From 2dba3b5e57cc9257df4d8f8176d764c55e3520d5 Mon Sep 17 00:00:00 2001 From: argenis de la rosa Date: Thu, 5 Mar 2026 02:17:32 -0500 Subject: [PATCH] chore: remove Linear and Hetzner integrations (replay #2809) --- .github/actionlint.yaml | 1 - .github/pull_request_template.md | 2 -- .github/workflows/ci-canary-gate.yml | 4 ++-- .../workflows/ci-post-release-validation.yml | 2 +- .../workflows/ci-provider-connectivity.yml | 2 +- .github/workflows/ci-reproducible-build.yml | 2 +- .github/workflows/ci-rollback.yml | 4 ++-- .github/workflows/ci-run.yml | 10 ++++----- .../workflows/ci-supply-chain-provenance.yml | 2 +- .github/workflows/deploy-web.yml | 4 ++-- .github/workflows/docs-deploy.yml | 6 ++--- .github/workflows/feature-matrix.yml | 6 ++--- .github/workflows/main-branch-flow.md | 1 - .github/workflows/nightly-all-features.yml | 4 ++-- .github/workflows/pages-deploy.yml | 4 ++-- .github/workflows/pub-docker-img.yml | 4 ++-- .github/workflows/pub-prerelease.yml | 6 ++--- .github/workflows/pub-release.yml | 22 +++++++++---------- .github/workflows/release-build.yml | 2 +- .github/workflows/scripts/pr_intake_checks.js | 13 +---------- .github/workflows/sec-audit.yml | 6 ++--- .github/workflows/sec-vorpal-reviewdog.yml | 2 +- .github/workflows/test-benchmarks.yml | 2 +- .github/workflows/test-e2e.yml | 2 +- .github/workflows/test-fuzz.yml | 2 +- .github/workflows/test-self-hosted.yml | 2 +- docs/ci-blacksmith.md | 2 +- docs/ci-map.md | 1 - docs/i18n/vi/ci-map.md | 1 - docs/operations/feature-matrix-runbook.md | 2 +- src/integrations/registry.rs | 6 ----- tests/memory_comparison.rs | 2 +- 32 files changed, 54 insertions(+), 77 deletions(-) diff --git a/.github/actionlint.yaml b/.github/actionlint.yaml index ce7812d95..6b33ecc19 100644 --- a/.github/actionlint.yaml +++ b/.github/actionlint.yaml @@ -9,4 +9,3 @@ self-hosted-runner: - codeql - codeql-general - blacksmith-2vcpu-ubuntu-2404 - - hetzner diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 084f2bf1a..81be389cd 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -28,8 +28,6 @@ Describe this PR in 2-5 bullets: - Related # - Depends on # (if stacked) - Supersedes # (if replacing older PR) -- Linear issue key(s) (required, e.g. `RMN-123`): -- Linear issue URL(s): ## Supersede Attribution (required when `Supersedes #` is used) diff --git a/.github/workflows/ci-canary-gate.yml b/.github/workflows/ci-canary-gate.yml index 3b1995367..e4bad3589 100644 --- a/.github/workflows/ci-canary-gate.yml +++ b/.github/workflows/ci-canary-gate.yml @@ -89,7 +89,7 @@ env: jobs: canary-plan: name: Canary Plan - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 20 outputs: mode: ${{ steps.inputs.outputs.mode }} @@ -238,7 +238,7 @@ jobs: name: Canary Execute needs: [canary-plan] if: github.event_name == 'workflow_dispatch' && needs.canary-plan.outputs.mode == 'execute' && needs.canary-plan.outputs.ready_to_execute == 'true' - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 10 permissions: contents: write diff --git a/.github/workflows/ci-post-release-validation.yml b/.github/workflows/ci-post-release-validation.yml index f9a737744..0d3b50260 100644 --- a/.github/workflows/ci-post-release-validation.yml +++ b/.github/workflows/ci-post-release-validation.yml @@ -11,7 +11,7 @@ permissions: jobs: validate: name: Validate Published Release - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 15 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 diff --git a/.github/workflows/ci-provider-connectivity.yml b/.github/workflows/ci-provider-connectivity.yml index 701f923b3..bde9c39b5 100644 --- a/.github/workflows/ci-provider-connectivity.yml +++ b/.github/workflows/ci-provider-connectivity.yml @@ -39,7 +39,7 @@ env: jobs: probe: name: Provider Connectivity Probe - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 20 steps: - name: Checkout diff --git a/.github/workflows/ci-reproducible-build.yml b/.github/workflows/ci-reproducible-build.yml index 358fea637..d6612c5c0 100644 --- a/.github/workflows/ci-reproducible-build.yml +++ b/.github/workflows/ci-reproducible-build.yml @@ -58,7 +58,7 @@ env: jobs: reproducibility: name: Reproducible Build Probe - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 75 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo diff --git a/.github/workflows/ci-rollback.yml b/.github/workflows/ci-rollback.yml index a96721440..c62902dbd 100644 --- a/.github/workflows/ci-rollback.yml +++ b/.github/workflows/ci-rollback.yml @@ -64,7 +64,7 @@ env: jobs: rollback-plan: name: Rollback Guard Plan - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 20 outputs: branch: ${{ steps.plan.outputs.branch }} @@ -189,7 +189,7 @@ jobs: name: Rollback Execute Actions needs: [rollback-plan] if: github.event_name == 'workflow_dispatch' && needs.rollback-plan.outputs.mode == 'execute' && needs.rollback-plan.outputs.ready_to_execute == 'true' - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 15 permissions: contents: write diff --git a/.github/workflows/ci-run.yml b/.github/workflows/ci-run.yml index dbbc6b740..8d28b0667 100644 --- a/.github/workflows/ci-run.yml +++ b/.github/workflows/ci-run.yml @@ -50,7 +50,7 @@ jobs: name: Lint Gate (Format + Clippy + Strict Delta) needs: [changes] if: needs.changes.outputs.rust_changed == 'true' - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 75 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo @@ -90,7 +90,7 @@ jobs: name: Workspace Check needs: [changes] if: needs.changes.outputs.rust_changed == 'true' - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 45 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 @@ -111,7 +111,7 @@ jobs: name: Package Check (${{ matrix.package }}) needs: [changes] if: needs.changes.outputs.rust_changed == 'true' - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 25 strategy: fail-fast: false @@ -136,7 +136,7 @@ jobs: name: Test needs: [changes] if: needs.changes.outputs.rust_changed == 'true' - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 120 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo @@ -229,7 +229,7 @@ jobs: name: Build (Smoke) needs: [changes] if: needs.changes.outputs.rust_changed == 'true' - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 90 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo diff --git a/.github/workflows/ci-supply-chain-provenance.yml b/.github/workflows/ci-supply-chain-provenance.yml index 3460dfd1c..84803befe 100644 --- a/.github/workflows/ci-supply-chain-provenance.yml +++ b/.github/workflows/ci-supply-chain-provenance.yml @@ -32,7 +32,7 @@ env: jobs: provenance: name: Build + Provenance Bundle - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 60 steps: - name: Checkout diff --git a/.github/workflows/deploy-web.yml b/.github/workflows/deploy-web.yml index 03e865549..e8a152b19 100644 --- a/.github/workflows/deploy-web.yml +++ b/.github/workflows/deploy-web.yml @@ -18,7 +18,7 @@ concurrency: jobs: build: - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] steps: - name: Checkout uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 @@ -48,7 +48,7 @@ jobs: environment: name: github-pages url: ${{ steps.deployment.outputs.page_url }} - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] needs: build steps: - name: Deploy to GitHub Pages diff --git a/.github/workflows/docs-deploy.yml b/.github/workflows/docs-deploy.yml index 470df4a6c..2a58c9d85 100644 --- a/.github/workflows/docs-deploy.yml +++ b/.github/workflows/docs-deploy.yml @@ -56,7 +56,7 @@ env: jobs: docs-quality: name: Docs Quality Gate - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 20 outputs: docs_files: ${{ steps.scope.outputs.docs_files }} @@ -213,7 +213,7 @@ jobs: name: Docs Preview Artifact needs: [docs-quality] if: github.event_name == 'pull_request' || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_target == 'preview') - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 15 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 @@ -247,7 +247,7 @@ jobs: name: Deploy Docs to GitHub Pages needs: [docs-quality] if: needs.docs-quality.outputs.deploy_target == 'production' && needs.docs-quality.outputs.ready_to_deploy == 'true' - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 20 permissions: contents: read diff --git a/.github/workflows/feature-matrix.yml b/.github/workflows/feature-matrix.yml index 576c49981..9d61f84f0 100644 --- a/.github/workflows/feature-matrix.yml +++ b/.github/workflows/feature-matrix.yml @@ -51,7 +51,7 @@ env: jobs: resolve-profile: name: Resolve Matrix Profile - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] outputs: profile: ${{ steps.resolve.outputs.profile }} lane_job_prefix: ${{ steps.resolve.outputs.lane_job_prefix }} @@ -127,7 +127,7 @@ jobs: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'ci:full') || contains(github.event.pull_request.labels.