - FAILED_CHECKS="$( - gh pr checks "${{github.event.pull_request.html_url}}" \ - --json 'workflow,state,name' | - jq '.[] - | select(.workflow != "Discord notifications") - | select(.state != "SUCCESS" and .state != "NEUTRAL" and .state != "SKIPPED") - ' | - jq -r '"\(.workflow) / \(.name): \(.state)"' - )" - - # Lookup PR author's Discord ID from the provided JSON map (if any) - author_discord_id="$( - jq -r \ - --arg u "${{ github.event.pull_request.user.login }}" \ - '.[$u] // empty' \ - <<<"${DISCORD_USER_MAP}" - )" - if [ -z "${author_discord_id}" ]; then - echo "Warning: PR author not found not found in USER_LOOKUP_JSON" - fi - - message+=$'\n' - if [[ -z "${FAILED_CHECKS}" ]]; then - message+='All checks passed.' - else - message+="${FAILED_CHECKS}" - message+=$'\n' - # This uses special Discord syntax for pinging a particular role. - # Note the '&' - this is the difference between pinging a *role* and pinging a *person*. - if [[ -n "${author_discord_id}" ]]; then - message+="<@${author_discord_id}> please investigate these failures." - fi - message+=$'\n' - message+="(cc <@&${MENTION_ON_FAILURE}> - Releases may be affected)" - fi - # Use `jq` to construct the json data blob in the format required by the webhook. - data="$(jq --null-input --arg msg "$message" '.content=$msg')" - curl -X POST -H 'Content-Type: application/json' -d "$data" "${DISCORD_WEBHOOK_URL}" diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml deleted file mode 100644 index c603fa598d6..00000000000 --- a/.github/workflows/docker.yml +++ /dev/null @@ -1,129 +0,0 @@ -name: Docker Image - -on: - push: - branches: - - master - - staging - - dev - tags: - - 'v*' - -jobs: - docker-amd64: - runs-on: ubuntu-latest - name: Build DockerHub AMD64 Container - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Docker meta - id: meta - uses: docker/metadata-action@v4 - with: - images: | - clockworklabs/spacetimedb - tags: | - type=ref,event=tag - type=sha,prefix=commit-,suffix=-amd64 - flavor: | - latest=false - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Cache Docker layers - uses: actions/cache@v4 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx- - - name: Login to DockerHub - uses: docker/login-action@v2 - with: - username: ${{ vars.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_PASSWORD }} - - name: Build and push - uses: docker/build-push-action@v4 - with: - context: . - file: crates/standalone/Dockerfile - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,dest=/tmp/.buildx-cache-new - platforms: linux/amd64 - - - name: Merge images - run: | - ./tools/merge-docker-images.sh clockworklabs/spacetimedb "commit-${GITHUB_SHA:0:7}" "${GITHUB_SHA:0:7}-full" - - # This ugly bit is necessary if you don't want your cache to grow forever - # until it hits GitHub's limit of 5GB. - # Temp fix - # https://github.com/docker/build-push-action/issues/252 - # https://github.com/moby/buildkit/issues/1896 - - name: Move cache - run: | - rm -rf /tmp/.buildx-cache - mv /tmp/.buildx-cache-new /tmp/.buildx-cache - - docker-arm64: - runs-on: arm-runner - name: Build DockerHub ARM64 Container - steps: - - name: Install jq - run: sudo apt-get install jq -y - - name: Prune stale references - run: git remote prune origin - - name: Checkout - uses: actions/checkout@v3 - - name: Docker meta - id: meta - uses: docker/metadata-action@v4 - with: - images: | - clockworklabs/spacetimedb - tags: | - type=ref,event=tag - type=sha,prefix=commit-,suffix=-arm64 - flavor: | - latest=false - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Cache Docker layers - uses: actions/cache@v4 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx- - - name: Login to DockerHub - uses: docker/login-action@v2 - with: - username: ${{ vars.