diff --git a/.github/actionlint.yaml b/.github/actionlint.yaml index b3d28233c..61f827acc 100644 --- a/.github/actionlint.yaml +++ b/.github/actionlint.yaml @@ -4,3 +4,5 @@ self-hosted-runner: - X64 - racknerd - aws-india + - blacksmith-2vcpu-ubuntu-2404 + - hetzner diff --git a/.github/workflows/ci-canary-gate.yml b/.github/workflows/ci-canary-gate.yml index 40fd2a0d8..3b1995367 100644 --- a/.github/workflows/ci-canary-gate.yml +++ b/.github/workflows/ci-canary-gate.yml @@ -89,7 +89,7 @@ env: jobs: canary-plan: name: Canary Plan - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 20 outputs: mode: ${{ steps.inputs.outputs.mode }} @@ -238,7 +238,7 @@ jobs: name: Canary Execute needs: [canary-plan] if: github.event_name == 'workflow_dispatch' && needs.canary-plan.outputs.mode == 'execute' && needs.canary-plan.outputs.ready_to_execute == 'true' - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 10 permissions: contents: write diff --git a/.github/workflows/ci-change-audit.yml b/.github/workflows/ci-change-audit.yml index 9f09538e5..3fc87ce50 100644 --- a/.github/workflows/ci-change-audit.yml +++ b/.github/workflows/ci-change-audit.yml @@ -50,7 +50,7 @@ env: jobs: audit: name: CI Change Audit - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 15 steps: - name: Checkout diff --git a/.github/workflows/ci-provider-connectivity.yml b/.github/workflows/ci-provider-connectivity.yml index 3008f86b2..701f923b3 100644 --- a/.github/workflows/ci-provider-connectivity.yml +++ b/.github/workflows/ci-provider-connectivity.yml @@ -39,7 +39,7 @@ env: jobs: probe: name: Provider Connectivity Probe - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 20 steps: - name: Checkout diff --git a/.github/workflows/ci-queue-hygiene.yml b/.github/workflows/ci-queue-hygiene.yml index 327d9ef3f..3adecd8bb 100644 --- a/.github/workflows/ci-queue-hygiene.yml +++ b/.github/workflows/ci-queue-hygiene.yml @@ -42,7 +42,7 @@ env: jobs: hygiene: name: Queue Hygiene - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 15 steps: - name: Checkout diff --git a/.github/workflows/ci-reproducible-build.yml b/.github/workflows/ci-reproducible-build.yml index b59ee376d..358fea637 100644 --- a/.github/workflows/ci-reproducible-build.yml +++ b/.github/workflows/ci-reproducible-build.yml @@ -58,7 +58,7 @@ env: jobs: reproducibility: name: Reproducible Build Probe - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 75 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo diff --git a/.github/workflows/ci-rollback.yml b/.github/workflows/ci-rollback.yml index 6af371bf1..a96721440 100644 --- a/.github/workflows/ci-rollback.yml +++ b/.github/workflows/ci-rollback.yml @@ -64,7 +64,7 @@ env: jobs: rollback-plan: name: Rollback Guard Plan - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 20 outputs: branch: ${{ steps.plan.outputs.branch }} @@ -189,7 +189,7 @@ jobs: name: Rollback Execute Actions needs: [rollback-plan] if: github.event_name == 'workflow_dispatch' && needs.rollback-plan.outputs.mode == 'execute' && needs.rollback-plan.outputs.ready_to_execute == 'true' - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 15 permissions: contents: write diff --git a/.github/workflows/ci-run.yml b/.github/workflows/ci-run.yml index 93ad81ff0..3f5990f50 100644 --- a/.github/workflows/ci-run.yml +++ b/.github/workflows/ci-run.yml @@ -24,7 +24,7 @@ env: jobs: changes: name: Detect Change Scope - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] outputs: docs_only: ${{ steps.scope.outputs.docs_only }} docs_changed: ${{ steps.scope.outputs.docs_changed }} @@ -50,7 +50,7 @@ jobs: name: Lint Gate (Format + Clippy + Strict Delta) needs: [changes] if: needs.changes.outputs.rust_changed == 'true' - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 75 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo @@ -90,7 +90,7 @@ jobs: name: Workspace Check needs: [changes] if: needs.changes.outputs.rust_changed == 'true' - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 45 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 @@ -111,7 +111,7 @@ jobs: name: Package Check (${{ matrix.package }}) needs: [changes] if: needs.changes.outputs.rust_changed == 'true' - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 25 strategy: fail-fast: false @@ -136,7 +136,7 @@ jobs: name: Test needs: [changes] if: needs.changes.outputs.rust_changed == 'true' - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 120 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo @@ -215,7 +215,7 @@ jobs: name: Build (Smoke) needs: [changes] if: needs.changes.outputs.rust_changed == 'true' - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 90 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo @@ -259,7 +259,7 @@ jobs: name: Docs-Only Fast Path needs: [changes] if: needs.changes.outputs.docs_only == 'true' - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] steps: - name: Skip heavy jobs for docs-only change run: echo "Docs-only change detected. Rust lint/test/build skipped." @@ -268,7 +268,7 @@ jobs: name: Non-Rust Fast Path needs: [changes] if: needs.changes.outputs.docs_only != 'true' && needs.changes.outputs.rust_changed != 'true' - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] steps: - name: Skip Rust jobs for non-Rust change scope run: echo "No Rust-impacting files changed. Rust lint/test/build skipped." @@ -277,7 +277,7 @@ jobs: name: Docs Quality needs: [changes] if: needs.changes.outputs.docs_changed == 'true' - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 15 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 @@ -336,7 +336,7 @@ jobs: name: Lint Feedback if: github.event_name == 'pull_request' needs: [changes, lint, docs-quality] - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] permissions: contents: read pull-requests: write @@ -362,7 +362,7 @@ jobs: name: License File Owner Guard needs: [changes] if: github.event_name == 'pull_request' - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] permissions: contents: read pull-requests: read @@ -380,7 +380,7 @@ jobs: name: CI Required Gate if: always() needs: [changes, lint, workspace-check, package-check, test, build, docs-only, non-rust, docs-quality, lint-feedback, license-file-owner-guard] - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] steps: - name: Enforce required status shell: bash diff --git a/.github/workflows/ci-supply-chain-provenance.yml b/.github/workflows/ci-supply-chain-provenance.yml index 58e94c6c1..d7d85c377 100644 --- a/.github/workflows/ci-supply-chain-provenance.yml +++ b/.github/workflows/ci-supply-chain-provenance.yml @@ -32,7 +32,7 @@ env: jobs: provenance: name: Build + Provenance Bundle - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 60 steps: - name: Checkout diff --git a/.github/workflows/deploy-web.yml b/.github/workflows/deploy-web.yml index 383c6cd00..03e865549 100644 --- a/.github/workflows/deploy-web.yml +++ b/.github/workflows/deploy-web.yml @@ -18,7 +18,7 @@ concurrency: jobs: build: - runs-on: ubuntu-latest + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] steps: - name: Checkout uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 @@ -48,7 +48,7 @@ jobs: environment: name: github-pages url: ${{ steps.deployment.outputs.page_url }} - runs-on: ubuntu-latest + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] needs: build steps: - name: Deploy to GitHub Pages diff --git a/.github/workflows/docs-deploy.yml b/.github/workflows/docs-deploy.yml index 6ea5e254a..470df4a6c 100644 --- a/.github/workflows/docs-deploy.yml +++ b/.github/workflows/docs-deploy.yml @@ -56,7 +56,7 @@ env: jobs: docs-quality: name: Docs Quality Gate - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 20 outputs: docs_files: ${{ steps.scope.outputs.docs_files }} @@ -213,7 +213,7 @@ jobs: name: Docs Preview Artifact needs: [docs-quality] if: github.event_name == 'pull_request' || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_target == 'preview') - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 15 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 @@ -247,7 +247,7 @@ jobs: name: Deploy Docs to GitHub Pages needs: [docs-quality] if: needs.docs-quality.outputs.deploy_target == 'production' && needs.docs-quality.outputs.ready_to_deploy == 'true' - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 20 permissions: contents: read diff --git a/.github/workflows/feature-matrix.yml b/.github/workflows/feature-matrix.yml index b3221c8f6..119a85870 100644 --- a/.github/workflows/feature-matrix.yml +++ b/.github/workflows/feature-matrix.yml @@ -51,7 +51,7 @@ env: jobs: resolve-profile: name: Resolve Matrix Profile - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] outputs: profile: ${{ steps.resolve.outputs.profile }} lane_job_prefix: ${{ steps.resolve.outputs.lane_job_prefix }} @@ -127,7 +127,7 @@ jobs: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'ci:full') || contains(github.event.pull_request.labels.