-
Notifications
You must be signed in to change notification settings - Fork 379
fix: skip redundant TheRock download when already installed (#2413) #2467
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Changes from all commits
f1387bc
6849d92
184d3b7
cba818a
31a64eb
132b094
74918a2
11991bc
5aa839c
b96224c
7048b17
406e82d
d33b12e
f4b2dc4
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,106 @@ | ||
| #!/usr/bin/env bash | ||
| # --------------------------------------------------------------------------- | ||
| # Setup GitHub repo secrets for PR-Agent (DeepSeek) and Qodo Merge workflows. | ||
| # | ||
| # Reads API keys from local files in ~/Documents/ and pushes them as | ||
| # encrypted GitHub Actions secrets via `gh secret set`. | ||
| # | ||
| # Usage: | ||
| # bash .github/scripts/setup-repo-secrets.sh # current repo | ||
| # bash .github/scripts/setup-repo-secrets.sh --repo owner/repo | ||
| # bash .github/scripts/setup-repo-secrets.sh --dry-run # preview only | ||
| # | ||
| # Key sources (edit paths below to match your setup): | ||
| # ~/Documents/deepseek api key.txt → DEEPSEEK_API_KEY | ||
| # ~/Documents/qodo api key.txt → QODO_API_KEY | ||
| # | ||
| # Prerequisites: | ||
| # - gh CLI installed and authenticated (`gh auth status`) | ||
| # - Write / admin access to the target repo | ||
| # --------------------------------------------------------------------------- | ||
| set -euo pipefail | ||
|
|
||
| REPO="" | ||
| DRY_RUN=false | ||
|
|
||
| while [[ $# -gt 0 ]]; do | ||
| case "$1" in | ||
| --repo) REPO="$2"; shift 2 ;; | ||
| --dry-run) DRY_RUN=true; shift ;; | ||
| *) echo "Unknown: $1"; exit 1 ;; | ||
| esac | ||
| done | ||
|
|
||
| # --- Config: key file paths ----------------------------------------------- | ||
| DEEPSEEK_KEY_FILE="$HOME/Documents/deepseek api key.txt" | ||
| QODO_KEY_FILE="$HOME/Documents/qodo api key.txt" | ||
|
|
||
| # --- Checks ---------------------------------------------------------------- | ||
| if ! command -v gh &>/dev/null; then | ||
| echo "❌ gh CLI not found — install it from https://cli.github.com/" | ||
| exit 1 | ||
| fi | ||
|
|
||
| if ! gh auth status &>/dev/null; then | ||
| echo "❌ gh CLI not authenticated — run 'gh auth login' first." | ||
| exit 1 | ||
| fi | ||
|
|
||
| GH_ARGS=() | ||
| [[ -n "$REPO" ]] && GH_ARGS+=(--repo "$REPO") | ||
|
|
||
| echo "🔍 Target: ${REPO:-$(gh repo view --json nameWithOwner -q .nameWithOwner 2>/dev/null || echo 'current repo')}" | ||
|
|
||
| # --- Read keys ------------------------------------------------------------- | ||
| read_key() { | ||
| local path="$1" label="$2" | ||
| if [[ ! -f "$path" ]]; then | ||
| echo "⚠️ $label key file not found at: $path" | ||
| return 1 | ||
| fi | ||
| local val | ||
| val="$(tr -d '[:space:]' < "$path")" | ||
| if [[ -z "$val" ]]; then | ||
| echo "⚠️ $label key file is empty: $path" | ||
| return 1 | ||
| fi | ||
| echo "$val" | ||
| } | ||
|
|
||
| echo "" | ||
| echo "📂 Reading keys from ~/Documents/ …" | ||
|
|
||
| DEEPSEEK_KEY="$(read_key "$DEEPSEEK_KEY_FILE" "DeepSeek")" || true | ||
| QODO_KEY="$(read_key "$QODO_KEY_FILE" "Qodo")" || true | ||
|
|
||
| # --- Set secrets ----------------------------------------------------------- | ||
| set_secret() { | ||
| local name="$1" value="$2" | ||
| if [[ -z "$value" ]]; then | ||
| echo " ⏭️ Skipping $name (no value)" | ||
| return | ||
| fi | ||
| if $DRY_RUN; then | ||
| echo " 🏁 [DRY-RUN] gh secret set $name ${GH_ARGS[*]}" | ||
| else | ||
| echo " 🔐 Setting $name …" | ||
| echo -n "$value" | gh secret set "$name" "${GH_ARGS[@]}" | ||
| echo " ✅ $name set" | ||
| fi | ||
| } | ||
|
|
||
| echo "" | ||
| $DRY_RUN && echo "🏁 DRY RUN — no secrets will be written" || echo "🚀 Setting secrets …" | ||
| echo "" | ||
|
|
||
| set_secret "DEEPSEEK_API_KEY" "$DEEPSEEK_KEY" | ||
| set_secret "QODO_API_KEY" "$QODO_KEY" | ||
|
|
||
| # --- Summary --------------------------------------------------------------- | ||
| echo "" | ||
| if $DRY_RUN; then | ||
| echo "🏁 Dry run complete. Run without --dry-run to apply." | ||
| else | ||
| echo "✅ Done! Secrets are now available to GitHub Actions workflows." | ||
| echo " Verify: gh secret list ${GH_ARGS[*]}" | ||
| fi | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| # --------------------------------------------------------------------------- | ||
| # PR-Agent review powered by DeepSeek. | ||
| # | ||
| # Required repo secret: DEEPSEEK_API_KEY | ||
| # - Setup: bash .github/scripts/setup-repo-secrets.sh | ||
| # - Or set manually at: https://github.com/<owner>/<repo>/settings/secrets/actions | ||
| # --------------------------------------------------------------------------- | ||
| name: pr-agent-review | ||
| on: | ||
| pull_request: | ||
| types: [opened, synchronize, reopened, ready_for_review] | ||
| issue_comment: | ||
| types: [created] | ||
| permissions: | ||
| contents: read | ||
| pull-requests: write | ||
| issues: write | ||
| jobs: | ||
| pr_agent_job: | ||
| name: PR-Agent (DeepSeek) | ||
| runs-on: ubuntu-latest | ||
| if: ${{ github.event.sender.type != 'Bot' && secrets.DEEPSEEK_API_KEY != '' }} | ||
|
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
GitHub's Actions docs state that "Secrets cannot be directly referenced in Useful? React with 👍 / 👎. |
||
| steps: | ||
| - name: PR Agent review | ||
| uses: the-pr-agent/pr-agent@main | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| DEEPSEEK_API_KEY: ${{ secrets.DEEPSEEK_API_KEY }} | ||
| config.model: "deepseek/deepseek-chat" | ||
| config.fallback_models: '["deepseek/deepseek-chat"]' | ||
| github_action_config.auto_review: "true" | ||
| github_action_config.auto_describe: "true" | ||
| github_action_config.auto_improve: "true" | ||
| pr_description.publish_labels: "true" | ||
| pr_description.publish_description_as: "suggestion" | ||
| pr_reviewer.require_score_review: "false" | ||
| pr_reviewer.num_code_suggestions: "4" | ||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| # --------------------------------------------------------------------------- | ||
| # Qodo Merge — automated PR reviews powered by Qodo. | ||
| # | ||
| # Required repo secret: QODO_API_KEY | ||
| # - Setup: bash .github/scripts/setup-repo-secrets.sh | ||
| # - Or set manually at: https://github.com/<owner>/<repo>/settings/secrets/actions | ||
| # --------------------------------------------------------------------------- | ||
| name: qodo-merge | ||
| on: | ||
| pull_request: | ||
| types: [opened, synchronize, reopened, ready_for_review] | ||
| jobs: | ||
| qodo-merge: | ||
| if: ${{ secrets.QODO_API_KEY != "" }} | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| issues: write | ||
| pull-requests: write | ||
| contents: read | ||
| steps: | ||
| - name: Qodo Merge Review | ||
| uses: qodo-ai/qodo-merge@main | ||
| env: | ||
| QODO_API_KEY: ${{ secrets.QODO_API_KEY }} | ||
| with: | ||
| github_token: ${{ secrets.GITHUB_TOKEN }} |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -215,11 +215,28 @@ void install_therock_if_needed(const std::string& os, const json& backend_versio | |
| return; | ||
| } | ||
|
|
||
| std::string rocm_arch = SystemInfo::get_rocm_arch(); | ||
| // Already installed — skip to avoid redundant 3 GB download | ||
| if (is_therock_installed_for_current_arch(backend_versions)) { | ||
| LOG(DEBUG, "BackendManager") << "TheRock already installed, skipping" << std::endl; | ||
| return; | ||
|
Comment on lines
+219
to
+221
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
On a multi-AMD-GPU machine, this early return only checks the primary architecture from Useful? React with 👍 / 👎. |
||
| } | ||
|
|
||
| std::vector<std::string> rocm_arches = SystemInfo::get_rocm_arches(); | ||
| std::string version = backend_versions["therock"]["version"].get<std::string>(); | ||
|
|
||
| // Install TheRock for this architecture | ||
| backends::BackendUtils::install_therock(rocm_arch, version, progress_cb); | ||
| if (rocm_arches.empty()) { | ||
| // Fall back to single-arch detection for backward compatibility | ||
| std::string single_arch = SystemInfo::get_rocm_arch(); | ||
| if (!single_arch.empty()) { | ||
| backends::BackendUtils::install_therock(single_arch, version, progress_cb); | ||
| } | ||
| return; | ||
| } | ||
|
|
||
| // Install TheRock for each detected GPU architecture | ||
| for (const auto& rocm_arch : rocm_arches) { | ||
| backends::BackendUtils::install_therock(rocm_arch, version, progress_cb); | ||
| } | ||
| } | ||
|
|
||
| } // namespace | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When a key file is missing or empty,
read_keyprints the warning to stdout and returns nonzero, but the caller captures stdout withDEEPSEEK_KEY="$(read_key ...)" || true. That makes the warning text a non-empty secret value, soset_secretuploads it instead of skipping the unset key. Emit diagnostics on stderr or explicitly clear the captured value on failure.Useful? React with 👍 / 👎.