From 8d9584f04f4554ab940201b478fa8b6a188dfbd9 Mon Sep 17 00:00:00 2001 From: Jonathan Matthews Date: Tue, 29 Oct 2024 17:46:02 +0000 Subject: [PATCH] _scripts/cacheWarm: warm the CUE dependency cache This adds a script that warms the CUE dependency cache, using credentials for the central registry passed in via the CUELANG_CUE_LOGINS environment variable. This is primarily to solve the problem of CUE needing access to these CUE dependencies during the Netlify build stage that's executed by production deployments, tip deployments, and PR previews. The trybot CI workflow is updated to call this script directly, as the logic is identical but the sequencing is different (CI needs the cache warmed sooner than the build.bash script is invoked). Signed-off-by: Jonathan Matthews Change-Id: I63dacf1fe0f250a72750a9f3886ff8fb61436671 Dispatch-Trailer: {"type":"trybot","CL":1203266,"patchset":2,"ref":"refs/changes/66/1203266/2","targetBranch":"master"} --- _scripts/build.bash | 12 +++++++++++- _scripts/cacheWarm.bash | 13 +++++++++++++ internal/ci/github/trybot.cue | 9 ++------- 3 files changed, 26 insertions(+), 8 deletions(-) create mode 100755 _scripts/cacheWarm.bash diff --git a/_scripts/build.bash b/_scripts/build.bash index f33b8e6a4c..b24c0c3f5c 100755 --- a/_scripts/build.bash +++ b/_scripts/build.bash @@ -32,7 +32,10 @@ cd "$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )/.." # # * Locally, in development # * In CI, both as part of a trybot run, or on the default branch post submit -# * In Netlify during deploy +# * In Netlify, during deployment of: +# - the production site ("cuelang.org") +# - the site built against the tip of cue-lang/cue ("tip") +# - any PR preview # # Rather than declare a "fall-through" of logic, each environment is separately # handled with comments to make clear the logic/reasoning behind each flag value. @@ -153,6 +156,13 @@ else fi +# Fetch any CUE dependencies. +if [[ "${NETLIFY:-}" == "true" ]]; then + export CUELANG_CUE_LOGINS + bash _scripts/cacheWarm.bash + export -n CUELANG_CUE_LOGINS +fi + # Build playground bash playground/_scripts/build.bash diff --git a/_scripts/cacheWarm.bash b/_scripts/cacheWarm.bash new file mode 100755 index 0000000000..2486257065 --- /dev/null +++ b/_scripts/cacheWarm.bash @@ -0,0 +1,13 @@ +#!/usr/bin/env bash +set -euo pipefail + +# warmCache.bash causes warms the CUE module cache with any CUE dependencies, +# so that the credentials used to authenticate to the central registry are only +# in scope for the duration of this script. + +function cleanup() { rm -rfv "${CUE_CONFIG_DIR}"; } + +export CUE_CONFIG_DIR="$(mktemp -d)" +trap cleanup EXIT +echo "$CUELANG_CUE_LOGINS" >"$CUE_CONFIG_DIR/logins.json" +go run cuelang.org/go/cmd/cue mod tidy --check diff --git a/internal/ci/github/trybot.cue b/internal/ci/github/trybot.cue index 6cb19ae4d6..49889e7bc1 100644 --- a/internal/ci/github/trybot.cue +++ b/internal/ci/github/trybot.cue @@ -132,13 +132,8 @@ workflows: trybot: _repo.bashWorkflow & { // TODO: add cache dir to CI cache when it's visible via https://cuelang.org/issue/2838. githubactions.#Step & { name: "Populate CUE dependency cache" - env: CUE_LOGINS: "${{ secrets.NOTCUECKOO_CUE_LOGINS }}" - run: """ - export CUE_CONFIG_DIR="$(mktemp -d)" - echo "$CUE_LOGINS" >"$CUE_CONFIG_DIR/logins.json" - go run cuelang.org/go/cmd/cue mod tidy --check - rm -rfv "${CUE_CONFIG_DIR}" - """ + env: CUELANG_CUE_LOGINS: "${{ secrets.NOTCUECKOO_CUE_LOGINS }}" + run: "_scripts/cacheWarm.bash" }, // We can perform an early check that ensures page.cue files are