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_PASSWORD }} - - name: Build and push - uses: docker/build-push-action@v4 - with: - context: . - file: crates/standalone/Dockerfile - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,dest=/tmp/.buildx-cache-new - platforms: linux/arm64/v8 - - - name: Merge images - run: | - ./tools/merge-docker-images.sh clockworklabs/spacetimedb "commit-${GITHUB_SHA:0:7}" "${GITHUB_SHA:0:7}-full" - - # This ugly bit is necessary if you don't want your cache to grow forever - # until it hits GitHub's limit of 5GB. - # Temp fix - # https://github.com/docker/build-push-action/issues/252 - # https://github.com/moby/buildkit/issues/1896 - - name: Move cache - run: | - rm -rf /tmp/.buildx-cache - mv /tmp/.buildx-cache-new /tmp/.buildx-cache diff --git a/.github/workflows/docs-publish.yaml b/.github/workflows/docs-publish.yaml deleted file mode 100644 index 4b068d00bc3..00000000000 --- a/.github/workflows/docs-publish.yaml +++ /dev/null @@ -1,56 +0,0 @@ -name: Docs / Publish - -permissions: - contents: read - -on: - push: - branches: - - docs/release - -jobs: - build: - runs-on: spacetimedb-new-runner-2 - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - - name: Set up Node.js - uses: actions/setup-node@v3 - with: - node-version: '22' - - - uses: pnpm/action-setup@v4 - with: - run_install: true - - - name: Get pnpm store directory - working-directory: sdks/typescript - shell: bash - run: | - echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV - - - uses: actions/cache@v4 - name: Setup pnpm cache - with: - path: ${{ env.STORE_PATH }} - key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} - restore-keys: | - ${{ runner.os }}-pnpm-store- - - - name: Install dependencies - working-directory: docs - run: pnpm install - - - name: Docusaurus build - working-directory: docs - run: pnpm build - - - name: Publish docs to S3 - uses: shallwefootball/s3-upload-action@master - with: - aws_key_id: ${{ secrets.DOCS_AWS_KEY_ID }} - aws_secret_access_key: ${{ secrets.DOCS_AWS_SECRET_ACCESS_KEY}} - aws_bucket: spacetimedb-docs - source_dir: docs/build - destination_dir: 'docs' diff --git a/.github/workflows/docs-test.yaml b/.github/workflows/docs-test.yaml deleted file mode 100644 index b7233aad847..00000000000 --- a/.github/workflows/docs-test.yaml +++ /dev/null @@ -1,44 +0,0 @@ -name: Docs / Test -permissions: - contents: read - -on: - pull_request: - -jobs: - build: - runs-on: spacetimedb-new-runner-2 - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - - name: Set up Node.js - uses: actions/setup-node@v3 - with: - node-version: '22' - - - uses: pnpm/action-setup@v4 - with: - run_install: true - - - name: Get pnpm store directory - working-directory: sdks/typescript - shell: bash - run: | - echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV - - - uses: actions/cache@v4 - name: Setup pnpm cache - with: - path: ${{ env.STORE_PATH }} - key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} - restore-keys: | - ${{ runner.os }}-pnpm-store- - - - name: Install dependencies - working-directory: docs - run: pnpm install - - - name: Docusaurus build - working-directory: docs - run: pnpm build diff --git a/.github/workflows/llm-benchmark-update.yml b/.github/workflows/llm-benchmark-update.yml deleted file mode 100644 index 8d16cd662ed..00000000000 --- a/.github/workflows/llm-benchmark-update.yml +++ /dev/null @@ -1,312 +0,0 @@ -name: Update LLM benchmarks - -on: - workflow_dispatch: - inputs: - pr_number: - description: "Pull Request Number" - required: true - issue_comment: - types: [created] # only run when the comment is first created - -permissions: - contents: read - pull-requests: write - issues: write - -concurrency: - group: >- - llm-benchmark - -${{ github.event_name == 'issue_comment' && github.event.issue.number || inputs.pr_number }} - ${{ github.event_name == 'issue_comment' && !startsWith(github.event.comment.body, '/update-llm-benchmark') && '-unrelated-comment' }} - cancel-in-progress: true - -jobs: - update-llm-benchmark: - # Runnable either with a comment that starts with /update-llm-benchmark - # or by manually dispatching - if: | - (github.event_name == 'issue_comment' && github.event.issue.pull_request && startsWith(github.event.comment.body, '/update-llm-benchmark')) || - (github.event_name == 