zeroclaw

polymech/zeroclaw

Fork 0

Commit Graph

Author	SHA1	Message	Date
jordanthejet	5dfa722738	ci: consolidate CI/CD pipeline — 6 Rust jobs → 2, unified cache, frequency optimization Consolidate redundant Rust compilation jobs to cut PR cycle time from 2+ hours to ~30 minutes by reducing parallel cold compilations and upgrading runners. CI Run (ci-run.yml): - Merge lint + workspace-check + package-check → quality-gate (25min, 8vcpu) - Merge test + build → test-and-build (30min, 8vcpu) - Unify cache keys: prefix-key=zeroclaw-ci-v1, shared-key=runner.os-rust - Update ci-required gate, lint-feedback deps to reference new job names Security Audit (sec-audit.yml): - Merge audit + deny + security-regressions → rust-security (25min, 8vcpu) - Merge sbom + unsafe-debt → compliance (lightweight runner) - Add fast-path: non-Rust PRs skip Rust compilation entirely Frequency optimization (off PR path): - sec-codeql.yml: push-to-main + weekly only (was PR + push) - ci-reproducible-build.yml: push-to-main + weekly only (was PR + push) - ci-change-audit.yml: push-to-main only (was PR + push) Runner upgrades: - All Rust compilation jobs: 2vcpu → blacksmith-8vcpu-ubuntu-2404 - ci-supply-chain-provenance, test-fuzz: upgraded to 8vcpu - test-e2e: upgraded to 8vcpu, fixed env indentation bug Feature matrix (feature-matrix.yml): - Non-default lanes (whatsapp-web, browser-native, nightly-all-features) skip on compile profile, run on nightly only - resolve-profile + summary jobs use ubuntu-latest (no Rust compilation) Docs/scripts: - lint_feedback.js: update job name references for quality-gate - required-check-mapping.md: document new consolidated job names - ci-map.md: update trigger map, triage guide, maintenance rules - self-hosted-runner-remediation.md: update job name reference Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-05 15:51:07 -05:00
Will Sarg	69a3b54968	chore(ci): externalize workflow scripts and relocate main flow doc (#722 ) * feat: Add GitHub Actions workflows for security audits, CodeQL analysis, contributor updates, performance benchmarks, integration tests, fuzz testing, and reusable Rust build jobs - Implemented `sec-audit.yml` for Rust package security audits using `rustsec/audit-check` and `cargo-deny-action`. - Created `sec-codeql.yml` for CodeQL analysis scheduled twice daily. - Added `sync-contributors.yml` to update the NOTICE file with new contributors automatically. - Introduced `test-benchmarks.yml` for performance benchmarks using Criterion. - Established `test-e2e.yml` for running integration and end-to-end tests. - Developed `test-fuzz.yml` for fuzz testing with configurable runtime. - Created `test-rust-build.yml` as a reusable job for executing Rust commands with customizable parameters. - Documented main branch delivery flows in `main-branch-flow.md` for clarity on CI/CD processes. * ci(workflows): update workflow scripts and rename for clarity; remove obsolete lint feedback script * chore(ci): externalize workflow scripts and relocate main flow doc	2026-02-17 19:48:37 -05:00

Author

SHA1

Message

Date

jordanthejet

5dfa722738

ci: consolidate CI/CD pipeline — 6 Rust jobs → 2, unified cache, frequency optimization

Consolidate redundant Rust compilation jobs to cut PR cycle time from 2+ hours
to ~30 minutes by reducing parallel cold compilations and upgrading runners.

CI Run (ci-run.yml):
- Merge lint + workspace-check + package-check → quality-gate (25min, 8vcpu)
- Merge test + build → test-and-build (30min, 8vcpu)
- Unify cache keys: prefix-key=zeroclaw-ci-v1, shared-key=runner.os-rust
- Update ci-required gate, lint-feedback deps to reference new job names

Security Audit (sec-audit.yml):
- Merge audit + deny + security-regressions → rust-security (25min, 8vcpu)
- Merge sbom + unsafe-debt → compliance (lightweight runner)
- Add fast-path: non-Rust PRs skip Rust compilation entirely

Frequency optimization (off PR path):
- sec-codeql.yml: push-to-main + weekly only (was PR + push)
- ci-reproducible-build.yml: push-to-main + weekly only (was PR + push)
- ci-change-audit.yml: push-to-main only (was PR + push)

Runner upgrades:
- All Rust compilation jobs: 2vcpu → blacksmith-8vcpu-ubuntu-2404
- ci-supply-chain-provenance, test-fuzz: upgraded to 8vcpu
- test-e2e: upgraded to 8vcpu, fixed env indentation bug

Feature matrix (feature-matrix.yml):
- Non-default lanes (whatsapp-web, browser-native, nightly-all-features)
  skip on compile profile, run on nightly only
- resolve-profile + summary jobs use ubuntu-latest (no Rust compilation)

Docs/scripts:
- lint_feedback.js: update job name references for quality-gate
- required-check-mapping.md: document new consolidated job names
- ci-map.md: update trigger map, triage guide, maintenance rules
- self-hosted-runner-remediation.md: update job name reference

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-05 15:51:07 -05:00

Will Sarg

69a3b54968

chore(ci): externalize workflow scripts and relocate main flow doc (#722 )

* feat: Add GitHub Actions workflows for security audits, CodeQL analysis, contributor updates, performance benchmarks, integration tests, fuzz testing, and reusable Rust build jobs

- Implemented `sec-audit.yml` for Rust package security audits using `rustsec/audit-check` and `cargo-deny-action`.
- Created `sec-codeql.yml` for CodeQL analysis scheduled twice daily.
- Added `sync-contributors.yml` to update the NOTICE file with new contributors automatically.
- Introduced `test-benchmarks.yml` for performance benchmarks using Criterion.
- Established `test-e2e.yml` for running integration and end-to-end tests.
- Developed `test-fuzz.yml` for fuzz testing with configurable runtime.
- Created `test-rust-build.yml` as a reusable job for executing Rust commands with customizable parameters.
- Documented main branch delivery flows in `main-branch-flow.md` for clarity on CI/CD processes.

* ci(workflows): update workflow scripts and rename for clarity; remove obsolete lint feedback script

* chore(ci): externalize workflow scripts and relocate main flow doc

2026-02-17 19:48:37 -05:00

2 Commits