Merge pull request 'fix(ci): annotate workflow status emitters' (#877) from fix/main-red-workflow-sop into main
Some checks failed
Block internal-flavored paths / Block forbidden paths (push) Successful in 21s
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 27s
Harness Replays / detect-changes (pull_request) Successful in 16s
CI / Detect changes (pull_request) Successful in 46s
CI / Detect changes (push) Successful in 44s
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 17s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 46s
E2E API Smoke Test / detect-changes (pull_request) Successful in 55s
E2E API Smoke Test / detect-changes (push) Successful in 1m0s
Harness Replays / detect-changes (push) Successful in 19s
E2E Staging Canvas (Playwright) / detect-changes (push) Successful in 1m9s
Lint curl status-code capture / Scan workflows for curl status-capture pollution (push) Successful in 20s
Handlers Postgres Integration / detect-changes (push) Successful in 1m25s
publish-runtime-autobump / bump-and-tag (pull_request) Has been skipped
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Successful in 2m24s
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m29s
publish-runtime-autobump / pr-validate (pull_request) Successful in 53s
review-check-tests / review-check.sh regression tests (pull_request) Successful in 15s
review-check-tests / review-check.sh regression tests (push) Successful in 14s
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Successful in 1m44s
lint-continue-on-error-tracking / lint-continue-on-error-tracking (push) Successful in 2m1s
lint-mask-pr-atomicity / lint-mask-pr-atomicity (pull_request) Successful in 2m48s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 24s
Runtime PR-Built Compatibility / detect-changes (push) Successful in 28s
Secret scan / Scan diff for credential-shaped strings (push) Successful in 17s
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 2m44s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 29s
gate-check-v3 / gate-check (pull_request) Successful in 11s
lint-required-context-exists-in-bp / lint-required-context-exists-in-bp (pull_request) Successful in 2m39s
qa-review / approved (pull_request) Failing after 12s
sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l
security-review / approved (pull_request) Failing after 17s
sop-checklist-gate / gate (pull_request) Successful in 17s
Harness Replays / Harness Replays (pull_request) Successful in 12s
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (push) Successful in 1m34s
sop-tier-check / tier-check (pull_request) Successful in 17s
CI / Platform (Go) (push) Successful in 8s
CI / Shellcheck (E2E scripts) (push) Successful in 7s
CI / Canvas (Next.js) (push) Successful in 8s
CI / Python Lint & Test (push) Successful in 7s
CI / Shellcheck (E2E scripts) (pull_request) Successful in 18s
E2E API Smoke Test / E2E API Smoke Test (push) Successful in 12s
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 1m27s
Harness Replays / Harness Replays (push) Successful in 14s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (push) Successful in 15s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 2m30s
Handlers Postgres Integration / Handlers Postgres Integration (push) Successful in 6s
publish-canvas-image / Build & push canvas image (push) Successful in 5m30s
CI / Canvas Deploy Reminder (push) Has been skipped
Runtime PR-Built Compatibility / PR-built wheel + import smoke (push) Successful in 7s
CI / Platform (Go) (pull_request) Failing after 5m3s
CI / all-required (push) Successful in 10s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 2m41s
CI / Python Lint & Test (pull_request) Successful in 7m56s
Sweep stale Cloudflare Tunnels / Sweep CF tunnels (push) Successful in 26s
CI / Canvas (Next.js) (pull_request) Successful in 17m6s
CI / Canvas Deploy Reminder (pull_request) Has been skipped
CI / all-required (pull_request) Successful in 7s
Staging SaaS smoke (every 30 min) / Staging SaaS smoke (push) Successful in 4m58s
main-red-watchdog / watchdog (push) Successful in 1m33s
gate-check-v3 / gate-check (push) Compensated by status-reaper (workflow has no push: trigger; Gitea 1.22.6 hardcoded-suffix bug — see .gitea/scripts/status-reaper.py)
Sweep stale e2e-* orgs (staging) / Sweep e2e orgs (push) Successful in 11s
Sweep stale Cloudflare DNS records / Sweep CF orphans (push) Successful in 48s
ci-required-drift / drift (push) Successful in 1m47s
gitea-merge-queue / queue (push) Successful in 3s
status-reaper / reap (push) Successful in 53s
Continuous synthetic E2E (staging) / Synthetic E2E against staging (push) Successful in 5m0s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Compensated by status-reaper (default-branch pull_request status shadowed by successful push status on same SHA; see .gitea/scripts/status-reaper.py)
