@@ -38,17 +38,24 @@ jobs:
3838 image : " ghcr.io/rust-gpu/rust-cuda-ubuntu24-cuda12:latest"
3939 - name : RockyLinux-9/CUDA-12.8.1
4040 image : " ghcr.io/rust-gpu/rust-cuda-rockylinux9-cuda12:latest"
41+ outputs :
42+ # Output the result of the permission check
43+ actor_has_write_permission : ${{ steps.permission_check.outputs.has-permission }}
44+ # Output the buile artifact details so the test job can use them
45+ artifact_name : ${{ steps.artifact_details.outputs.name }}
46+ artifact_path : ${{ steps.artifact_details.outputs.path }}
4147
4248 steps :
4349 - name : Checkout repository
4450 uses : actions/checkout@v4
4551
46- - name : Debug Info
47- if : github.event_name == 'pull_request'
48- run : |
49- echo "Event Name: ${{ github.event_name }}"
50- echo "Author Association: ${{ github.event.pull_request.author_association }}"
51- echo "Is Owner/Member?: ${{ contains(fromJson('["OWNER", "MEMBER"]'), github.event.pull_request.author_association) }}"
52+ - name : Check if triggering actor has write permission
53+ id : permission_check
54+ uses : scherermichael-oss/action-has-permission@v1
55+ with :
56+ required-permission : write
57+ env :
58+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
5259
5360 - name : Verify CUDA, Rust installation
5461 run : |
5764name : Load Rust cache
5865 uses : Swatinem/rust-cache@v2
5966 with :
60- # Use the specific commit SHA for the most accurate build cache key
6167 key : ${{ matrix.variance.name }}-${{ github.sha }}
6268
6369 - name : Rustfmt
@@ -79,39 +85,38 @@ jobs:
7985 RUSTDOCFLAGS : -Dwarnings
8086 run : cargo doc --workspace --all-features --document-private-items --no-deps --exclude "optix*" --exclude "path_tracer" --exclude "denoiser" --exclude "ex*" --exclude "cudnn*" --exclude "cust_raw"
8187
82- - name : Set artifact name
83- id : artifact_name
88+ - name : Prepare artifact details
89+ id : artifact_details
8490 run : |
85- ARTIFACT_NAME="target_debug-$(echo '${{ matrix.variance.name }}' | sed 's/\//-/g')-${{ github.run_id }}"
86- echo "artifact_name=${ARTIFACT_NAME}" >> $GITHUB_OUTPUT
91+ SANITIZED_NAME=$(echo '${{ matrix.variance.name }}' | sed 's/[^a-zA-Z0-9.-]/-/g')
92+ ARTIFACT_NAME="target_debug-${SANITIZED_NAME}-${{ github.run_id }}"
93+ ARTIFACT_PATH="target/debug" # Define the path consistently
94+ echo "name=${ARTIFACT_NAME}" >> $GITHUB_OUTPUT
95+ echo "path=${ARTIFACT_PATH}" >> $GITHUB_OUTPUT # Output the path variable
8796
8897name : Upload build artifacts
8998 uses : actions/upload-artifact@v4
9099 with :
91- name : ${{ steps.artifact_name .outputs.artifact_name }}
92- path : target/debug
100+ name : ${{ steps.artifact_details .outputs.name }}
101+ path : ${{ steps.artifact_details.outputs.path }}
93102 retention-days : 1
94103
95-
96104 test :
97105 name : ${{ matrix.variance.name }}
98- # This job depends on the build job completing successfully for the same matrix entry
106+ # Depends on the build job
99107 needs : build
100- # Run this job ONLY IF:
101- # - The build job succeeded
102- # - AND EITHER:
103- # - The event was a push to the 'main' branch
104- # - OR The event was a manual trigger
105- # - OR The event was a pull_request AND the author is an OWNER or MEMBER of the repo
108+ # Run ONLY IF:
109+ # - The corresponding ' build' job succeeded AND
110+ # - EITHER:
111+ # - Event is ' push' to 'main'
112+ # - OR Event is 'workflow_dispatch'
113+ # - OR Event is ' pull_request' AND the 'actor_has_write_permission' output from build is 'true'
106114 if : >
107115 needs.build.result == 'success' &&
108116 (
109117 (github.event_name == 'push' && github.ref == 'refs/heads/main') ||
110118 github.event_name == 'workflow_dispatch' ||
111- (
112- github.event_name == 'pull_request' &&
113- contains(fromJson('["OWNER","MEMBER"]'), github.event.pull_request.author_association)
114- )
119+ (github.event_name == 'pull_request' && needs.build.outputs.actor_has_write_permission == 'true')
115120 )
116121runs-on : ubuntu-latest
117122 # Use the exact same container image as the build job
@@ -123,35 +128,28 @@ jobs:
123128 matrix :
124129 variance :
125130 # Must match the build job's matrix definition
126- # - name: Ubuntu-22.04/CUDA-11.8.0
127- # image: "ghcr.io/rust-gpu/rust-cuda-ubuntu22-cuda11:latest"
131+ # - name: Ubuntu-22.04/CUDA-11.8.0 image:
132+ # "ghcr.io/rust-gpu/rust-cuda-ubuntu22-cuda11:latest"
128133 - name : Ubuntu-22.04/CUDA-12.8.1
129134 image : " ghcr.io/rust-gpu/rust-cuda-ubuntu22-cuda12:latest"
130135 - name : Ubuntu-24.04/CUDA-12.8.1
131136 image : " ghcr.io/rust-gpu/rust-cuda-ubuntu24-cuda12:latest"
132137 - name : RockyLinux-9/CUDA-12.8.1
133138 image : " ghcr.io/rust-gpu/rust-cuda-rockylinux9-cuda12:latest"
134139 steps :
135- - name : Set artifact name
136- id : artifact_name
137- run : |
138- ARTIFACT_NAME="target_debug-$(echo '${{ matrix.variance.name }}' | sed 's/\//-/g')-${{ github.run_id }}"
139- echo "artifact_name=${ARTIFACT_NAME}" >> $GITHUB_OUTPUT
140-
141140 - name : Download build artifacts
142141 uses : actions/download-artifact@v4
143142 with :
144- name : ${{ steps.artifact_name .outputs.artifact_name }}
145- path : target/debug
143+ name : ${{ needs.build .outputs.artifact_name }}
144+ path : ${{ needs.build.outputs.artifact_path }}
146145
147146 - name : List downloaded files
148- run : ls -lR target/debug
147+ run : ls -lR ${{ needs.build.outputs.artifact_path }}
149148
150149 - name : Run remote tests
151150 env :
152151 # Inject the id and secret ONLY in this job, which is conditionally run
153152 MODAL_TOKEN_ID : ${{ secrets.MODAL_TOKEN_ID }}
154153 MODAL_TOKEN_SECRET : ${{ secrets.MODAL_TOKEN_SECRET }}
155- # Add any other env vars needed for testing
156154 run : |
157155 echo "Stubbed out"
0 commit comments