feat(inspect+dogfood): broader inspect --json + canonical bundle lock-down #306
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| # Keep this workflow hand-curated. `mise generate github-action` is useful as a | |
| # starting point, but this checked-in file is the maintained source of truth so | |
| # repo-specific triggers, deterministic bootstrap, and step-level logs stay | |
| # explicit. | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| merge_group: | |
| push: | |
| branches: | |
| - main | |
| concurrency: | |
| group: ci-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| linux-static: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 20 | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| with: | |
| persist-credentials: false | |
| - name: Set up mise | |
| uses: jdx/mise-action@5228313ee0372e111a38da051671ca30fc5a96db # v3.6.3 | |
| with: | |
| install_args: --locked | |
| - name: Install CI dependencies | |
| run: mise run bootstrap-ci | |
| - name: Install Playwright Chromium | |
| run: npx playwright install chromium | |
| - name: Check formatting | |
| run: mise run format-check | |
| - name: Workflow lint | |
| run: mise run workflow-lint | |
| - name: Lint | |
| run: mise run lint | |
| - name: Typecheck | |
| run: mise run typecheck | |
| - name: Validate canonical proof bundles | |
| run: mise run validate-bundles | |
| - name: Build | |
| run: mise run build | |
| - name: Packaging smoke | |
| run: mise run install-smoke | |
| test-unit: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| with: | |
| persist-credentials: false | |
| - name: Set up mise | |
| uses: jdx/mise-action@5228313ee0372e111a38da051671ca30fc5a96db # v3.6.3 | |
| with: | |
| install_args: --locked | |
| - name: Install CI dependencies | |
| run: mise run bootstrap-ci | |
| - name: Install Playwright Chromium | |
| run: npx playwright install chromium | |
| - name: Test unit | |
| run: mise run test-unit | |
| test-integration: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 20 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| shard: [1/4, 2/4, 3/4, 4/4] | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| with: | |
| persist-credentials: false | |
| - name: Set up mise | |
| uses: jdx/mise-action@5228313ee0372e111a38da051671ca30fc5a96db # v3.6.3 | |
| with: | |
| install_args: --locked | |
| - name: Install CI dependencies | |
| run: mise run bootstrap-ci | |
| - name: Install Playwright Chromium | |
| run: npx playwright install chromium | |
| - name: Test integration shard | |
| run: npm run test:integration -- --shard=${{ matrix.shard }} | |
| test-e2e: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 20 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| shard: [1/3, 2/3, 3/3] | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| with: | |
| persist-credentials: false | |
| - name: Set up mise | |
| uses: jdx/mise-action@5228313ee0372e111a38da051671ca30fc5a96db # v3.6.3 | |
| with: | |
| install_args: --locked | |
| - name: Install CI dependencies | |
| run: mise run bootstrap-ci | |
| - name: Install Playwright Chromium | |
| run: npx playwright install chromium | |
| - name: Test e2e shard | |
| run: npm run test:e2e -- --shard=${{ matrix.shard }} | |
| quality-gates: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| needs: | |
| - linux-static | |
| - test-unit | |
| - test-integration | |
| - test-e2e | |
| if: ${{ always() }} | |
| steps: | |
| - name: Report Linux quality gate results | |
| run: | | |
| echo "linux-static: ${{ needs.linux-static.result }}" | |
| echo "test-unit: ${{ needs.test-unit.result }}" | |
| echo "test-integration: ${{ needs.test-integration.result }}" | |
| echo "test-e2e: ${{ needs.test-e2e.result }}" | |
| - name: Fail if any Linux quality gate failed | |
| if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') || contains(needs.*.result, 'skipped') }} | |
| run: exit 1 | |
| # macOS compilation and static-analysis counterpart to the Ubuntu quality | |
| # gates above. Tests are excluded because the macOS GitHub Actions runner | |
| # has pre-existing issues with PTY spawning and Unix domain sockets that | |
| # cause integration/e2e test failures. The full test suite runs on Linux; | |
| # macOS validates that the code compiles and passes static checks. | |
| quality-gates-macos: | |
| runs-on: macos-latest | |
| timeout-minutes: 20 | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| with: | |
| persist-credentials: false | |
| - name: Set up mise | |
| uses: jdx/mise-action@5228313ee0372e111a38da051671ca30fc5a96db # v3.6.3 | |
| with: | |
| # The macOS job does not run workflow linting or Communique, so avoid | |
| # installing release-only tools. It still needs aube for bootstrap-ci. | |
| install_args: --locked node python aube | |
| - name: Install CI dependencies | |
| run: mise run bootstrap-ci | |
| - name: Check formatting | |
| run: mise run format-check | |
| - name: Lint | |
| run: mise run lint | |
| - name: Typecheck | |
| run: mise run typecheck | |
| - name: Build | |
| run: mise run build |