Some checks failed
Block internal-flavored paths / Block forbidden paths (push) Successful in 21s
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 27s
Harness Replays / detect-changes (pull_request) Successful in 16s
CI / Detect changes (pull_request) Successful in 46s
CI / Detect changes (push) Successful in 44s
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 17s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 46s
E2E API Smoke Test / detect-changes (pull_request) Successful in 55s
E2E API Smoke Test / detect-changes (push) Successful in 1m0s
Harness Replays / detect-changes (push) Successful in 19s
E2E Staging Canvas (Playwright) / detect-changes (push) Successful in 1m9s
Lint curl status-code capture / Scan workflows for curl status-capture pollution (push) Successful in 20s
Handlers Postgres Integration / detect-changes (push) Successful in 1m25s
publish-runtime-autobump / bump-and-tag (pull_request) Has been skipped
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Successful in 2m24s
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m29s
publish-runtime-autobump / pr-validate (pull_request) Successful in 53s
review-check-tests / review-check.sh regression tests (pull_request) Successful in 15s
review-check-tests / review-check.sh regression tests (push) Successful in 14s
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Successful in 1m44s
lint-continue-on-error-tracking / lint-continue-on-error-tracking (push) Successful in 2m1s
lint-mask-pr-atomicity / lint-mask-pr-atomicity (pull_request) Successful in 2m48s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 24s
Runtime PR-Built Compatibility / detect-changes (push) Successful in 28s
Secret scan / Scan diff for credential-shaped strings (push) Successful in 17s
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 2m44s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 29s
gate-check-v3 / gate-check (pull_request) Successful in 11s
lint-required-context-exists-in-bp / lint-required-context-exists-in-bp (pull_request) Successful in 2m39s
qa-review / approved (pull_request) Failing after 12s
sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l
security-review / approved (pull_request) Failing after 17s
sop-checklist-gate / gate (pull_request) Successful in 17s
Harness Replays / Harness Replays (pull_request) Successful in 12s
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (push) Successful in 1m34s
sop-tier-check / tier-check (pull_request) Successful in 17s
CI / Platform (Go) (push) Successful in 8s
CI / Shellcheck (E2E scripts) (push) Successful in 7s
CI / Canvas (Next.js) (push) Successful in 8s
CI / Python Lint & Test (push) Successful in 7s
CI / Shellcheck (E2E scripts) (pull_request) Successful in 18s
E2E API Smoke Test / E2E API Smoke Test (push) Successful in 12s
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 1m27s
Harness Replays / Harness Replays (push) Successful in 14s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (push) Successful in 15s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 2m30s
Handlers Postgres Integration / Handlers Postgres Integration (push) Successful in 6s
publish-canvas-image / Build & push canvas image (push) Successful in 5m30s
CI / Canvas Deploy Reminder (push) Has been skipped
Runtime PR-Built Compatibility / PR-built wheel + import smoke (push) Successful in 7s
CI / Platform (Go) (pull_request) Failing after 5m3s
CI / all-required (push) Successful in 10s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 2m41s
CI / Python Lint & Test (pull_request) Successful in 7m56s
Sweep stale Cloudflare Tunnels / Sweep CF tunnels (push) Successful in 26s
CI / Canvas (Next.js) (pull_request) Successful in 17m6s
CI / Canvas Deploy Reminder (pull_request) Has been skipped
CI / all-required (pull_request) Successful in 7s
Staging SaaS smoke (every 30 min) / Staging SaaS smoke (push) Successful in 4m58s
main-red-watchdog / watchdog (push) Successful in 1m33s
gate-check-v3 / gate-check (push) Compensated by status-reaper (workflow has no push: trigger; Gitea 1.22.6 hardcoded-suffix bug — see .gitea/scripts/status-reaper.py)
Sweep stale e2e-* orgs (staging) / Sweep e2e orgs (push) Successful in 11s
Sweep stale Cloudflare DNS records / Sweep CF orphans (push) Successful in 48s
ci-required-drift / drift (push) Successful in 1m47s
gitea-merge-queue / queue (push) Successful in 3s
status-reaper / reap (push) Successful in 53s
Continuous synthetic E2E (staging) / Synthetic E2E against staging (push) Successful in 5m0s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Compensated by status-reaper (default-branch pull_request status shadowed by successful push status on same SHA; see .gitea/scripts/status-reaper.py)
This commit is contained in:
commit
6526521055
@ -43,6 +43,7 @@ permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
# bp-exempt: drift visibility gate; CI / all-required remains the required aggregate.
|
||||
check:
|
||||
runs-on: ubuntu-latest
|
||||
# Phase 3 (RFC #219 §1): surface broken workflows without blocking
|
||||
|
||||
@ -44,6 +44,7 @@ env:
|
||||
GITHUB_SERVER_URL: https://git.moleculesai.app
|
||||
|
||||
jobs:
|
||||
# bp-exempt: PR advisory bot; merge blocking is enforced by CI status and branch protection.
|
||||
gate-check:
|
||||
runs-on: ubuntu-latest
|
||||
# mc#774: pre-existing continue-on-error mask; root-fix and remove, do not renew silently.
|
||||
|
||||
@ -60,6 +60,7 @@ env:
|
||||
GITHUB_SERVER_URL: https://git.moleculesai.app
|
||||
|
||||
jobs:
|
||||
# bp-exempt: change detector only; downstream Harness Replays is the meaningful gate.
|
||||
detect-changes:
|
||||
runs-on: ubuntu-latest
|
||||
# Phase 3 (RFC #219 §1): surface broken workflows without blocking.
|
||||
@ -132,7 +133,14 @@ jobs:
|
||||
RESP=$(curl -sS --fail --max-time 30 \
|
||||
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
|
||||
-H "Accept: application/json" \
|
||||
"$GITHUB_SERVER_URL/api/v1/repos/$GITHUB_REPOSITORY/compare/$BASE...$HEAD")
|
||||
"$GITHUB_SERVER_URL/api/v1/repos/$GITHUB_REPOSITORY/compare/$BASE...$HEAD") || {
|
||||
# If Gitea's Compare API is slow/unavailable, choose the conservative
|
||||
# behavior: run the harness instead of failing the detector and polluting
|
||||
# main with a red non-gate context.
|
||||
echo "run=true" >> "$GITHUB_OUTPUT"
|
||||
echo "debug=compare-api-unavailable base=$BASE head=$HEAD" >> "$GITHUB_OUTPUT"
|
||||
exit 0
|
||||
}
|
||||
DIFF_FILES=$(echo "$RESP" | bash .gitea/scripts/compare-api-diff-files.py 2>/dev/null || true)
|
||||
|
||||
echo "debug=diff-base=$BASE diff-files=$DIFF_FILES" >> "$GITHUB_OUTPUT"
|
||||
@ -150,6 +158,7 @@ jobs:
|
||||
# matches e2e-api.yml — see that workflow's comment for why a
|
||||
# job-level `if: false` would block branch protection via the
|
||||
# SKIPPED-in-set bug.
|
||||
# bp-exempt: path-filtered replay suite; CI / all-required is the branch-protection aggregate.
|
||||
harness-replays:
|
||||
needs: detect-changes
|
||||
name: Harness Replays
|
||||
|
||||
@ -89,6 +89,7 @@ concurrency:
|
||||
cancel-in-progress: true
|
||||
|
||||
jobs:
|
||||
# bp-exempt: meta-lint for masked jobs; tracked separately until masks are burned down.
|
||||
lint:
|
||||
name: lint-continue-on-error-tracking
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
@ -84,6 +84,7 @@ concurrency:
|
||||
cancel-in-progress: true
|
||||
|
||||
jobs:
|
||||
# bp-exempt: meta-lint advisory during mask burn-down; CI / all-required gates merges.
|
||||
scan:
|
||||
name: lint-mask-pr-atomicity
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
@ -69,6 +69,7 @@ concurrency:
|
||||
cancel-in-progress: true
|
||||
|
||||
jobs:
|
||||
# bp-exempt: meta-lint advisory; CI / all-required is the required aggregate.
|
||||
lint:
|
||||
name: lint-required-no-paths
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
@ -46,6 +46,7 @@ env:
|
||||
GITHUB_SERVER_URL: https://git.moleculesai.app
|
||||
|
||||
jobs:
|
||||
# bp-exempt: post-merge image publication side effect; CI / all-required gates source changes.
|
||||
build-and-push:
|
||||
name: Build & push canvas image
|
||||
# REVERTED (infra/revert-docker-runner-label): `runs-on: ubuntu-latest` restored.
|
||||
|
||||
@ -53,6 +53,7 @@ jobs:
|
||||
# Operational failures (PyPI unreachable, missing DISPATCH_TOKEN) are
|
||||
# surfaced via continue-on-error: true rather than blocking the merge.
|
||||
# The actual bump work happens on the main/staging push after merge.
|
||||
# bp-exempt: advisory validation for runtime publication; not a branch-protection gate.
|
||||
pr-validate:
|
||||
runs-on: ubuntu-latest
|
||||
# mc#774: pre-existing continue-on-error mask; root-fix and remove, do not renew silently.
|
||||
@ -79,6 +80,7 @@ jobs:
|
||||
# Actual bump-and-tag: runs on main/staging pushes, posts real success/failure.
|
||||
# No continue-on-error — operational failures here trip the main-red
|
||||
# watchdog, which is the desired signal for infrastructure degradation.
|
||||
# bp-exempt: post-merge tag publication side effect; CI / all-required gates source changes.
|
||||
bump-and-tag:
|
||||
runs-on: ubuntu-latest
|
||||
# Only fire on push events (main/staging after PR merge). Pull_request
|
||||
|
||||
@ -93,6 +93,7 @@ permissions:
|
||||
pull-requests: read
|
||||
|
||||
jobs:
|
||||
# bp-exempt: PR review bot signal; required merge state is enforced by CI / all-required.
|
||||
approved:
|
||||
# Gate the job:
|
||||
# - On pull_request_target events: always run.
|
||||
|
||||
@ -73,6 +73,7 @@ env:
|
||||
GITHUB_SERVER_URL: https://git.moleculesai.app
|
||||
|
||||
jobs:
|
||||
# bp-exempt: post-merge staging redeploy side effect; CI / all-required gates source changes.
|
||||
redeploy:
|
||||
runs-on: ubuntu-latest
|
||||
# Phase 3 (RFC #219 §1): surface broken workflows without blocking.
|
||||
|
||||
@ -41,6 +41,7 @@ concurrency:
|
||||
cancel-in-progress: true
|
||||
|
||||
jobs:
|
||||
# bp-exempt: review tooling regression suite; CI / all-required is the required aggregate.
|
||||
test:
|
||||
name: review-check.sh regression tests
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
@ -20,6 +20,7 @@ permissions:
|
||||
pull-requests: read
|
||||
|
||||
jobs:
|
||||
# bp-exempt: PR security review bot signal; required merge state is enforced by CI / all-required.
|
||||
approved:
|
||||
# See qa-review.yml header for full A1-α / A1.1 (v1.3 — informational
|
||||
# log only, NOT a gate) / A4 / A5 design rationale.
|
||||
|
||||
@ -82,6 +82,7 @@ env:
|
||||
GITHUB_SERVER_URL: https://git.moleculesai.app
|
||||
|
||||
jobs:
|
||||
# bp-exempt: post-merge staging verification side effect; CI / all-required gates merges.
|
||||
staging-smoke:
|
||||
runs-on: ubuntu-latest
|
||||
# Phase 3 (RFC #219 §1): surface broken workflows without blocking.
|
||||
@ -190,6 +191,7 @@ jobs:
|
||||
echo "assertions in the staging-smoke step log above."
|
||||
} >> "$GITHUB_STEP_SUMMARY"
|
||||
|
||||
# bp-exempt: post-merge image promotion side effect; staging-smoke controls promotion.
|
||||
promote-to-latest:
|
||||
# On green, calls the CP redeploy-fleet endpoint with target_tag=
|
||||
# staging-<sha> to promote the verified ECR image. This is the same
|
||||
|
||||
Loading…
Reference in New Issue
Block a user