'workflow_dispatch') - runs-on: spacetimedb-new-runner - container: - image: localhost:5000/spacetimedb-ci:latest - options: >- - --privileged - steps: - # Here we install the spacetime CLI for faster execution of the tests - # SpacetimeDB itself is not under test here, rather it's the docs. - # If we want to change that it is possible to have the benchmark compile - # SpacetimeDB from source. - - name: Install spacetime CLI - run: | - curl -sSf https://install.spacetimedb.com | sh -s -- -y - echo "$HOME/.local/bin" >> $GITHUB_PATH - - - name: Load PR info - id: pr - uses: actions/github-script@v7 - with: - script: | - let prNumber; - if (context.eventName === 'issue_comment') { - prNumber = context.payload.issue.number; - } else if (context.eventName === 'workflow_dispatch') { - const raw = context.payload.inputs?.pr_number; - if (!raw || !/^\d+$/.test(raw)) { - core.setFailed(`Invalid pr_number input: '${raw}'.`); - return; - } - prNumber = Number(raw); - } else { - core.setFailed(`Unsupported event: ${context.eventName}`); - return; - } - - const { data: pr } = await github.rest.pulls.get({ - owner: context.repo.owner, - repo: context.repo.repo, - pull_number: prNumber, - }); - - core.setOutput('number', String(prNumber)); - core.setOutput('head_ref', pr.head.ref); - core.setOutput('head_sha', pr.head.sha); - core.setOutput('head_repo_full_name', pr.head.repo.full_name); - core.setOutput('head_owner_type', pr.head.repo.owner.type); // "User"|"Organization" - core.setOutput('maintainer_can_modify', String(pr.maintainer_can_modify)); - - # If this was kicked off by a comment, ensure that the commenter is - # a collaborator on the repo. We don't want unprivileged users to run benchmarks. - # Note that the workflow that will be run will be the one that is on the `master` - # branch, NOT the one from the PR. This is important so that the PR author can't - # sneak in an exfiltration exploit. - - name: Check commenter permission - if: github.event_name == 'issue_comment' - uses: actions/github-script@v7 - with: - script: | - const user = context.payload.comment.user.login; - const { data } = await github.rest.repos.getCollaboratorPermissionLevel({ - owner: context.repo.owner, - repo: context.repo.repo, - username: user, - }); - - const allowed = new Set(['admin', 'maintain', 'write', 'triage']); - if (!allowed.has(data.permission)) { - core.setFailed(`User ${user} has permission '${data.permission}', not allowed to run benchmarks.`); - } - - # If the PR is from a fork, we need to be able to have GitHub actions commit back - # to the forked repo, so that we can update the benchmark results. - # In order to do this we need to ensure that the PR is configured to allow the maintainers - # of the SpacetimeDB repo to commit back ot the fork. - - name: Check fork pushability (and comment if not) - if: steps.pr.outputs.head_repo_full_name != github.repository - uses: actions/github-script@v7 - env: - PR_NUMBER: ${{ steps.pr.outputs.number }} - HEAD_OWNER_TYPE: ${{ steps.pr.outputs.head_owner_type }} - MAINTAINER_CAN_MODIFY: ${{ steps.pr.outputs.maintainer_can_modify }} - with: - script: | - const issue_number = Number(process.env.PR_NUMBER); - const headOwnerType = process.env.HEAD_OWNER_TYPE; - const canModify = process.env.MAINTAINER_CAN_MODIFY === 'true'; - - if (headOwnerType === 'Organization') { - await github.rest.issues.createComment({ - owner: context.repo.owner, - repo: context.repo.repo, - issue_number, - body: [ - "I can’t push benchmark updates to this PR because it comes from an **organization-owned fork**.", - "GitHub doesn’t allow granting upstream maintainers push permissions to org-owned forks.", - "", - "Options:", - "- Reopen the PR from a **personal fork** with **Allow edits from maintainers** enabled, or", - "- A maintainer can apply the benchmark update on an internal branch." - ].join("\n"), - }); - core.setFailed("Org-owned fork PR is not pushable by maintainers."); - return; - } - - if (!canModify) { - await github.rest.issues.createComment({ - owner: