diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 18a60391b30..2b65eb5a9fb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -524,7 +524,9 @@ jobs: - name: Cache dist build uses: actions/cache@v5 with: - path: dist/ + path: | + dist/ + dist-runtime/ key: ${{ runner.os }}-dist-build-${{ github.sha }} - name: Upload A2UI bundle artifact @@ -984,7 +986,9 @@ jobs: id: checks-dist-cache uses: actions/cache@v5 with: - path: dist/ + path: | + dist/ + dist-runtime/ key: ${{ runner.os }}-dist-build-${{ github.sha }} - name: Verify dist cache @@ -1295,7 +1299,9 @@ jobs: id: dist-cache uses: actions/cache@v5 with: - path: dist/ + path: | + dist/ + dist-runtime/ key: ${{ runner.os }}-dist-build-${{ github.sha }} - name: Verify dist cache @@ -1619,8 +1625,6 @@ jobs: group: extension-bundled - check_name: check-additional-extension-package-boundary group: extension-package-boundary - - check_name: check-additional-runtime-topology-gateway - group: runtime-topology-gateway - check_name: check-additional-runtime-topology-architecture group: runtime-topology-architecture steps: @@ -1756,12 +1760,6 @@ jobs: run_check "test:extensions:package-boundary:compile" pnpm run test:extensions:package-boundary:compile run_check "test:extensions:package-boundary:canary" pnpm run test:extensions:package-boundary:canary ;; - runtime-topology-gateway) - if [ "$RUN_CONTROL_UI_I18N" = "true" ]; then - run_check "ui:i18n:check" pnpm ui:i18n:check - fi - run_check "gateway-watch-regression" pnpm test:gateway:watch-regression - ;; runtime-topology-architecture) run_check "check:architecture" pnpm check:architecture ;; @@ -1773,8 +1771,92 @@ jobs: exit "$failures" + check-additional-runtime-topology-gateway: + permissions: + contents: read + name: "check-additional-runtime-topology-gateway" + needs: [preflight, build-artifacts] + if: ${{ !cancelled() && always() && needs.preflight.outputs.run_check_additional == 'true' && needs.build-artifacts.result == 'success' }} + runs-on: ubuntu-24.04 + timeout-minutes: 20 + steps: + - name: Checkout + shell: bash + env: + CHECKOUT_REPO: ${{ github.repository }} + CHECKOUT_SHA: ${{ github.sha }} + CHECKOUT_TOKEN: ${{ github.token }} + run: | + set -euo pipefail + + workdir="$GITHUB_WORKSPACE" + auth_header="$(printf 'x-access-token:%s' "$CHECKOUT_TOKEN" | base64 | tr -d '\n')" + + reset_checkout_dir() { + mkdir -p "$workdir" + find "$workdir" -mindepth 1 -maxdepth 1 -exec rm -rf {} + + } + + checkout_attempt() { + local attempt="$1" + + reset_checkout_dir + git init "$workdir" >/dev/null + git config --global --add safe.directory "$workdir" + git -C "$workdir" remote add origin "https://github.com/${CHECKOUT_REPO}" + git -C "$workdir" config gc.auto 0 + + timeout --signal=TERM 30s git -C "$workdir" \ + -c protocol.version=2 \ + -c "http.https://github.com/.extraheader=AUTHORIZATION: basic ${auth_header}" \ + fetch --no-tags --prune --no-recurse-submodules --depth=1 origin \ + "+${CHECKOUT_SHA}:refs/remotes/origin/ci-target" || return 1 + + git -C "$workdir" checkout --force --detach "$CHECKOUT_SHA" || return 1 + test -f "$workdir/.github/actions/setup-node-env/action.yml" || return 1 + echo "checkout attempt ${attempt}/2 succeeded" + } + + for attempt in 1 2; do + if checkout_attempt "$attempt"; then + exit 0 + fi + echo "checkout attempt ${attempt}/2 failed" + sleep $((attempt * 5)) + done + + echo "checkout failed after 2 attempts" >&2 + exit 1 + + - name: Setup Node environment + uses: ./.github/actions/setup-node-env + with: + install-bun: "false" + + - name: Restore dist cache + id: dist-cache + uses: actions/cache@v5 + with: + path: | + dist/ + dist-runtime/ + key: ${{ runner.os }}-dist-build-${{ github.sha }} + + - name: Verify dist cache + if: steps.dist-cache.outputs.cache-hit != 'true' + run: | + echo "Missing same-run dist cache for ${RUNNER_OS}-dist-build-${GITHUB_SHA}" >&2 + exit 1 + + - name: Check Control UI i18n + if: needs.preflight.outputs.run_control_ui_i18n == 'true' + run: pnpm ui:i18n:check + + - name: Run gateway watch regression + run: node scripts/check-gateway-watch-regression.mjs --skip-build + - name: Upload gateway watch regression artifacts - if: always() && matrix.group == 'runtime-topology-gateway' + if: always() uses: actions/upload-artifact@v7 with: name: gateway-watch-regression @@ -1785,7 +1867,7 @@ jobs: permissions: contents: read name: "check-additional" - needs: [preflight, check-additional-shard] + needs: [preflight, check-additional-shard, check-additional-runtime-topology-gateway] if: ${{ !cancelled() && always() && needs.preflight.outputs.run_check_additional == 'true' }} runs-on: ubuntu-24.04 timeout-minutes: 5 @@ -1793,11 +1875,16 @@ jobs: - name: Verify additional check shards env: SHARD_RESULT: ${{ needs.check-additional-shard.result }} + GATEWAY_RESULT: ${{ needs.check-additional-runtime-topology-gateway.result }} run: | if [ "$SHARD_RESULT" != "success" ]; then echo "Additional check shards failed: $SHARD_RESULT" >&2 exit 1 fi + if [ "$GATEWAY_RESULT" != "success" ]; then + echo "Gateway topology check failed: $GATEWAY_RESULT" >&2 + exit 1 + fi build-smoke: permissions: diff --git a/docs/ci.md b/docs/ci.md index c6e53fb349d..b7d65b9b317 100644 --- a/docs/ci.md +++ b/docs/ci.md @@ -53,7 +53,7 @@ Local changed-lane logic lives in `scripts/changed-lanes.mjs` and is executed by On pushes, the `checks` matrix adds the push-only `compat-node22` lane. On pull requests, that lane is skipped and the matrix stays focused on the normal test/channel lanes. -The slowest Node test families are split or balanced so each job stays small: channel contracts split registry and core coverage into six weighted shards total, bundled plugin tests balance across six extension workers, auto-reply runs as three balanced workers instead of six tiny workers, and agentic gateway/plugin configs are spread across the existing source-only agentic Node jobs instead of waiting on built artifacts. Broad browser, QA, media, and miscellaneous plugin tests use their dedicated Vitest configs instead of the shared plugin catch-all. The broad agents lane uses the shared Vitest file-parallel scheduler because it is import/scheduling dominated rather than owned by a single slow test file. `runtime-config` runs with the infra core-runtime shard to keep the shared runtime shard from owning the tail. `check-additional` keeps package-boundary compile/canary work together and separates it from runtime topology gateway/architecture work; the boundary guard shard runs its small independent guards concurrently inside one job, and the gateway watch regression uses the minimal `gatewayWatch` build profile instead of rebuilding the full CI artifact sidecar set. +The slowest Node test families are split or balanced so each job stays small: channel contracts split registry and core coverage into six weighted shards total, bundled plugin tests balance across six extension workers, auto-reply runs as three balanced workers instead of six tiny workers, and agentic gateway/plugin configs are spread across the existing source-only agentic Node jobs instead of waiting on built artifacts. Broad browser, QA, media, and miscellaneous plugin tests use their dedicated Vitest configs instead of the shared plugin catch-all. The broad agents lane uses the shared Vitest file-parallel scheduler because it is import/scheduling dominated rather than owned by a single slow test file. `runtime-config` runs with the infra core-runtime shard to keep the shared runtime shard from owning the tail. `check-additional` keeps package-boundary compile/canary work together and separates runtime topology architecture from gateway watch coverage; the boundary guard shard runs its small independent guards concurrently inside one job, and the gateway watch regression reuses the same-run built `dist/` and `dist-runtime/` cache from `build-artifacts` so it measures watch stability without rebuilding runtime artifacts in its own worker. Android CI runs both `testPlayDebugUnitTest` and `testThirdPartyDebugUnitTest`, then builds the Play debug APK. The third-party flavor has no separate source set or manifest; its unit-test lane still compiles that flavor with the SMS/call-log BuildConfig flags, while avoiding a duplicate debug APK packaging job on every Android-relevant push. `extension-fast` is PR-only because push runs already execute the full bundled plugin shards. That keeps changed-plugin feedback for reviews without reserving an extra Blacksmith worker on `main` for coverage already present in `checks-node-extensions`.