*.name, 'ci:feature-matrix') - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: ${{ fromJSON(needs.resolve-profile.outputs.lane_timeout_minutes) }} strategy: fail-fast: false @@ -283,7 +283,7 @@ jobs: name: ${{ needs.resolve-profile.outputs.summary_job_name }} needs: [resolve-profile, feature-check] if: always() - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 diff --git a/.github/workflows/main-branch-flow.md b/.github/workflows/main-branch-flow.md index 211bd7305..de2929c70 100644 --- a/.github/workflows/main-branch-flow.md +++ b/.github/workflows/main-branch-flow.md @@ -201,7 +201,6 @@ Canary policy lane: 1. Workflow-file changes (`.github/workflows/**`) are validated through `pr-intake-checks.yml`, `ci-change-audit.yml`, and `CI Required Gate` without a dedicated owner-approval gate. 2. PR lint/test strictness is intentionally controlled by `ci:full` label. -3. `pr-intake-checks.yml` now blocks PRs missing a Linear issue key (`RMN-*`, `CDV-*`, `COM-*`) to keep execution mapped to Linear. 4. `sec-audit.yml` runs on PR/push/merge queue (`merge_group`), plus scheduled weekly. 5. `ci-change-audit.yml` enforces pinned `uses:` references for CI/security workflow changes. 6. `sec-audit.yml` includes deny policy hygiene checks (`deny_policy_guard.py`) before cargo-deny. diff --git a/.github/workflows/nightly-all-features.yml b/.github/workflows/nightly-all-features.yml index 209003727..fd2ce62fc 100644 --- a/.github/workflows/nightly-all-features.yml +++ b/.github/workflows/nightly-all-features.yml @@ -27,7 +27,7 @@ env: jobs: nightly-lanes: name: Nightly Lane (${{ matrix.name }}) - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 70 strategy: fail-fast: false @@ -142,7 +142,7 @@ jobs: name: Nightly Summary & Routing needs: [nightly-lanes] if: always() - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 diff --git a/.github/workflows/pages-deploy.yml b/.github/workflows/pages-deploy.yml index 34fca0b01..afe8be884 100644 --- a/.github/workflows/pages-deploy.yml +++ b/.github/workflows/pages-deploy.yml @@ -22,7 +22,7 @@ concurrency: jobs: build: - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] steps: - name: Checkout @@ -53,7 +53,7 @@ jobs: deploy: needs: build - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] environment: name: github-pages url: ${{ steps.deployment.outputs.page_url }} diff --git a/.github/workflows/pub-docker-img.yml b/.github/workflows/pub-docker-img.yml index 1a6520e29..7124f2348 100644 --- a/.github/workflows/pub-docker-img.yml +++ b/.github/workflows/pub-docker-img.yml @@ -38,7 +38,7 @@ jobs: pr-smoke: name: PR Docker Smoke if: (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository) || (github.event_name == 'workflow_dispatch' && inputs.release_tag == '') - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 25 permissions: contents: read @@ -92,7 +92,7 @@ jobs: publish: name: Build and Push Docker Image if: github.repository == 'zeroclaw-labs/zeroclaw' && ((github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')) || (github.event_name == 'workflow_dispatch' && inputs.release_tag != '')) - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 90 permissions: contents: read diff --git a/.github/workflows/pub-prerelease.yml b/.github/workflows/pub-prerelease.yml index e56ab170f..e3eedc6be 100644 --- a/.github/workflows/pub-prerelease.yml +++ b/.github/workflows/pub-prerelease.yml @@ -43,7 +43,7 @@ env: jobs: prerelease-guard: name: Pre-release Guard - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 20 outputs: release_tag: ${{ steps.vars.outputs.release_tag }} @@ -177,7 +177,7 @@ jobs: needs: [prerelease-guard] # Keep GNU Linux prerelease