context.repo.owner, - repo: context.repo.repo, - issue_number, - body: [ - "I can’t push benchmark updates to this PR branch until you enable **Allow edits from maintainers**.", - "Please check the box on the PR page, then re-comment `/update-llm-benchmark`.", - "See https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/allowing-changes-to-a-pull-request-branch-created-from-a-fork" - ].join("\n"), - }); - core.setFailed("maintainer_can_modify is false; author must enable 'Allow edits from maintainers'."); - } - - # Run the benchmark that is already checked into master to prevent - # an exfiltration attack whereby the PR author tries to sneak in an exploit - # and get a maintainer to run the modified benchmark without looking at the - # PR first. This ensure that we only ever execute code that is checked into - # master. - - name: Checkout master (build/install tool from trusted code) - uses: actions/checkout@v4 - with: - ref: master - fetch-depth: 0 - persist-credentials: false - - - uses: dtolnay/rust-toolchain@stable - - uses: Swatinem/rust-cache@v2 - - # Ensure we use a user-writable .NET install (not /usr/share/dotnet), - # so workload installs don't require sudo. - - name: Setup .NET SDK - uses: actions/setup-dotnet@v4 - with: - dotnet-version: "8.0.x" - - - name: Install WASI workload (wasi-experimental) - env: - DOTNET_MULTILEVEL_LOOKUP: "0" - DOTNET_CLI_HOME: ${{ runner.temp }}/dotnet-home - DOTNET_SKIP_FIRST_TIME_EXPERIENCE: "1" - run: | - dotnet --info - dotnet workload install wasi-experimental --skip-manifest-update --disable-parallel - - - name: Install llm-benchmark tool from master - run: | - cargo install --path tools/xtask-llm-benchmark --locked - command -v llm_benchmark - - # Check out the repo on the branch, but ONLY use this code as data! - # Never execute code that is on the PR branch. - - name: Checkout PR head (branch) - uses: actions/checkout@v4 - with: - repository: ${{ steps.pr.outputs.head_repo_full_name }} - ref: ${{ steps.pr.outputs.head_sha }} - fetch-depth: 0 - persist-credentials: false - - # Run the benchmark against the PR using the installed tool from the - # master branch. - - name: Run benchmark (with provider keys) - env: - OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} - # Prevent MSBuild node reuse issues that cause "Pipe is broken" errors - # when running multiple dotnet publish commands in parallel. - # See: https://github.com/dotnet/msbuild/issues/6657 - MSBUILDDISABLENODEREUSE: "1" - DOTNET_CLI_USE_MSBUILD_SERVER: "0" - run: | - llm_benchmark ci-quickfix - llm_benchmark ci-check - - # Generate failure analysis if there are any failures - - name: Generate failure analysis - env: - OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} - run: | - llm_benchmark analyze -o docs/llms/docs-benchmark-analysis.md || true - - # Generate PR comment markdown (compares against master baseline) - - name: Generate PR comment markdown - run: | - llm_benchmark ci-comment - - - name: Ensure only docs/llms changed - run: | - set -euo pipefail - CHANGED="$(git diff --name-only)" - - if [ -z "$CHANGED" ]; then - echo "No changes." - exit 0 - fi - - if echo "$CHANGED" | grep -qvE '^docs/llms/'; then - echo "Benchmark produced changes outside docs/llms:" - echo "$CHANGED" | grep -vE '^docs/llms/' - exit 1 - fi - - # Comment the benchmark results on the PR - - name: Comment benchmark results on PR - uses: actions/github-script@v7 - env: - PR_NUMBER: ${{ steps.pr.outputs.number }} - with: - github-token: ${{ secrets.CLOCKWORK_LABS_BOT_PAT }} - script: | - const fs = require('fs'); - - // Read the pre-generated comment markdown - const commentPath = 'docs/llms/docs-benchmark-comment.md'; - if (!fs.existsSync(commentPath)) { - core.setFailed(`Comment file not found: ${commentPath}`); - return; - } - let body = fs.readFileSync(commentPath, 'utf8'); - - // Check if failure analysis exists and append it - const analysisPath = 'docs/llms/docs-benchmark-analysis.md'; - if (fs.existsSync(analysisPath)) { - const analysis = fs.readFileSync(analysisPath, 'utf8'); - // Only include if there's meaningful content (not just "no failures") - if (!analysis.includes('No failures found')) { - body += `\n
