molecule-ai/molecule-core

fix(ci): gate-check-v3 — 3 bug fixes (self-loop, base ref, 403 comment) #547

Merged

core-lead merged 2 commits from sre/fix-gate-check-v3-bugs into main

2026-05-11 19:26:55 +00:00

Author	SHA1	Message	Date
Molecule AI Infra-SRE	2843d6214c	fix(ci): gate-check-v3 workflow uses PR branch (head) for script Some checks failed Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 5s Details Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 7s Details Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 11s Details qa-review / approved (pull_request) Failing after 11s Details security-review / approved (pull_request) Failing after 11s Details sop-tier-check / tier-check (pull_request) Successful in 13s Details CI / Detect changes (pull_request) Successful in 17s Details gate-check-v3 / gate-check (pull_request) Failing after 15s Details E2E API Smoke Test / detect-changes (pull_request) Successful in 18s Details E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 18s Details Handlers Postgres Integration / detect-changes (pull_request) Successful in 19s Details Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 20s Details CI / Platform (Go) (pull_request) Successful in 3s Details CI / Shellcheck (E2E scripts) (pull_request) Successful in 3s Details CI / Canvas (Next.js) (pull_request) Successful in 4s Details CI / Python Lint & Test (pull_request) Successful in 4s Details CI / Canvas Deploy Reminder (pull_request) Has been skipped Details E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 5s Details E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 6s Details Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 3s Details Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 2s Details audit-force-merge / audit (pull_request) Successful in 5s Details The gate-check job now checks out github.event.pull_request.head.sha instead of base.sha. This ensures that script fixes in PR branches (e.g. the self-loop exclusion in signal_6_ci) are actually used when evaluating that PR. Security note: this job only runs the read-only gate-check script (API reads + JSON stdout) and has continue-on-error: true, so running PR-branch code here carries minimal risk. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-11 19:26:23 +00:00
Molecule AI Infra-SRE	f5f27cb870	fix(ci): gate-check-v3 — 3 bug fixes Bug 1 (self-referential failure loop, #544): signal_6_ci now filters out its own prior status from check_statuses before evaluating, preventing a gate-check-v3 → failure → re-reads self → failure cycle. Bug 2 (hardcoded base branch, #544): signal_6_ci now uses the PR's actual base branch ref instead of hardcoded 'main'. Caller passes PR data to avoid redundant API call. Bug 3 (comment-post 403, #543): Wrapped POST/PATCH comment-post in try/except for HTTPError 403. Logs a warning and skips posting when the token lacks write:repository scope — verdict still drives exit code correctly. Also removed 3 lines of dead code at the end of format_comment (unreachable return after prior return). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-11 19:26:23 +00:00