Hongming Wang c79cf1cfa9 ci: collapse two-jobs-sharing-name path-filter pattern in e2e-api/e2e-staging-canvas ... Branch protection treats matching-name check runs as a SET — any SKIPPED member fails the required-check eval, even with SUCCESS siblings. The two-jobs-sharing-name pattern (no-op + real-job) emits one SKIPPED + one SUCCESS check run per workflow run; with multiple runs at the same SHA (detect-changes triggers + auto-promote re-runs) the SET fills with SKIPPED entries that block branch protection. Verified live on PR #2264 (staging→main auto-promote): mergeStateStatus stayed BLOCKED for 18+ hours despite APPROVED + MERGEABLE + all gates green at the workflow level. `gh pr merge` returned "base branch policy prohibits the merge"; `enqueuePullRequest` returned "No merge queue found for branch 'main'". The check-runs API showed `E2E API Smoke Test` and `Canvas tabs E2E` each had 2 SKIPPED + 2 SUCCESS at head SHA 66142c1e. Fix: collapse no-op + real-job into ONE job with no job-level `if:`, gating real work via per-step `if: needs.detect-changes.outputs.X == 'true'`. The job always runs and emits exactly one SUCCESS check run under the required-check name regardless of paths-filter outcome — branch-protection-clean. Same pattern as ci.yml's earlier conversion of Canvas/Platform/Python/ Shellcheck (PR #2322). Closes the parity-fix that should have been applied to all four path-filtered required checks at once.		2026-04-29 17:29:44 -07:00
..
scripts	feat(ci): SECRET_PATTERNS drift lint across known consumers	2026-04-28 15:29:09 -07:00
workflows	ci: collapse two-jobs-sharing-name path-filter pattern in e2e-api/e2e-staging-canvas	2026-04-29 17:29:44 -07:00
CODEOWNERS	chore: add CODEOWNERS to auto-route agent PRs to personal review account	2026-04-26 13:40:13 -07:00
dependabot.yml	chore(security): pin Actions to SHAs + enable Dependabot auto-bumps	2026-04-28 15:37:06 -07:00