artifacts on Ubuntu 22.04 so runtime GLIBC # symbols remain compatible with Debian 12 / Ubuntu 22.04 hosts. - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 45 steps: - name: Checkout tag @@ -239,7 +239,7 @@ jobs: name: Publish GitHub Pre-release needs: [prerelease-guard, build-prerelease] if: needs.prerelease-guard.outputs.ready_to_publish == 'true' - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 15 steps: - name: Download prerelease artifacts diff --git a/.github/workflows/pub-release.yml b/.github/workflows/pub-release.yml index e02598bfc..a00fc9125 100644 --- a/.github/workflows/pub-release.yml +++ b/.github/workflows/pub-release.yml @@ -48,7 +48,7 @@ jobs: prepare: name: Prepare Release Context if: github.event_name != 'push' || !contains(github.ref_name, '-') - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] outputs: release_ref: ${{ steps.vars.outputs.release_ref }} release_tag: ${{ steps.vars.outputs.release_tag }} @@ -205,14 +205,14 @@ jobs: include: # Keep GNU Linux release artifacts on Ubuntu 22.04 to preserve # a broadly compatible GLIBC baseline for user distributions. - - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] target: x86_64-unknown-linux-gnu artifact: zeroclaw archive_ext: tar.gz cross_compiler: "" linker_env: "" linker: "" - - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] target: x86_64-unknown-linux-musl artifact: zeroclaw archive_ext: tar.gz @@ -220,14 +220,14 @@ jobs: linker_env: "" linker: "" use_cross: true - - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] target: aarch64-unknown-linux-gnu artifact: zeroclaw archive_ext: tar.gz cross_compiler: gcc-aarch64-linux-gnu linker_env: CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER linker: aarch64-linux-gnu-gcc - - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] target: aarch64-unknown-linux-musl artifact: zeroclaw archive_ext: tar.gz @@ -235,14 +235,14 @@ jobs: linker_env: "" linker: "" use_cross: true - - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] target: armv7-unknown-linux-gnueabihf artifact: zeroclaw archive_ext: tar.gz cross_compiler: gcc-arm-linux-gnueabihf linker_env: CARGO_TARGET_ARMV7_UNKNOWN_LINUX_GNUEABIHF_LINKER linker: arm-linux-gnueabihf-gcc - - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] target: armv7-linux-androideabi artifact: zeroclaw archive_ext: tar.gz @@ -251,7 +251,7 @@ jobs: linker: "" android_ndk: true android_api: 21 - - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] target: aarch64-linux-android artifact: zeroclaw archive_ext: tar.gz @@ -260,7 +260,7 @@ jobs: linker: "" android_ndk: true android_api: 21 - - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + - os: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] target: x86_64-unknown-freebsd artifact: zeroclaw archive_ext: tar.gz @@ -463,7 +463,7 @@ jobs: verify-artifacts: name: Verify Artifact Set needs: [prepare, build-release] - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: @@ -524,7 +524,7 @@ jobs: name: Publish Release if: needs.prepare.outputs.publish_release == 'true' needs: [prepare, verify-artifacts] - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 45 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml index 42bd3e20f..926216f7e 100644 --- a/.github/workflows/release-build.yml +++ b/.github/workflows/release-build.yml @@ -22,7 +22,7 @@ env: jobs: build-and-test: name: Build and Test (Linux x86_64) - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 120 steps: diff --git a/.github/workflows/scripts/pr_intake_checks.js b/.github/workflows/scripts/pr_intake_checks.js index 9b6371af1..d529bbd77 100644 --- a/.github/workflows/scripts/pr_intake_checks.js +++ b/.github/workflows/scripts/pr_intake_checks.js @@ -17,10 +17,6 @@ module.exports = async ({ github, context, core }) => { "## Rollback Plan (required)", ]; const body = pr.body || ""; - const linearKeyRegex = /\b(?:RMN|CDV|COM)-\d+\b/g; - const linearKeys = Array.from( - new Set([...(pr.title.match(linearKeyRegex) || []), ...(body.match(linearKeyRegex) || [])]), - ); const missingSections = requiredSections.filter((section) => !body.includes(section)); const missingFields = []; @@ -87,11 +83,6 @@ module.exports = async ({ github, context, core }) => { if (dangerousProblems.length > 0) { blockingFindings.push(`Dangerous patch markers found (${dangerousProblems.length})`); } - if (linearKeys.length === 0) { - advisoryFindings.push( - "Missing Linear issue key reference (`RMN-`, `CDV-`, or `COM-`) in PR title/body (recommended for traceability, non-blocking).", - ); - } const comments = await github.paginate(github.rest.issues.listComments, { owner, @@ -156,14 +147,12 @@ module.exports = async ({ github, context, core }) => { "", "Action items:", "1. Complete required PR template sections/fields.", - "2. (Recommended) Link this PR to one active Linear issue key (`RMN-xxx`/`CDV-xxx`/`COM-xxx`) for traceability.", - "3. Remove tabs, trailing whitespace, and merge conflict markers from added lines.", + "2. Remove tabs, trailing whitespace, and merge conflict markers from added lines.", "4. Re-run local checks before pushing:", " - `./scripts/ci/rust_quality_gate.sh`", " - `./scripts/ci/rust_strict_delta_gate.sh`", " - `./scripts/ci/docs_quality_gate.sh`", "", - `Detected Linear keys: ${linearKeys.length > 0 ? linearKeys.join(", ") : "none"}`, "", `Run logs: ${runUrl}`, "", diff --git a/.github/workflows/sec-audit.yml b/.github/workflows/sec-audit.yml index 3ba0d050f..260e8a5dd 100644 --- a/.github/workflows/sec-audit.yml +++ b/.github/workflows/sec-audit.yml @@ -72,7 +72,7 @@ env: jobs: audit: name: Security Audit - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 45 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo @@ -107,7 +107,7 @@ jobs: deny: name: License & Supply Chain - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 20 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo @@ -216,7 +216,7 @@ jobs: security-regressions: name: Security Regression Tests - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 30 env: CARGO_HOME: ${{ github.workspace }}/.ci-rust/${{ github.run_id }}-${{ github.run_attempt }}-${{ github.job }}/cargo diff --git a/.github/workflows/sec-vorpal-reviewdog.yml b/.github/workflows/sec-vorpal-reviewdog.yml index 618755038..7f6ea9b56 100644 --- a/.github/workflows/sec-vorpal-reviewdog.yml +++ b/.github/workflows/sec-vorpal-reviewdog.yml @@ -91,7 +91,7 @@ env: jobs: vorpal: name: Vorpal Reviewdog Scan - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 20 steps: - name: Checkout diff --git a/.github/workflows/test-benchmarks.yml b/.github/workflows/test-benchmarks.yml index 14588fd5a..71d046027 100644 --- a/.github/workflows/test-benchmarks.yml +++ b/.github/workflows/test-benchmarks.yml @@ -22,7 +22,7 @@ env: jobs: benchmarks: name: Criterion Benchmarks - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 30 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 diff --git a/.github/workflows/test-e2e.yml b/.github/workflows/test-e2e.yml index 595e97e1f..a25825067 100644 --- a/.github/workflows/test-e2e.yml +++ b/.github/workflows/test-e2e.yml @@ -30,7 +30,7 @@ env: jobs: integration-tests: name: Integration / E2E Tests - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 30 steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 diff --git a/.github/workflows/test-fuzz.yml b/.github/workflows/test-fuzz.yml index 809672a36..c3cd73697 100644 --- a/.github/workflows/test-fuzz.yml +++ b/.github/workflows/test-fuzz.yml @@ -27,7 +27,7 @@ env: jobs: fuzz: name: Fuzz (${{ matrix.target }}) - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 60 strategy: fail-fast: false diff --git a/.github/workflows/test-self-hosted.yml b/.github/workflows/test-self-hosted.yml index 8471d5f39..d164b26b3 100644 --- a/.github/workflows/test-self-hosted.yml +++ b/.github/workflows/test-self-hosted.yml @@ -11,7 +11,7 @@ permissions: jobs: runner-health: name: Runner Health / self-hosted aws-india - runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner] + runs-on: [self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404] timeout-minutes: 10 steps: - name: Check runner info diff --git a/docs/ci-blacksmith.md b/docs/ci-blacksmith.md index f816892f9..02df56b83 100644 --- a/docs/ci-blacksmith.md +++ b/docs/ci-blacksmith.md @@ -15,7 +15,7 @@ This