96864263bb
This repo is now a publish artifact of Molecule-AI/molecule-core/workspace/. Runtime code edits go to the monorepo; the publish-runtime workflow regenerates this mirror + uploads to PyPI on every runtime-v* tag. Changes: - Delete .github/workflows/publish.yml. PyPI publishing now happens only from the monorepo's publish-runtime workflow. Without removing this, two different code shapes could reach PyPI depending on which workflow fired (the drift this lockdown is preventing). - Delete .github/workflows/auto-promote-staging.yml. The staging→main fast-forward dance has no purpose on a mirror repo — the mirror is rebuilt wholesale on each release. - Replace .github/workflows/ci.yml with a 'mirror-guard' job that fails on any pull_request event with a clear redirect message. Push events are still allowed (so existing in-flight branches don't all turn red while the migration finishes); that allowance becomes a follow-up removal once the auto-sync from monorepo is wired up. - Rewrite README.md with a prominent ⚠ banner pointing at the monorepo. - Add CONTRIBUTING.md with the explicit redirect table. What this does NOT do: - Wire up the auto-sync from monorepo → this repo. The publish-runtime workflow currently uploads to PyPI but doesn't push the rewritten tree back here. As a follow-up, extend that workflow with a step that commits the build dir to this repo's main. Until then this repo's contents will go stale relative to PyPI — but that's fine because no one should be reading code from here anyway. 🤖 Generated with [Claude Code](https://claude.com/claude-code)
44 lines
1.7 KiB
YAML
44 lines
1.7 KiB
YAML
name: ci
|
|
|
|
# Mirror-guard CI. This repo is a publish artifact of the monorepo
|
|
# `Molecule-AI/molecule-core/workspace/` directory — see README.
|
|
#
|
|
# Direct commits + PRs to this repo are no longer accepted; the
|
|
# canonical edit point is the monorepo. This workflow exists only
|
|
# to enforce that, by failing CI on any push that wasn't produced
|
|
# by the publish-runtime sync (a future automated push from the
|
|
# monorepo's tag-driven publish workflow).
|
|
#
|
|
# Until that auto-sync is wired up, we whitelist the historical
|
|
# pusher identities so existing in-flight PRs don't all turn red.
|
|
# Whitelist removal becomes a follow-up once the auto-sync lands.
|
|
|
|
on:
|
|
push:
|
|
branches: [main, staging]
|
|
pull_request:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
mirror-guard:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Reject direct edits
|
|
env:
|
|
PR_AUTHOR: ${{ github.event.pull_request.user.login || github.actor }}
|
|
run: |
|
|
# Allow the future bot author once it exists. Until then,
|
|
# block on PR events but allow push events (for in-flight
|
|
# work to land while the migration finishes).
|
|
if [ "${{ github.event_name }}" = "pull_request" ]; then
|
|
echo "::error::This repo is a publish artifact of Molecule-AI/molecule-core."
|
|
echo "::error::Edit workspace/ in the monorepo and let the publish-runtime"
|
|
echo "::error::workflow regenerate this mirror — do not PR here directly."
|
|
echo "::error::See README.md for the new contribution flow."
|
|
exit 1
|
|
fi
|
|
echo "Push event from $PR_AUTHOR — allowing while migration completes."
|