*.name, 'ci:feature-matrix') - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: ${{ fromJSON(needs.resolve-profile.outputs.lane_timeout_minutes) }} strategy: fail-fast: false @@ -278,7 +278,7 @@ jobs: name: ${{ needs.resolve-profile.outputs.summary_job_name }} needs: [resolve-profile, feature-check] if: always() - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 diff --git a/.github/workflows/nightly-all-features.yml b/.github/workflows/nightly-all-features.yml index 12156fb38..07a7eed45 100644 --- a/.github/workflows/nightly-all-features.yml +++ b/.github/workflows/nightly-all-features.yml @@ -27,7 +27,7 @@ env: jobs: nightly-lanes: name: Nightly Lane (${{ matrix.name }}) - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 70 strategy: fail-fast: false @@ -137,7 +137,7 @@ jobs: name: Nightly Summary & Routing needs: [nightly-lanes] if: always() - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 diff --git a/.github/workflows/pages-deploy.yml b/.github/workflows/pages-deploy.yml index eeff0b9d8..34fca0b01 100644 --- a/.github/workflows/pages-deploy.yml +++ b/.github/workflows/pages-deploy.yml @@ -22,7 +22,7 @@ concurrency: jobs: build: - runs-on: ubuntu-latest + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] steps: - name: Checkout @@ -53,7 +53,7 @@ jobs: deploy: needs: build - runs-on: ubuntu-latest + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] environment: name: github-pages url: ${{ steps.deployment.outputs.page_url }} diff --git a/.github/workflows/pr-auto-response.yml b/.github/workflows/pr-auto-response.yml index 96bcc2e4b..fc8d57924 100644 --- a/.github/workflows/pr-auto-response.yml +++ b/.github/workflows/pr-auto-response.yml @@ -27,7 +27,7 @@ jobs: if: >- (github.event_name == 'issues' && (github.event.action == 'opened' || github.event.action == 'reopened')) - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] permissions: contents: read issues: write @@ -46,7 +46,7 @@ jobs: await script({ github, context, core }); first-interaction: if: github.event.action == 'opened' - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] permissions: issues: write pull-requests: write @@ -77,7 +77,7 @@ jobs: labeled-routes: if: github.event.action == 'labeled' - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] permissions: contents: read issues: write diff --git a/.github/workflows/pr-check-stale.yml b/.github/workflows/pr-check-stale.yml index bb166e1e1..767208893 100644 --- a/.github/workflows/pr-check-stale.yml +++ b/.github/workflows/pr-check-stale.yml @@ -17,7 +17,7 @@ jobs: permissions: issues: write pull-requests: write - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 10 steps: - name: Mark stale issues and pull requests diff --git a/.github/workflows/pr-check-status.yml b/.github/workflows/pr-check-status.yml index bdd1ab04a..c93974c22 100644 --- a/.github/workflows/pr-check-status.yml +++ b/.github/workflows/pr-check-status.yml @@ -18,7 +18,7 @@ env: jobs: nudge-stale-prs: - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 10 permissions: contents: read diff --git a/.github/workflows/pr-intake-checks.yml b/.github/workflows/pr-intake-checks.yml index 66a8bbe66..0b0e8d05b 100644 --- a/.github/workflows/pr-intake-checks.yml +++ b/.github/workflows/pr-intake-checks.yml @@ -23,7 +23,7 @@ env: jobs: intake: name: Intake Checks - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 10 steps: - name: Checkout repository diff --git a/.github/workflows/pr-label-policy-check.yml b/.github/workflows/pr-label-policy-check.yml index 5da237e17..3a57c62ab 100644 --- a/.github/workflows/pr-label-policy-check.yml +++ b/.github/workflows/pr-label-policy-check.yml @@ -28,7 +28,7 @@ env: jobs: contributor-tier-consistency: - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 10 steps: - name: Checkout diff --git a/.github/workflows/pr-labeler.yml b/.github/workflows/pr-labeler.yml index acc8364cc..dc6907aed 100644 --- a/.github/workflows/pr-labeler.yml +++ b/.github/workflows/pr-labeler.yml @@ -32,7 +32,7 @@ env: jobs: label: - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] steps: - name: Checkout repository uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 diff --git a/.github/workflows/pub-docker-img.yml b/.github/workflows/pub-docker-img.yml index 47f296f98..094218275 100644 --- a/.github/workflows/pub-docker-img.yml +++ b/.github/workflows/pub-docker-img.yml @@ -33,7 +33,7 @@ jobs: pr-smoke: name: PR Docker Smoke if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository) - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 25 permissions: contents: read @@ -73,7 +73,7 @@ jobs: publish: name: Build and Push Docker Image if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') && github.repository == 'zeroclaw-labs/zeroclaw' - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 45 permissions: contents: read diff --git a/.github/workflows/pub-prerelease.yml b/.github/workflows/pub-prerelease.yml index e68671aaa..e56ab170f 100644 --- a/.github/workflows/pub-prerelease.yml +++ b/.github/workflows/pub-prerelease.yml @@ -43,7 +43,7 @@ env: jobs: prerelease-guard: name: Pre-release Guard - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 20 outputs: release_tag: ${{ steps.vars.outputs.release_tag }} @@ -177,7 +177,7 @@ jobs: needs: [prerelease-guard] # Keep GNU Linux prerelease artifacts on Ubuntu 22.04 so runtime GLIBC # symbols remain compatible with Debian 12 / Ubuntu 22.04 hosts. - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 45 steps: - name: Checkout tag @@ -239,7 +239,7 @@ jobs: name: Publish GitHub Pre-release needs: [prerelease-guard, build-prerelease] if: needs.prerelease-guard.outputs.ready_to_publish == 'true' - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 15 steps: - name: Download prerelease artifacts diff --git a/.github/workflows/pub-release.yml b/.github/workflows/pub-release.yml index fe92edc8a..a0f3b8a8d 100644 --- a/.github/workflows/pub-release.yml +++ b/.github/workflows/pub-release.yml @@ -47,7 +47,7 @@ env: jobs: prepare: name: Prepare Release Context - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] outputs: release_ref: ${{ steps.vars.outputs.release_ref }} release_tag: ${{ steps.vars.outputs.release_tag }} @@ -170,14 +170,14 @@ jobs: include: # Keep GNU Linux release artifacts on Ubuntu 22.04 to preserve # a broadly compatible GLIBC baseline for user distributions. - - os: ubuntu-22.04 + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] target: x86_64-unknown-linux-gnu artifact: zeroclaw archive_ext: tar.gz cross_compiler: "" linker_env: "" linker: "" - - os: self-hosted + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] target: x86_64-unknown-linux-musl artifact: zeroclaw archive_ext: tar.gz @@ -185,14 +185,14 @@ jobs: linker_env: "" linker: "" use_cross: true - - os: ubuntu-22.04 + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] target: aarch64-unknown-linux-gnu artifact: zeroclaw archive_ext: tar.gz cross_compiler: gcc-aarch64-linux-gnu linker_env: CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER linker: aarch64-linux-gnu-gcc - - os: self-hosted + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] target: aarch64-unknown-linux-musl artifact: zeroclaw archive_ext: tar.gz @@ -200,14 +200,14 @@ jobs: linker_env: "" linker: "" use_cross: true - - os: ubuntu-22.04 + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] target: armv7-unknown-linux-gnueabihf artifact: zeroclaw archive_ext: tar.gz cross_compiler: gcc-arm-linux-gnueabihf linker_env: CARGO_TARGET_ARMV7_UNKNOWN_LINUX_GNUEABIHF_LINKER linker: arm-linux-gnueabihf-gcc - - os: self-hosted + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] target: armv7-linux-androideabi artifact: zeroclaw archive_ext: tar.gz @@ -216,7 +216,7 @@ jobs: linker: "" android_ndk: true android_api: 21 - - os: self-hosted + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] target: aarch64-linux-android artifact: zeroclaw archive_ext: tar.gz @@ -225,7 +225,7 @@ jobs: linker: "" android_ndk: true android_api: 21 - - os: self-hosted + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] target: x86_64-unknown-freebsd artifact: zeroclaw archive_ext: tar.gz @@ -233,21 +233,21 @@ jobs: linker_env: "" linker: "" use_cross: true - - os: macos-15-intel + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] target: x86_64-apple-darwin artifact: zeroclaw archive_ext: tar.gz cross_compiler: "" linker_env: "" linker: "" - - os: macos-14 + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] target: aarch64-apple-darwin artifact: zeroclaw archive_ext: tar.gz cross_compiler: "" linker_env: "" linker: "" - - os: windows-latest + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] target: x86_64-pc-windows-msvc artifact: zeroclaw.exe archive_ext: zip @@ -386,7 +386,7 @@ jobs: verify-artifacts: name: Verify Artifact Set needs: [prepare, build-release] - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: @@ -447,7 +447,7 @@ jobs: name: Publish Release if: needs.prepare.outputs.publish_release == 'true' needs: [prepare, verify-artifacts] - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 45 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 diff --git a/.github/workflows/sec-audit.yml b/.github/workflows/sec-audit.yml index 975f8890c..1d51a8f48 100644 --- a/.github/workflows/sec-audit.yml +++ b/.github/workflows/sec-audit.yml @@ -72,7 +72,7 @@ env: jobs: audit: name: Security Audit - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 45 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo @@ -107,7 +107,7 @@ jobs: deny: name: License & Supply Chain - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 20 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo @@ -216,7 +216,7 @@ jobs: security-regressions: name: Security Regression Tests - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 30 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo @@ -251,7 +251,7 @@ jobs: secrets: name: Secrets Governance (Gitleaks) - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 20 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 @@ -446,7 +446,7 @@ jobs: sbom: name: SBOM Snapshot - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 20 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 @@ -511,7 +511,7 @@ jobs: unsafe-debt: name: Unsafe Debt Audit - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 20 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 @@ -655,7 +655,7 @@ jobs: name: Security Required Gate if: always() && (github.event_name == 'pull_request' || github.event_name == 'push' || github.event_name == 'merge_group') needs: [audit, deny, security-regressions, secrets, sbom, unsafe-debt] - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] steps: - name: Enforce security gate shell: bash diff --git a/.github/workflows/sec-codeql.yml b/.github/workflows/sec-codeql.yml index 92206d24e..378228b15 100644 --- a/.github/workflows/sec-codeql.yml +++ b/.github/workflows/sec-codeql.yml @@ -51,7 +51,7 @@ env: jobs: codeql: name: CodeQL Analysis - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 120 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo diff --git a/.github/workflows/sec-vorpal-reviewdog.yml b/.github/workflows/sec-vorpal-reviewdog.yml index 6b647eed4..618755038 100644 --- a/.github/workflows/sec-vorpal-reviewdog.yml +++ b/.github/workflows/sec-vorpal-reviewdog.yml @@ -91,7 +91,7 @@ env: jobs: vorpal: name: Vorpal Reviewdog Scan - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 20 steps: - name: Checkout diff --git a/.github/workflows/sync-contributors.yml b/.github/workflows/sync-contributors.yml index bdee8d4a6..3ed07cbcc 100644 --- a/.github/workflows/sync-contributors.yml +++ b/.github/workflows/sync-contributors.yml @@ -17,7 +17,7 @@ permissions: jobs: update-notice: name: Update NOTICE with new contributors - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 20 steps: - name: Checkout repository diff --git a/.github/workflows/test-benchmarks.yml b/.github/workflows/test-benchmarks.yml index 5fcd96db0..14588fd5a 100644 --- a/.github/workflows/test-benchmarks.yml +++ b/.github/workflows/test-benchmarks.yml @@ -22,7 +22,7 @@ env: jobs: benchmarks: name: Criterion Benchmarks - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 30 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 diff --git a/.github/workflows/test-e2e.yml b/.github/workflows/test-e2e.yml index 774c9f5c7..e94d5bc54 100644 --- a/.github/workflows/test-e2e.yml +++ b/.github/workflows/test-e2e.yml @@ -30,7 +30,7 @@ env: jobs: integration-tests: name: Integration / E2E Tests - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 30 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 diff --git a/.github/workflows/test-fuzz.yml b/.github/workflows/test-fuzz.yml index 8ed634a88..809672a36 100644 --- a/.github/workflows/test-fuzz.yml +++ b/.github/workflows/test-fuzz.yml @@ -27,7 +27,7 @@ env: jobs: fuzz: name: Fuzz (${{ matrix.target }}) - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 60 strategy: fail-fast: false diff --git a/.github/workflows/test-self-hosted.yml b/.github/workflows/test-self-hosted.yml index 3fd6f7e6e..8471d5f39 100644 --- a/.github/workflows/test-self-hosted.yml +++ b/.github/workflows/test-self-hosted.yml @@ -11,7 +11,7 @@ permissions: jobs: runner-health: name: Runner Health / self-hosted aws-india - runs-on: [self-hosted, aws-india] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 10 steps: - name: Check runner info diff --git a/.github/workflows/workflow-sanity.yml b/.github/workflows/workflow-sanity.yml index 3335f42e3..7b15c185a 100644 --- a/.github/workflows/workflow-sanity.yml +++ b/.github/workflows/workflow-sanity.yml @@ -28,7 +28,7 @@ env: jobs: no-tabs: - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 10 steps: - name: Normalize git global hooks config @@ -67,7 +67,7 @@ jobs: PY actionlint: - runs-on: ubuntu-22.04 + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] timeout-minutes: 10 steps: - name: Normalize git global hooks config