fix(ci): enable e2e for fork PRs via pull_request_target #492
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Branch E2E Checks | |
| on: | |
| pull_request: | |
| types: [opened, synchronize, reopened, labeled] | |
| permissions: | |
| contents: read | |
| packages: read | |
| jobs: | |
| e2e: | |
| if: contains(github.event.pull_request.labels.*.name, 'test:e2e') | |
| name: E2E | |
| runs-on: build-arm64 | |
| timeout-minutes: 45 | |
| container: | |
| image: ghcr.io/nvidia/openshell/ci:latest | |
| credentials: | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| options: --privileged --add-host=host.docker.internal:host-gateway | |
| volumes: | |
| - /var/run/docker.sock:/var/run/docker.sock | |
| env: | |
| MISE_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # Single platform so buildx uses --load (no registry push needed). | |
| DOCKER_PLATFORM: linux/arm64 | |
| EXTRA_CARGO_FEATURES: openshell-core/dev-settings | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install tools | |
| run: mise install | |
| - name: Install dependencies | |
| run: | | |
| uv sync --frozen | |
| apt-get update && apt-get install -y --no-install-recommends openssh-client && rm -rf /var/lib/apt/lists/* | |
| - name: Start local registry | |
| run: | | |
| docker rm -f openshell-local-registry 2>/dev/null || true | |
| docker run -d --restart=always --name openshell-local-registry -p 5000:5000 registry:2 | |
| # Wait for registry to be ready (accessible from host via Docker socket). | |
| for i in $(seq 1 20); do | |
| if docker exec openshell-local-registry wget -qO- http://localhost:5000/v2/ >/dev/null 2>&1; then | |
| echo "Registry ready" | |
| break | |
| fi | |
| sleep 1 | |
| done | |
| - name: Build images | |
| run: | | |
| mise run docker:build:gateway | |
| mise run docker:build:cluster | |
| - name: Push gateway to local registry | |
| run: | | |
| IMAGE_TAG=${IMAGE_TAG:-dev} | |
| docker tag openshell/gateway:${IMAGE_TAG} host.docker.internal:5000/openshell/gateway:${IMAGE_TAG} | |
| docker push host.docker.internal:5000/openshell/gateway:${IMAGE_TAG} | |
| - name: Bootstrap cluster | |
| env: | |
| GATEWAY_HOST: host.docker.internal | |
| GATEWAY_PORT: "8080" | |
| SKIP_IMAGE_PUSH: "1" | |
| SKIP_CLUSTER_IMAGE_BUILD: "1" | |
| OPENSHELL_REGISTRY: host.docker.internal:5000/openshell | |
| OPENSHELL_REGISTRY_HOST: host.docker.internal:5000 | |
| OPENSHELL_REGISTRY_NAMESPACE: openshell | |
| OPENSHELL_REGISTRY_ENDPOINT: host.docker.internal:5000 | |
| OPENSHELL_REGISTRY_INSECURE: "true" | |
| run: mise run --no-prepare --skip-deps cluster | |
| - name: Run E2E tests | |
| run: | | |
| mise run --no-prepare --skip-deps e2e:python | |
| mise run --no-prepare --skip-deps e2e:rust |