core-lead/molecule-core
1
0
Fork 0
forked from molecule-ai/molecule-core
Code Pull Requests Activity
db032bafa0
molecule-core/.github/workflows
History
Hongming Wang 97d5883e76 fix(ci): auto-sync concurrency + cleanup follow-ups 
Three small fixes from the self-review of #2209:

1. **Required: concurrency group.** Two pushes to main in quick
   succession (manual UI merge then auto-promote-staging's ff-push,
   or any back-to-back main pushes) would race two auto-sync runs
   against the same staging branch — second `git push origin staging`
   fails non-fast-forward, surfacing as a red CI alert for what should
   be a no-op. Add `concurrency: { group: auto-sync-main-to-staging,
   cancel-in-progress: false }` so the second run waits for the first
   and sees its result.

2. **Hygiene: `git merge --abort` on conflict.** The conflict-error
   path exits 1 with the work tree in a half-merged state. Doesn't
   affect future runs (each gets a fresh checkout) but is an
   unpleasant artifact for anyone who shells into the runner. Abort
   first, then exit.

3. **Doc accuracy: "Loop safety" comment.** The original said the
   chain terminates because "main is either a no-op or advances
   further." That's true but understates the actual safety: GitHub
   Actions explicitly does NOT trigger downstream workflow runs from
   `GITHUB_TOKEN`-authored pushes. So the loop is impossible by
   construction, not just by happy coincidence of ref state. Updated
   the comment to reflect the actual mechanism.

Plus a step-name nit: "Fast-forward staging → main" reads as if main
is the target. Renamed to "Fast-forward staging to main" for
consistency with the workflow's name (main → staging).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-28 14:59:23 -07:00
..
auto-promote-on-e2e.yml feat(ci): auto-promote-on-e2e — retag :latest on green E2E Staging SaaS 2026-04-28 13:58:41 -07:00
auto-promote-staging.yml fix(ci): auto-promote gate-check uses workflow file paths, not names 2026-04-28 13:15:13 -07:00
auto-sync-main-to-staging.yml fix(ci): auto-sync concurrency + cleanup follow-ups 2026-04-28 14:59:23 -07:00
auto-tag-runtime.yml feat(platform/admin): /admin/workspace-images/refresh + Docker SDK + GHCR auth 2026-04-26 10:17:21 -07:00
block-internal-paths.yml fix(ci): block-internal-paths handle merge_group + shallow-clone BASE 2026-04-26 23:54:00 -07:00
canary-staging.yml Merge branch 'staging' into ci/cicd-review-quick-wins 2026-04-27 13:27:16 -07:00
canary-verify.yml ci: canary-verify graceful-skip + draft auto-promote staging→main 2026-04-22 22:39:23 +00:00
check-merge-group-trigger.yml ci: add linter that fails when required workflow lacks merge_group trigger 2026-04-24 00:33:05 -07:00
ci.yml test(workspace): centralize pytest-cov config + 92% floor (closes #1817) 2026-04-26 06:21:22 -07:00
codeql.yml ci: add merge_group trigger to ci + codeql 2026-04-23 21:24:53 -07:00
e2e-api.yml fix(ci): e2e gates always emit a result so auto-promote can read it 2026-04-28 12:43:26 -07:00
e2e-staging-canvas.yml fix(ci): e2e gates always emit a result so auto-promote can read it 2026-04-28 12:43:26 -07:00
e2e-staging-saas.yml Merge branch 'staging' into ci/cicd-review-quick-wins 2026-04-27 13:27:16 -07:00
e2e-staging-sanity.yml fix(e2e): CP DELETE /cp/admin/tenants body uses 'confirm', not 'confirm_token' 2026-04-21 04:50:28 -07:00
pr-guards.yml ci: add pr-guards caller that disables auto-merge on push 2026-04-27 06:39:31 -07:00
promote-latest.yml perf(ci): move all public-repo workflows to ubuntu-latest 2026-04-22 12:56:49 -07:00
publish-canvas-image.yml perf(ci): move all public-repo workflows to ubuntu-latest 2026-04-22 12:56:49 -07:00
publish-runtime.yml feat(cascade): verify wheel content sha256 against just-built dist 2026-04-28 10:53:50 -07:00
publish-workspace-server-image.yml ci(publish-image): also tag :staging-latest so CP auto-picks up new builds 2026-04-24 00:29:55 -07:00
redeploy-tenants-on-main.yml ci(redeploy): fire post-main tenant fleet redeploy via CP admin endpoint 2026-04-24 14:34:28 -07:00
retarget-main-to-staging.yml ci(retarget): handle 422 'duplicate PR' by closing redundant main-PR (closes #1884) 2026-04-26 00:53:55 -07:00
runtime-pin-compat.yml ci(pin-compat): split into two workflows so each gets a narrow paths filter 2026-04-28 10:50:09 -07:00
runtime-prbuild-compat.yml ci(pin-compat): split into two workflows so each gets a narrow paths filter 2026-04-28 10:50:09 -07:00
secret-scan.yml fix(ci): printf format-string sink + filename word-split in secret-scan 2026-04-28 14:02:50 -07:00
sweep-cf-orphans.yml fix(ci): stop sweep-cf-orphans noise — drop merge_group + soft-skip when secrets unset 2026-04-26 08:05:53 -07:00
sweep-stale-e2e-orgs.yml ci: hourly sweep of stale e2e-* orgs on staging 2026-04-24 23:07:57 -07:00
test-ops-scripts.yml refactor(ops): apply simplify findings on #2027 PR 2026-04-26 00:28:15 -07:00