\nFailure Analysis (click to expand)\n\n${analysis}\n
`; - } - } - - const issue_number = Number(process.env.PR_NUMBER); - - // Always post a new comment - console.log(`Posting new comment on PR #${issue_number}...`); - try { - await github.rest.issues.createComment({ - owner: context.repo.owner, - repo: context.repo.repo, - issue_number, - body, - }); - console.log('Comment created successfully'); - } catch (err) { - console.error('Failed to post comment:', err.message); - console.error('Full error:', JSON.stringify(err, null, 2)); - throw err; - } - - # The benchmarks only modify the docs/llms directory. - # Commit the changes. - - name: Commit changes - run: | - git config user.name "clockwork-labs-bot" - git config user.email "clockwork-labs-bot@users.noreply.github.com" - - # Prefer staging only the benchmark output area (adjust as needed) - git add docs/llms - - git diff --cached --quiet && exit 0 - git commit -m "Update LLM benchmark results" - - # Here we use the https://github.com/clockwork-labs-bot user's - # personal access token to commit back to the PR branch. This is necessary - # if we want to be able to push back to external contributor forks. - - name: Push back to PR branch (same repo or fork) - env: - GH_TOKEN: ${{ secrets.CLOCKWORK_LABS_BOT_PAT }} - run: | - git remote set-url origin "https://x-access-token:${GH_TOKEN}@github.com/${{ steps.pr.outputs.head_repo_full_name }}.git" - # Fetch and rebase in case branch moved since workflow started (e.g., previous benchmark run) - git fetch origin "${{ steps.pr.outputs.head_ref }}" - if ! git rebase "origin/${{ steps.pr.outputs.head_ref }}"; then - git rebase --abort - echo "::error::Rebase failed due to conflicts. The PR branch may have been updated during the benchmark run. Please re-run /update-llm-benchmark." - exit 1 - fi - git push origin "HEAD:${{ steps.pr.outputs.head_ref }}" diff --git a/.github/workflows/package.yml b/.github/workflows/package.yml deleted file mode 100644 index 2c72693bd63..00000000000 --- a/.github/workflows/package.yml +++ /dev/null @@ -1,85 +0,0 @@ -name: Package SpacetimeDB CLI - -on: - push: - tags: - - '**' - branches: - - master - - release/* - -jobs: - build-cli: - strategy: - fail-fast: false - matrix: - include: - - { name: x86_64 Linux, target: x86_64-unknown-linux-gnu, runner: spacetimedb-new-runner-2 } - - { name: aarch64 Linux, target: aarch64-unknown-linux-gnu, runner: arm-runner } - # Disabled because musl builds weren't working and we didn't want to investigate. See https://github.com/clockworklabs/SpacetimeDB/pull/2964. - # - { name: x86_64 Linux musl, target: x86_64-unknown-linux-musl, runner: bare-metal, container: alpine } - # FIXME: arm musl build. "JavaScript Actions in Alpine containers are only supported on x64 Linux runners" - # - { name: aarch64 Linux musl, target: aarch64-unknown-linux-musl, runner: arm-runner } - - { name: aarch64 macOS, target: aarch64-apple-darwin, runner: macos-latest } - - { name: x86_64 macOS, target: x86_64-apple-darwin, runner: macos-latest } - - { name: x86_64 Windows, target: x86_64-pc-windows-msvc, runner: windows-latest } - - name: Build CLI for ${{ matrix.name }} - runs-on: ${{ matrix.runner }} - - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Show arch - run: uname -a - - - name: Install musl dependencies - # TODO: Should we use `matrix.container == 'alpine'` instead of the `endsWith` check? - if: endsWith(matrix.target, '-musl') - run: apk add gcc g++ bash curl linux-headers perl git make - - - name: Install Rust - uses: dsherret/rust-toolchain-file@v1 - - name: Set default rust toolchain - run: rustup default $(rustup show active-toolchain | cut -d' ' -f1) - - - name: Install rust target - run: rustup target add ${{ matrix.target }} - - - name: Compile - run: | - cargo build --release --target ${{ matrix.target }} -p spacetimedb-cli -p spacetimedb-standalone -p