ci: stop patching the deployments repo from the CD workflow#1952
Merged
Conversation
Remove the update-helm-values job, which cloned alpenlabs/deployments, rewrote image tags/SP1 VK with yq/sed, and committed+pushed back to a deployments branch. Image tag promotion is handled out of band, so this cross-repo write coupling (and its DEPLOYMENTS_REPO_WRITE deploy key) is no longer wanted. Also drop the now-dead wiring that only fed that job: the build-and-push job outputs block, the Extract SP1 Value step, and the host-side datatool build + checkpoint-predicate extraction. The workflow now only builds and pushes the Docker image to ECR.
Contributor
|
Commit: 3d360a7 SP1 Execution Results
|
Codecov Report✅ All modified and coverable lines are covered by tests. @@ Coverage Diff @@
## main #1952 +/- ##
==========================================
- Coverage 84.46% 84.42% -0.04%
==========================================
Files 637 637
Lines 76670 76670
==========================================
- Hits 64757 64728 -29
- Misses 11913 11942 +29
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
storopoli
approved these changes
Jun 8, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Removes the cross-repo write coupling where the alpen CD workflow patched the deployments repo.
cd.yml'supdate-helm-valuesjob clonedalpenlabs/deployments, rewrote image tags + the SP1 VK withyq/sed, and committed/pushed back to a deployments branch (BRANCH_OF_DEPLOYMENT_REPO) using theDEPLOYMENTS_REPO_WRITEdeploy key. Image-tag promotion is handled out of band now, so this job is removed.Changes
update-helm-valuesjob (clone deployments → yq/sed tag rewrite → commit/push).build-and-pushjoboutputsblock (program,sp1_value),Extract SP1 Valuestep,strata-datatoolbuild +gen-checkpoint-predicateextraction inside the build step (its output was only consumed by the Helm patch; the prover image build uses--build-arg PROVER_FEATURES=sp1, not the SP1 value).The workflow now only builds and pushes the Docker image to ECR. Net: +2 / −104 lines, valid YAML, single remaining job
build-and-push.Follow-ups (not in this PR)
DEPLOYMENTS_REPO_WRITEsecret and theBRANCH_OF_DEPLOYMENT_REPO/CLUSTER_NAME/GH_ACTIONS_USER_NAMErepo vars are now unused and can be revoked/cleaned up in repo settings.