From fb1dd1bf910c68f6199329d46dce8cce01a6535d Mon Sep 17 00:00:00 2001 From: ethernet Date: Tue, 23 Jun 2026 19:32:33 -0400 Subject: [PATCH] change(ci): docker-publish.yml -> docker.yml --- .github/workflows/ci.yml | 2 +- .github/workflows/docker-lint.yml | 2 +- .github/workflows/{docker-publish.yml => docker.yml} | 0 .github/workflows/uv-lockfile-check.yml | 4 ++-- Dockerfile | 2 +- scripts/run_tests_parallel.py | 2 +- tests/docker/test_dump_build_sha.py | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) rename .github/workflows/{docker-publish.yml => docker.yml} (100%) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6abe70d0e0b..fd5c80661a6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -98,7 +98,7 @@ jobs: docker: needs: detect if: needs.detect.outputs.python == 'true' || needs.detect.outputs.frontend == 'true' || needs.detect.outputs.docker_meta == 'true' - uses: ./.github/workflows/docker-publish.yml + uses: ./.github/workflows/docker.yml supply-chain: needs: detect diff --git a/.github/workflows/docker-lint.yml b/.github/workflows/docker-lint.yml index c01bf31f5c4..89b80fa10e0 100644 --- a/.github/workflows/docker-lint.yml +++ b/.github/workflows/docker-lint.yml @@ -2,7 +2,7 @@ name: Docker / shell lint # Lints the container build inputs: Dockerfile (via hadolint) and any shell # scripts under docker/ (via shellcheck). These catch the class of regression -# the behavioral docker-publish smoke test can't — unquoted variable +# the behavioral docker smoke test can't — unquoted variable # expansions, silently-failing RUN commands, etc. # # Rules and ignores are documented in .hadolint.yaml at the repo root. diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker.yml similarity index 100% rename from .github/workflows/docker-publish.yml rename to .github/workflows/docker.yml diff --git a/.github/workflows/uv-lockfile-check.yml b/.github/workflows/uv-lockfile-check.yml index 93c3686daa9..eabfb8d6eab 100644 --- a/.github/workflows/uv-lockfile-check.yml +++ b/.github/workflows/uv-lockfile-check.yml @@ -4,7 +4,7 @@ name: uv.lock check # that modify pyproject.toml without regenerating uv.lock (or vice versa) # must not merge, because the Docker build's `uv sync --frozen` step will # fail on a stale lockfile and we'd rather catch it here than in the -# docker-publish workflow on main. +# docker workflow on main. # # ───────────────────────────────────────────────────────────────────────── # IMPORTANT: this check runs against the MERGED state, not just your branch @@ -100,7 +100,7 @@ jobs: This check is blocking because the Docker image build uses `uv sync --frozen --extra all`, which rejects stale lockfiles - — catching it here avoids a ~15 min failed docker-publish run + — catching it here avoids a ~15 min failed docker run on `main` post-merge. EOF echo "::error title=uv.lock out of sync::Run \`uv lock\` locally and commit the result. If on a PR, sync with main first." diff --git a/Dockerfile b/Dockerfile index cf262eda47a..6a5f5f1eef5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -238,7 +238,7 @@ RUN mkdir -p /opt/hermes/bin && \ # # The arg is optional — local `docker build` without --build-arg simply # omits the file, and the runtime falls back to live-git lookup. CI -# (.github/workflows/docker-publish.yml) passes ${{ github.sha }} so +# (.github/workflows/docker.yml) passes ${{ github.sha }} so # every published image has it. ARG HERMES_GIT_SHA= RUN if [ -n "${HERMES_GIT_SHA}" ]; then \ diff --git a/scripts/run_tests_parallel.py b/scripts/run_tests_parallel.py index a0f6ec21de4..354d167d57a 100755 --- a/scripts/run_tests_parallel.py +++ b/scripts/run_tests_parallel.py @@ -58,7 +58,7 @@ _DEFAULT_ROOTS = ["tests"] # # tests/e2e/ — .github/workflows/tests.yml :: e2e job # tests/integration/ — historical; legacy --ignore flags -# tests/docker/ — .github/workflows/docker-publish.yml :: +# tests/docker/ — .github/workflows/docker.yml :: # build-amd64 job (runs against the freshly-loaded # nousresearch/hermes-agent:test image, via # ``HERMES_TEST_IMAGE`` so the fixture skips diff --git a/tests/docker/test_dump_build_sha.py b/tests/docker/test_dump_build_sha.py index c84a372e823..20e6da19c06 100644 --- a/tests/docker/test_dump_build_sha.py +++ b/tests/docker/test_dump_build_sha.py @@ -6,7 +6,7 @@ fails inside the published image and ``hermes dump`` used to report ``$HERMES_GIT_SHA`` build-arg to ``/opt/hermes/.hermes_build_sha`` and ``hermes_cli/build_info.py`` reads it as a fallback. -CI (``.github/workflows/docker-publish.yml``) always sets the build-arg +CI (``.github/workflows/docker.yml``) always sets the build-arg to ``${{ github.sha }}``. Local ``docker build`` (the ``built_image`` fixture in ``tests/docker/conftest.py``) does NOT — so locally the file is absent and ``hermes dump`` correctly falls back to ``(unknown)``.