spacetimedb-update - - - name: Package (unix) - if: ${{ runner.os != 'Windows' }} - shell: bash - run: | - mkdir build - cd target/${{matrix.target}}/release - cp spacetimedb-update ../../../build/spacetimedb-update-${{matrix.target}} - tar -czf ../../../build/spacetime-${{matrix.target}}.tar.gz spacetimedb-{cli,standalone} - - - name: Package (windows) - if: ${{ runner.os == 'Windows' }} - shell: bash - run: | - mkdir build - cd target/${{matrix.target}}/release - cp spacetimedb-update.exe ../../../build/spacetimedb-update-${{matrix.target}}.exe - 7z a ../../../build/spacetime-${{matrix.target}}.zip spacetimedb-cli.exe spacetimedb-standalone.exe - - - name: Extract branch name - shell: bash - run: echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT - id: extract_branch - - - name: Upload to DO Spaces - uses: shallwefootball/s3-upload-action@master - with: - aws_key_id: ${{ secrets.AWS_KEY_ID }} - aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY}} - aws_bucket: ${{ vars.AWS_BUCKET }} - source_dir: build - endpoint: https://nyc3.digitaloceanspaces.com - destination_dir: ${{ steps.extract_branch.outputs.branch }} diff --git a/.github/workflows/rust_matcher.json b/.github/workflows/rust_matcher.json deleted file mode 100644 index 9813de88071..00000000000 --- a/.github/workflows/rust_matcher.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "problemMatcher": [ - { - "owner": "rust", - "pattern": [ - { - "regexp": "^(warning|warn|error)(\\[(.*)\\])?: (.*)$", - "severity": 1, - "message": 4, - "code": 3 - }, - { - "regexp": "^([\\s->=]*(.*):(\\d*):(\\d*)|.*)$", - "file": 2, - "line": 3, - "column": 4 - } - ] - } - ] -} diff --git a/.github/workflows/tag-release.yml b/.github/workflows/tag-release.yml deleted file mode 100644 index cddeb64ab24..00000000000 --- a/.github/workflows/tag-release.yml +++ /dev/null @@ -1,22 +0,0 @@ -on: - release: - types: [published] - -jobs: - on-release: - name: Re-tag latest - runs-on: ubuntu-latest - steps: - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - - name: Login to DockerHub - uses: docker/login-action@v2 - with: - username: ${{ vars.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_PASSWORD }} - - - name: Retag the image - run: | - VERSION=${GITHUB_REF#refs/*/} - docker buildx imagetools create clockworklabs/spacetimedb:$VERSION --tag clockworklabs/spacetimedb:latest diff --git a/.github/workflows/typescript-lint.yml b/.github/workflows/typescript-lint.yml deleted file mode 100644 index d7f51fae5d5..00000000000 --- a/.github/workflows/typescript-lint.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: TypeScript - Lint - -on: - pull_request: - push: - branches: - - master - merge_group: - -jobs: - build: - runs-on: spacetimedb-new-runner-2 - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Set up Node.js - uses: actions/setup-node@v4 - with: - node-version: 22 - - - uses: pnpm/action-setup@v4 - with: - run_install: true - - - name: Get pnpm store directory - shell: bash - run: | - echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV - - - uses: actions/cache@v4 - name: Setup pnpm cache - with: - path: ${{ env.STORE_PATH }} - key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} - restore-keys: | - ${{ runner.os }}-pnpm-store- - - - name: Lint - run: pnpm lint diff --git a/.github/workflows/typescript-test.yml b/.github/workflows/typescript-test.yml deleted file mode 100644 index edbbe89fc83..00000000000 --- a/.github/workflows/typescript-test.yml +++ /dev/null @@ -1,169 +0,0 @@ -name: TypeScript - Tests - -on: - push: - branches: - - master - pull_request: - merge_group: - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || format('sha-{0}', github.sha) }} - cancel-in-progress: true - -jobs: - build-and-test: - runs-on: spacetimedb-new-runner-2 - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Set up Node.js - uses: actions/setup-node@v4 - with: - node-version: 22 - - - uses: pnpm/action-setup@v4 - with: - run_install: true - - - name: Get pnpm store directory - shell: bash - working-directory: crates/bindings-typescript - run: | - echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV - - - uses: actions/cache@v4 - name: Setup pnpm cache - with: - path: ${{ env.STORE_PATH }} - key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} - restore-keys: | - ${{ runner.os }}-pnpm-store- - - - name: Build module library and SDK - working-directory: crates/bindings-typescript - run: pnpm build - - - name: Run module library and SDK tests - working-directory: crates/bindings-typescript - run: pnpm test - - # - name: Extract SpacetimeDB branch name from file - # id: extract-branch - # run: | - # # Define the path to the branch file - # BRANCH_FILE=".github/spacetimedb-branch.txt" - - # # Default to master if file doesn't exist - # if [ ! -f "$BRANCH_FILE" ]; then - # echo "::notice::No SpacetimeDB branch file found, using 'master'" - # echo "branch=master" >> $GITHUB_OUTPUT - # exit 0 - # fi - - # # Read and trim whitespace from the file - # branch=$(cat "$BRANCH_FILE" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//') - - # # Fallback to master if empty - # if [ -z "$branch" ]; then - # echo "::warning::SpacetimeDB branch file is empty, using 'master'" - # branch="master" - # fi - - # echo "branch=$branch" >> $GITHUB_OUTPUT - # echo "Using SpacetimeDB branch from file: $branch" - - - name: Install Rust toolchain - uses: dsherret/rust-toolchain-file@v1 - - name: Set default rust toolchain - run: rustup default $(rustup show active-toolchain | cut -d' ' -f1) - - - name: Cache Rust dependencies - uses: Swatinem/rust-cache@v2 - with: - workspaces: ${{ github.workspace }} - shared-key: spacetimedb - # Let the main CI job save the cache since it builds the most things - save-if: false - prefix-key: v1 - - # This step shouldn't be needed, but somehow we end up with caches that are missing librusty_v8.a. - # ChatGPT suspects that this could be due to different build invocations using the same target dir, - # and this makes sense to me because we only see it in this job where we mix `cargo build -p` with - # `cargo build --manifest-path` (which apparently build different dependency trees). - # However, we've been unable to fix it so... /shrug - - name: Check v8 outputs - run: | - find "${CARGO_TARGET_DIR}"/ -type f | grep '[/_]v8' || true - if ! [ -f "${CARGO_TARGET_DIR}"/debug/gn_out/obj/librusty_v8.a ]; then - echo "Could not find v8 output file librusty_v8.a; rebuilding manually." - cargo clean -p v8 || true - cargo build -p v8 - fi - if ! [ -f "${CARGO_TARGET_DIR}"/release/gn_out/obj/librusty_v8.a ]; then - echo "Could not find v8 output file librusty_v8.a; rebuilding manually." - cargo clean --release -p v8 || true - cargo build --release -p v8 - fi - - - name: Install SpacetimeDB CLI from the local checkout - run: | - export CARGO_HOME="$HOME/.cargo" - echo "$CARGO_HOME/bin" >> "$GITHUB_PATH" - cargo install --force --path crates/cli --locked --message-format=short - cargo install --force --path crates/standalone --locked --message-format=short - # Add a handy alias using the old binary name, so that we don't have to rewrite all scripts (incl. in submodules). - ln -sf $CARGO_HOME/bin/spacetimedb-cli $CARGO_HOME/bin/spacetime - # Clear any existing information - spacetime server clear -y - - - name: Generate client bindings - working-directory: templates/chat-react-ts - run: | - pnpm generate - - - name: Check for changes - working-directory: templates/chat-react-ts - run: | - "${GITHUB_WORKSPACE}"/tools/check-diff.sh src/module_bindings || { - echo "Error: Bindings are dirty. Please generate bindings again and commit them to this branch." - exit 1 - } - - # - name: Start SpacetimeDB - # run: | - # spacetime start & - # disown - - # - name: Publish module to SpacetimeDB - # working-directory: SpacetimeDB/templates/quickstart-chat-typescript/spacetimedb - # run: | - # spacetime logout && spacetime login --server-issued-login local - # spacetime publish -s local quickstart-chat -c -y - - # - name: Publish module to SpacetimeDB - # working-directory: SpacetimeDB/templates/quickstart-chat-typescript/spacetimedb - # run: | - # spacetime logs quickstart-chat - - - name: Check that quickstart-chat builds - working-directory: templates/chat-react-ts - run: pnpm build - - - name: Check that templates build - working-directory: templates/ - run: pnpm -r --filter "./**" run build - - - name: Check that subdirectories build - working-directory: crates/bindings-typescript - run: pnpm -r --filter "./**" run build - - # - name: Run quickstart-chat tests - # working-directory: examples/quickstart-chat - # run: pnpm test - # - # # Run this step always, even if the previous steps fail - # - name: Print rows in the user table - # if: always() - # run: spacetime sql quickstart-chat "SELECT * FROM user" diff --git a/.github/workflows/upgrade-version-check.yml b/.github/workflows/upgrade-version-check.yml deleted file mode 100644 index be209c5c16b..00000000000 --- a/.github/workflows/upgrade-version-check.yml +++ /dev/null @@ -1,30 +0,0 @@ -name: Upgrade Version Check - -on: - pull_request: - types: [opened, synchronize] - merge_group: -permissions: read-all - -jobs: - version_upgrade_check: - runs-on: spacetimedb-new-runner-2 - steps: - - name: Checkout - uses: actions/checkout@v3 - - uses: dsherret/rust-toolchain-file@v1 - - name: Set default rust toolchain - run: rustup default $(rustup show active-toolchain | cut -d' ' -f1) - # pnpm is required for regenerating the typescript bindings - - name: Set up Node.js - uses: actions/setup-node@v4 - with: - node-version: 20 - - uses: pnpm/action-setup@v4 - with: - run_install: true - - name: Verify that upgrade-version still works - run: cargo bump-versions 123.456.789 --rust-and-cli --csharp --typescript --cpp --accept-snapshots - - name: Show diff - run: git diff HEAD - From 2b533c6f9f839e0c55c18580e862647006c9e455 Mon Sep 17 00:00:00 2001 From: John Detter <4099508+jdetter@users.noreply.github.com> Date: Thu, 12 Feb 2026 10:54:41 -0600 Subject: [PATCH 3/5] Change needs --- .github/workflows/ci.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index bb0d00c1dcc..62d9a40c6ea 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,7 +19,6 @@ concurrency: jobs: smoketests: - needs: [lints] name: Smoketests (${{ matrix.name }}) strategy: matrix: From 3b5dd88a18ae195dd85e09057c32db70b6526b39 Mon Sep 17 00:00:00 2001 From: John Detter <4099508+jdetter@users.noreply.github.com> Date: Thu, 12 Feb 2026 11:37:03 -0600 Subject: [PATCH 4/5] Disable more CI --- .github/workflows/ci.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 50e5d009eac..effa98cd04f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -680,7 +680,7 @@ jobs: name: Verify LLM benchmark is up to date permissions: contents: read - runs-on: ubuntu-latest + runs-on: none # Disable the tests because they are causing us headaches with merge conflicts and re-runs etc. if: false steps: @@ -981,7 +981,7 @@ jobs: && (github.event_name != 'pull_request' || !github.event.pull_request.head.repo.fork) }} permissions: contents: read - runs-on: ubuntu-latest + runs-on: none env: TARGET_OWNER: clockworklabs TARGET_REPO: SpacetimeDBPrivate @@ -1100,7 +1100,7 @@ jobs: global_json_policy: name: Verify global.json files are symlinks - runs-on: ubuntu-latest + runs-on: none permissions: contents: read steps: @@ -1137,7 +1137,7 @@ jobs: warn-python-smoketests: name: Check for Python smoketest edits - runs-on: ubuntu-latest + runs-on: none if: github.event_name == 'pull_request' permissions: contents: read From 6290554cfeb0c9b1b13f84aa31c4a116136af290 Mon Sep 17 00:00:00 2001 From: John Detter <4099508+jdetter@users.noreply.github.com> Date: Sat, 14 Feb 2026 05:13:33 -0600 Subject: [PATCH 5/5] Use windows runner --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index effa98cd04f..1906721e16b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -24,9 +24,9 @@ jobs: matrix: include: - name: Linux - runner: boppy-experimental - - name: Windows runner: none + - name: Windows + runner: boppy-experimental runs-on: ${{ matrix.runner }} timeout-minutes: 120 env: