ci(rust): add validation workflow

ProfRandom92 · ProfRandom92 · commit 737e65410a8e · 2026-06-03T14:30:41.000+02:00
diff --git a/.github/workflows/rust-validation.yml b/.github/workflows/rust-validation.yml
@@ -0,0 +1,39 @@
+name: Rust Validation CI
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+permissions:
+  contents: read
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Rust toolchain
+        uses: dtolnay/rust-toolchain@stable
+        with:
+          components: rustfmt, clippy
+
+      - name: Cargo Format Check
+        run: cargo fmt --all --check
+        working-directory: agy7rust
+
+      - name: Cargo Check
+        run: cargo check
+        working-directory: agy7rust
+
+      - name: Cargo Test
+        run: cargo test
+        working-directory: agy7rust
+
+      - name: Cargo Clippy
+        run: cargo clippy -- -D warnings
+        working-directory: agy7rust
diff --git a/CI_RUST_VALIDATION_SNAPSHOT.md b/CI_RUST_VALIDATION_SNAPSHOT.md
@@ -0,0 +1,31 @@
+# CI Rust Validation Snapshot Report
+
+## 1. CI Workflow Configuration
+- **File Path:** `.github/workflows/rust-validation.yml`
+- **Triggers:** Push and pull request to the `main` branch.
+- **Environment:** Run on `ubuntu-latest`.
+- **Permissions:** `contents: read` to ensure read-only workspace access.
+
+## 2. Command Pipeline
+The CI job executes the standard Rust validation suite offline under the `agy7rust` workspace:
+1. `cargo fmt --all --check`
+2. `cargo check`
+3. `cargo test`
+4. `cargo clippy -- -D warnings`
+
+## 3. Scope and File Audit
+- **Files Created:**
+  - `.github/workflows/rust-validation.yml`
+  - `CI_RUST_VALIDATION_SNAPSHOT.md`
+- **Verification Note:** `POST_PUSH_GITHUB_VERIFICATION.md` was previously created for manual validation checks and is intentionally excluded from the staging target of this CI phase changes.
+
+## 4. Local Validation and Commit Assertions
+- CI is configured to run the Rust validation checklist on GitHub-hosted runners.
+- Local project validation remains the source of truth until CI has executed successfully on GitHub.
+
+## 5. Non-Claims
+- **CI Safety Guarantee:** CI ensures compilation and lint compliance but does not declare the software to be 100% bug-free or immune to runtime errors.
+- **Workflow Scope:** Runs checks only; does not build docker images, deploy code, or execute external webhooks.
+
+## 6. Risks
+- No blocking risks found in the validated scope.
