mirror of
https://github.com/tiennm99/ccs.git
synced 2026-07-16 22:16:41 +00:00
* fix(ci): breaking-change-guard skips missing base files (CI-1) Guard each git-show call with git cat-file -e existence check before attempting to read docker/compose.yaml from the base branch. When the file doesn't exist on the base (new file in this PR), the script would crash with "fatal: path exists on disk but not in origin/dev". New files can't cause a contract regression, so we exit early with breaking=0. * style: prettier reformat unrelated drift (CI-2) Two files had minor formatting drift from earlier umbrella PRs: - src/cliproxy/quota/quota-manager.ts - src/management/checks/image-analysis-check.ts No logic changes — formatter-only pass to unblock CI format:check. * fix(test): update trusted-author gate count to 4 in ci-workflow test (CI-3) PR #1260 added a compose-parity job to ci.yml. That job runs on self-hosted runners using PR-provided checkout, so it legitimately requires the trusted-author guard (same as validate, build, test). The test expected 3 occurrences; the correct count is now 4: validate (matrix), build, test, compose-parity. * fix(ci): smoke-test passes compose path + image ref to network-contract (REV-1) network-contract.sh signature is: <compose-file> [image-ref] The smoke-test job was calling it as: bash tests/docker/network-contract.sh "${{ steps.image.outputs.ref }}" which placed the image ref in the compose-file position ($1), causing the script to try docker compose -f <image-ref> which fails. Corrected to: bash tests/docker/network-contract.sh docker/compose.yaml "${{ steps.image.outputs.ref }}" Also removes publish-dashboard from smoke-test.needs (REV-2): when publish-dashboard is SKIPPED on prerelease events, GitHub Actions propagates the skip to downstream jobs, so smoke-test and promote-mutable-tags were silently skipped on every rc.N publish. smoke-test only verifies the integrated image; it has no dependency on the legacy dashboard image job. * docs(docker): annotate /root/.ccs path in compose volume (REV-3 clarification) The reviewer raised a concern that the compose volume mounts /root/.ccs but the entrypoint might default to /home/node/.ccs. This is a false positive: the integrated image uses entrypoint-integrated.sh (not entrypoint.sh), which runs under supervisord with user=root and explicitly mkdir -p /root/.ccs. HOME is /root inside the container. The volume mount at /root/.ccs is correct. Added an inline comment documenting the reasoning so future reviewers do not confuse entrypoint.sh (legacy dashboard image) with entrypoint-integrated.sh (integrated image). * fix(ci): gate docs-parity pull_request job to trusted authors docs-parity.yml runs on a self-hosted runner and checks out PR code. The self-hosted-runner-policy test requires any such workflow to include the trusted-author guard. The workflow was missing the guard, causing bun test:fast to fail with 1 failure. Allow push events (no author check needed — push is to own branch) and trusted-contributor PRs only.
41 lines
1.8 KiB
TypeScript
41 lines
1.8 KiB
TypeScript
import { describe, expect, test } from 'bun:test';
|
|
import * as fs from 'node:fs';
|
|
import * as path from 'node:path';
|
|
|
|
function resolvePath(relativePath: string) {
|
|
return path.resolve(import.meta.dir, relativePath);
|
|
}
|
|
|
|
describe('pr ci workflow', () => {
|
|
test('keeps full coverage on pull requests', () => {
|
|
const workflowPath = resolvePath('../../../../.github/workflows/ci.yml');
|
|
const trustedAuthorGate =
|
|
'contains(fromJSON(\'["COLLABORATOR","MEMBER","OWNER"]\'), github.event.pull_request.author_association)';
|
|
|
|
expect(fs.existsSync(workflowPath)).toBe(true);
|
|
|
|
const workflow = fs.readFileSync(workflowPath, 'utf8');
|
|
|
|
expect(workflow).toContain('name: CI');
|
|
expect(workflow).toContain('pull_request:');
|
|
expect(workflow).toContain('branches: [main, dev]');
|
|
// 4 jobs: validate (matrix), build, test, compose-parity — each gated
|
|
expect(workflow.split(trustedAuthorGate).length - 1).toBe(4);
|
|
expect(workflow).toContain('group: ci-${{ github.ref }}');
|
|
expect(workflow).toContain('cancel-in-progress: true');
|
|
expect(workflow).toContain('fail-fast: false');
|
|
expect(workflow).toContain('runs-on: [self-hosted, linux, x64]');
|
|
expect(workflow).toContain("cmd: 'bun run typecheck'");
|
|
expect(workflow).toContain("cmd: 'bun run lint'");
|
|
expect(workflow).toContain("cmd: 'bun run format:check'");
|
|
expect(workflow).toContain("key: ${{ runner.os }}-bun-cache-v2-${{ hashFiles('bun.lock', 'ui/bun.lock') }}");
|
|
expect(workflow).not.toContain('restore-keys:');
|
|
expect(workflow).toContain('name: dist');
|
|
expect(workflow).toContain('path: dist/');
|
|
expect(workflow).toContain('needs: [build]');
|
|
expect(workflow).toContain('run: bun run test:all');
|
|
expect(workflow).toContain("CCS_E2E_SKIP_BUILD: '1'");
|
|
expect(workflow).toContain('run: bun run test:e2e');
|
|
});
|
|
});
|