document describes the production binary build lane for ZeroClaw on Blacksm The workflow runs on the same Blacksmith self-hosted runner label-set used by the rest of CI: -`[self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404, hetzner]` +`[self-hosted, Linux, X64, aws-india, blacksmith-2vcpu-ubuntu-2404]` This keeps runner routing consistent with existing CI jobs and actionlint policy. diff --git a/docs/ci-map.md b/docs/ci-map.md index bd9632c6f..4b85e53d9 100644 --- a/docs/ci-map.md +++ b/docs/ci-map.md @@ -134,7 +134,6 @@ Merge-blocking checks should stay small and deterministic. Optional checks are u - Keep merge-blocking checks deterministic and reproducible (`--locked` where applicable). - Keep merge-queue compatibility explicit by supporting `merge_group` on required workflows (`ci-run`, `sec-audit`, and `sec-codeql`). -- Keep PRs mapped to Linear issue keys (`RMN-*`/`CDV-*`/`COM-*`) when available for traceability (recommended by PR intake checks, non-blocking). - Keep PR intake backfills event-driven: when intake logic changes, prefer triggering a fresh PR event over rerunning old runs so checks evaluate against the latest workflow/script snapshot. - Keep `deny.toml` advisory ignore entries in object form with explicit reasons (enforced by `deny_policy_guard.py`). - Keep deny ignore governance metadata current in `.github/security/deny-ignore-governance.json` (owner/reason/expiry/ticket enforced by `deny_policy_guard.py`). diff --git a/docs/i18n/vi/ci-map.md b/docs/i18n/vi/ci-map.md index 11d9417f0..53ac1c79c 100644 --- a/docs/i18n/vi/ci-map.md +++ b/docs/i18n/vi/ci-map.md @@ -115,7 +115,6 @@ Các kiểm tra chặn merge nên giữ nhỏ và mang tính quyết định. C - Giữ các kiểm tra chặn merge mang tính quyết định và tái tạo được (`--locked` khi áp dụng được). - Đảm bảo tương thích merge queue bằng cách hỗ trợ `merge_group` cho các workflow bắt buộc (`ci-run`, `sec-audit`, `sec-codeql`). -- Khuyến nghị PR liên kết với Linear issue key (`RMN-*`/`CDV-*`/`COM-*`) khi có để truy vết (PR intake checks chỉ cảnh báo, không chặn merge). - Với backfill PR intake, ưu tiên kích hoạt sự kiện PR mới thay vì rerun run cũ để đảm bảo check đánh giá theo snapshot workflow/script mới nhất. - Bắt buộc entry `advisories.ignore` trong `deny.toml` dùng object có `id` + `reason` (được kiểm tra bởi `deny_policy_guard.py`). - Giữ metadata governance cho deny ignore trong `.github/security/deny-ignore-governance.json` luôn cập nhật (owner/reason/expiry/ticket được kiểm tra bởi `deny_policy_guard.py`). diff --git a/docs/operations/feature-matrix-runbook.md b/docs/operations/feature-matrix-runbook.md index d758d2eba..ec4c65564 100644 --- a/docs/operations/feature-matrix-runbook.md +++ b/docs/operations/feature-matrix-runbook.md @@ -66,7 +66,7 @@ Verification commands: 1. Open `feature-matrix-summary.md` and identify failed lane(s), owner, and failing command. 2. Download lane artifact (`nightly-result-.json`) for exact command + exit code. 3. Reproduce locally with the exact command and toolchain lock (`--locked`). -4. Attach local reproduction logs + fix PR link to the active Linear execution issue. +4. Attach local reproduction logs + fix PR link to the related issue. ## High-Frequency Failure Classes diff --git a/src/integrations/registry.rs b/src/integrations/registry.rs index 169278fc6..598f5a109 100644 --- a/src/integrations/registry.rs +++ b/src/integrations/registry.rs @@ -812,12 +812,6 @@ pub fn all_integrations() -> Vec { category: IntegrationCategory::Productivity, status_fn: |_| IntegrationStatus::ComingSoon, }, - IntegrationEntry { - name: "Linear", - description: "Issue tracking", - category: IntegrationCategory::Productivity, - status_fn: |_| IntegrationStatus::ComingSoon, - }, // ── Music & Audio ─────────────────────────────────────── IntegrationEntry { name: "Spotify", diff --git a/tests/memory_comparison.rs b/tests/memory_comparison.rs index 2523829cb..0a401da37 100644 --- a/tests/memory_comparison.rs +++ b/tests/memory_comparison.rs @@ -103,7 +103,7 @@ async fn compare_recall_quality() { ), ( "deploy", - "Deploys to Hetzner VPS via Docker", + "Deploys to VPS via Docker", MemoryCategory::Core, ), (