Both Tests/test and Tests/e2e jobs were failing with:
No (valid) GitHub token provided. Falling back to anonymous.
::error::API rate limit exceeded for 5.78.80.188.
❌ Failure - Main Install uv
Root cause: astral-sh/setup-uv@v5 with no `version:` resolves "latest"
by calling api.github.com (octokit.repos.getLatestRelease). The
operator host's anonymous IP is rate-limited at the public 60-req/hr
cap because we no longer have a Molecule-AI GitHub PAT post the
2026-05-06 org suspension. Multiple uv installs across 16 runners
exhaust the budget within minutes; subsequent installs fail.
Pinning `version: "0.11.11"` makes setup-uv construct the release
download URL directly (github.com/astral-sh/uv/releases/download/0.11.11)
without an API call. Anonymous GitHub releases CDN downloads are not
rate-limited.
Same pattern as the prior molecule-core fix during the 2026-05-08
hermes-agent CI investigation; this one pins the tests.yml workflow
that the prior fix missed.
Drops the .ci-trigger-marker introduced earlier in this session — its
job is done.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Recent main runs have been hitting the 10-minute cap repeatedly — the
full non-integration suite no longer fits in that window on
ubuntu-latest. Cancelled runs leave main without a green signal, which
masks real regressions.
Bumps only the test job. The e2e job still finishes in ~25s, so its
10-minute cap stays as-is.
- Docker build only triggers on main push (code/config changes) and
releases, no longer on every PR
- Tests skip markdown-only and docs-only changes
- Remove supply-chain-audit workflow
* refactor: re-architect tests to mirror the codebase
* Update tests.yml
* fix: add missing tool_error imports after registry refactor
* fix(tests): replace patch.dict with monkeypatch to prevent env var leaks under xdist
patch.dict(os.environ) can leak TERMINAL_ENV across xdist workers,
causing test_code_execution tests to hit the Modal remote path.
* fix(tests): fix update_check and telegram xdist failures
- test_update_check: replace patch("hermes_cli.banner.os.getenv") with
monkeypatch.setenv("HERMES_HOME") — banner.py no longer imports os
directly, it uses get_hermes_home() from hermes_constants.
- test_telegram_conflict/approval_buttons: provide real exception classes
for telegram.error mock (NetworkError, TimedOut, BadRequest) so the
except clause in connect() doesn't fail with "catching classes that do
not inherit from BaseException" when xdist pollutes sys.modules.
* fix(tests): accept unavailable_models kwarg in _prompt_model_selection mock
Move e2e tests into tests.yml as a parallel job instead of a separate
workflow. Unit tests now also ignore tests/e2e/ to avoid running them
twice. Both jobs appear as independent checks in the PR.
~2min sequential runs were painful. Added pytest-xdist and -n auto
to run across all available cores. Tests already isolate state via
tmp_path fixtures so no changes needed to test code.
Local: 2677 passed in ~30s. CI gets 4 vCPUs on ubuntu-latest.
Run pytest on Python 3.11 + 3.12 for every PR and push to main.
- Uses uv for fast dependency installation
- Excludes integration tests (need real API keys/services)
- Blanks API keys as safety net against accidental real API calls
- Concurrency: cancels in-progress runs when new commits are pushed
- 10 minute timeout (tests take ~77s)
- fail-fast disabled so both Python versions run independently
GitHub's default 'require approval for first-time contributors'
means maintainers approve CI before it runs on new contributors'
PRs, preventing abuse of CI resources.
