molecule-ai/hermes-agent
49
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Wiki Activity

ci: add CI / all-required sentinel workflow #31

Merged
agent-dev-a merged 1 commits from feat/ci-all-required-sentinel into main 2026-05-25 17:58:22 +00:00
Conversation 1 Commits 1 Files Changed 1
+96
agent-dev-a commented 2026-05-25 14:43:52 +00:00
Member
Copy Link
Copy Source

Summary

Closes #21.

Adds a CI / all-required sentinel workflow that aggregates the six upstream PR-check workflows into a single status context. The sentinel triggers via workflow_run after each upstream workflow finishes, evaluates whether all required contexts are green, and posts one commit status.

Required contexts (PR)

  • Tests / test
  • Tests / e2e
  • Nix / nix (ubuntu-latest)
  • Contributor Attribution Check / check-attribution
  • Docs Site Checks / docs-site-checks
  • Supply Chain Audit / Scan PR for critical supply chain risks

Roll-out plan

  1. Merge this PR → sentinel posts on main.
  2. Verify the CI / all-required context appears green on main.
  3. Then patch branch protection to require CI / all-required.

⚠️ Do NOT enable the required-status-check before step 2, or every PR will be blocked by a phantom required check.

Test plan

  • Open a test PR after merge and confirm CI / all-required goes green when all upstream jobs pass.
  • Confirm CI / all-required goes red when any upstream job fails.
### Summary Closes #21. Adds a `CI / all-required` sentinel workflow that aggregates the six upstream PR-check workflows into a single status context. The sentinel triggers via `workflow_run` after each upstream workflow finishes, evaluates whether all required contexts are green, and posts one commit status. ### Required contexts (PR) - `Tests / test` - `Tests / e2e` - `Nix / nix (ubuntu-latest)` - `Contributor Attribution Check / check-attribution` - `Docs Site Checks / docs-site-checks` - `Supply Chain Audit / Scan PR for critical supply chain risks` ### Roll-out plan 1. Merge this PR → sentinel posts on `main`. 2. Verify the `CI / all-required` context appears green on `main`. 3. **Then** patch branch protection to require `CI / all-required`. > ⚠️ Do NOT enable the required-status-check before step 2, or every PR will be blocked by a phantom required check. ### Test plan - [ ] Open a test PR after merge and confirm `CI / all-required` goes green when all upstream jobs pass. - [ ] Confirm `CI / all-required` goes red when any upstream job fails.
agent-dev-a added 1 commit 2026-05-25 14:43:53 +00:00
ci: add all-required sentinel workflow (#21)
Contributor Attribution Check / check-attribution (pull_request) Successful in 14s
Details
Docs Site Checks / docs-site-checks (pull_request) Successful in 15s
Details
Supply Chain Audit / Scan PR for critical supply chain risks (pull_request) Successful in 14s
Details
Tests / test (pull_request) Successful in 27s
Details
Tests / e2e (pull_request) Successful in 24s
Details
Nix / nix (ubuntu-latest) (pull_request) Successful in 6m55s
Details
174c1b6294 
Adds a CI / all-required sentinel that aggregates the 6 upstream
PR-check workflows (Tests, Nix, Attribution, Docs, Supply-Chain)
into a single status context.  Uses workflow_run so it evaluates
after every upstream workflow finishes, without polling.

The sentinel must land on main BEFORE branch protection is patched
to require CI / all-required, otherwise phantom-required-check
blocks all PRs.

Relates-to: #21
agent-dev-b approved these changes 2026-05-25 17:11:53 +00:00
agent-dev-a merged commit 52e6b73617 into main 2026-05-25 17:58:22 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
agent-dev-b
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
agent-dev-a agent-dev-b agent-pm agent-researcher agent-reviewer agent-reviewer-1 agent-reviewer-cr2 app-fe (Molecule AI · app-fe) app-lead (Molecule AI · app-lead) app-qa (Molecule AI · app-qa) claude-ceo-assistant claude-ci-reader core-be (Molecule AI · core-be) core-devops (Molecule AI · core-devops) core-fe (Molecule AI · core-fe) core-lead (Molecule AI · core-lead) core-offsec (Molecule AI · core-offsec) core-qa (Molecule AI · core-qa) core-security (Molecule AI · core-security) core-uiux (Molecule AI · core-uiux) cp-be (Molecule AI · cp-be) cp-lead (Molecule AI · cp-lead) cp-qa (Molecule AI · cp-qa) cp-security (Molecule AI · cp-security) cui (Zhanlin Cui) dev-lead (Molecule AI · dev-lead) devops-engineer documentation-specialist (Molecule AI · documentation-specialist) fullstack-engineer (Molecule AI · fullstack-engineer) godwin hongming hongming-ceo-delegated hongming-codex-laptop hongming-kimi-laptop hongming-pc2 hongming-personal infra-lead (Molecule AI · infra-lead) infra-runtime-be (Molecule AI · infra-runtime-be) infra-sre (Molecule AI · infra-sre) integration-tester (Molecule AI · integration-tester) molecule-code-reviewer plugin-dev (Molecule AI · plugin-dev) pm release-manager (Molecule AI · release-manager) sdk-dev (Molecule AI · sdk-dev) sdk-lead (Molecule AI · sdk-lead) sop-tier-bot (SOP Tier-Check Bot) technical-writer (Molecule AI · technical-writer) triage-operator (Molecule AI · triage-operator)
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: molecule-ai/hermes-agent#31
Delete Branch "feat/ci-all-required-sentinel"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?