[bazel] Set readonly api when building pull requests (#8094)

2026-06-19 00:41:43 +00:00 · 2025-07-16 23:45:14 -04:00
parent b85a0d5cf3
commit 412d189507
2 changed files with 25 additions and 0 deletions
--- a/.github/actions/setup-build-buddy/action.yml
+++ b/.github/actions/setup-build-buddy/action.yml
@@ -8,6 +8,7 @@ inputs:
 runs:
  using: "composite"
  steps:
+    # Sets up build buddy when no secret is found for the API key. This is most likely because this is triggered from an action from a fork instead of the main allwpilib repo.
    - name: Setup without key
      env:
        API_KEY: ${{ inputs.token }}
@@ -17,6 +18,16 @@ runs:
          echo "No API key secret detected, will setup readonly cache"
          echo "build:ci --config=build_buddy_readonly" > bazel_auth.rc

+          # Set up the readonly key only if this build is for a pull request. Push builds happen in the forks repository,
+          # so the user should set their own buildbuddy api keys up there. Only enabling it for PR's should reduce heavy
+          # and more random load on the cache.
+          if [ "${{ github.event_name }}" = "pull_request" ]; then
+            echo "Assuming this is a pull request from a fork. Setting up the readonly api key"
+            echo "build:ci --remote_header=x-buildbuddy-api-key=QIOV65PTW1tVal3AJbe7" >> bazel_auth.rc
+          else
+            echo "Not setting up readonly key for trigger ${{ github.event_name }} since this is not a pull request, it is most likely a forks push. See the buildbuddy setup guide in README-Bazel.md to set up caching on your fork"
+          fi
+
    - name: Set with key
      env:
        API_KEY: ${{ inputs.token }}