forked from molecule-ai/molecule-core
d57ed520f0
Tier-2 hardening per RFC internal#219 §1 + charter §SOP-N rule (m). New
CI lint that scans .gitea/workflows/*.yml for six structurally-hostile
shapes that Gitea 1.22.6 silently rejects or ambiguously parses, BEFORE
they reach main.
Rules (4 fatal + 1 fatal cross-file + 1 heuristic-warn):
1. on.workflow_dispatch.inputs — Gitea 1.22.6 mis-parses inputs.X as
sibling event types and rejects the entire workflow with
[W] ignore invalid workflow ... unknown on type. Memory:
feedback_gitea_workflow_dispatch_inputs_unsupported. Origin:
2026-05-11 publish-runtime-v1.0.0 silent freeze, ~24h PyPI lag.
2. on: workflow_run — not enumerated in Gitea 1.22.6 event types
(verified via modules/actions/workflows.go; task #81). Workflow
registers, fires for zero events.
3. workflow name: containing / — breaks the commit-status convention
<workflow> / <job> (<event>) used by sop-tier-check + status-reaper
to tokenize context strings.
4. cross-file name: collision — status-routing is by name; collision
yields undefined commit-status updates (status-reaper rev1 class).
5. cross-repo uses: org/repo/subpath@ref — DEFAULT_ACTIONS_URL=github
resolves to github.com/<org-suspended>/... and 404s. Memory:
feedback_gitea_cross_repo_uses_blocked. Cross-link: task #109.
6. (WARN, heuristic) api.github.com refs without workflow-level
env.GITHUB_SERVER_URL. Memory: feedback_act_runner_github_server_url.
Per halt-condition 3: downgraded to warn-not-fail to avoid the 3
known benign hits on current main (OCI source label + jq-release
pin) which use https://github.com/... not https://api.github.com/.
Empirical history this hardens against:
- status-reaper rev1 caught rule-4 (name-collision) class fail-loud
- sop-tier-refire DOA-d on rule-2 (workflow_run partial)
- #319 bootstrap-paradox (chained-defect class, related)
- internal#329 dispatcher race (adjacent)
- 2026-05-11 publish-runtime: rule-1, 24h PyPI freeze on
runtime-v1.0.0 publish
Triggers:
- pull_request — pre-merge gate
- push to main/staging — post-merge regression catch even if the PR
gate is bypassed by branch-protection drift
Per RFC #219 §1 contract: continue-on-error: true on the job during the
surface-broken-shapes phase. Follow-up PR flips off after the 3 existing
rule-2 violations on main are migrated to a supported trigger.
Existing-on-main violations surfaced by this lint (3, informational, NOT
auto-fixed per halt-condition 2):
- .gitea/workflows/redeploy-tenants-on-main.yml — rule 2
- .gitea/workflows/redeploy-tenants-on-staging.yml — rule 2
- .gitea/workflows/staging-verify.yml — rule 2
All three have on: workflow_run: triggers that will fire for zero
events. Fix path: replace with cron or with push+paths:[upstream-yml]
gate. Tracked separately (do not block this PR).
Tests:
tests/test_lint_workflow_yaml.py — 15 pytest cases:
- 6 × per-rule violation-detected (rules 1-3,5 + rule 4 cross-file
+ rule 6 heuristic-warn)
- 6 × per-rule clean-passes
- 1 × cross-file collision detected
- 1 × all-violations-aggregated single file
- 1 × empty workflow dir = exit 0
- 1 × vendor-truth: the exact 2026-05-11 publish-runtime YAML shape
from feedback_gitea_workflow_dispatch_inputs_unsupported is caught
(per feedback_smoke_test_vendor_truth_not_shape_match: fixtures
mirror real Gitea 1.22.6 semantics, not yaml-parser quirks)
15/15 tests pass locally. Lint exits 1 against current .gitea/workflows/
because of the 3 existing rule-2 violations above; that is the gate
working as intended (and continue-on-error keeps the PR-status soft
until the violations are migrated).
|
||
|---|---|---|
| .. | ||
| e2e | ||
| harness | ||
| ops | ||
| README.md | ||
| test_ci_required_drift.py | ||
| test_lint_required_no_paths.py | ||
| test_lint_workflow_yaml.py | ||
| test_main_red_watchdog.py | ||
| test_status_reaper.py | ||
Tests
This repo uses the standard monorepo testing convention: unit tests live with their package, cross-component E2E tests live here.
Where to find tests
| Scope | Location |
|---|---|
| Go unit + integration (platform, CLI, handlers) | workspace-server/**/*_test.go — run with cd workspace-server && go test -race ./... |
| TypeScript unit (canvas components, hooks, store) | canvas/src/**/__tests__/ — run with cd canvas && npm test -- --run |
| TypeScript unit (MCP server handlers) | mcp-server/src/__tests__/ — run with cd mcp-server && npx jest |
| Python unit (workspace runtime, adapters) | workspace/tests/ — run with cd workspace && python3 -m pytest |
| Python unit (SDK: plugin + remote agent) | sdk/python/tests/ — run with cd sdk/python && python3 -m pytest |
| Cross-component E2E (spans platform + runtime + HTTP) | tests/e2e/ ← you are here |
Why split this way
- Go requires co-located
_test.gofiles to access unexported symbols. - Per-package test commands keep the inner loop fast — changing canvas doesn't re-run Go tests.
tests/e2e/covers scenarios that no single package owns: a full workspace lifecycle, A2A across two provisioned agents, delegation chains, bundle round-trips.
Running E2E
Every E2E script here assumes the platform is running at localhost:8080 and (where noted) provisioned agents are online. See the header comment of each .sh for specifics.
Cleaning up rogue test workspaces
If an E2E run aborts before its teardown runs (Ctrl-C, crash, CI timeout),
the platform can be left with workspaces whose config volume is stale or
empty — Docker's unless-stopped restart policy then spins those
containers in a FileNotFoundError loop. The platform's pre-flight check
(#17) marks such workspaces failed on the next restart, but a manual
cleanup is useful:
bash scripts/cleanup-rogue-workspaces.sh # deletes ws with id/name starting aaaaaaaa-, bbbbbbbb-, cccccccc-, test-ws-
MOLECULE_URL=http://host:8080 bash scripts/cleanup-rogue-workspaces.sh
The script DELETEs each matching workspace via the API and
force-removes the ws-<id[:12]> container as a belt-and-suspenders
fallback.