Commit Graph
5 Commits
Author SHA1 Message Date
Yuneng Jiang c2f40e89d5 [Infra] Remove CCI/GHA test duplication and semantically shard proxy DB tests
Split into two related cleanups:

1. Delete CCI jobs that duplicate GHA coverage:
   - mcp_testing (tests/mcp_tests) — already run by test-mcp.yml
   - litellm_mapped_tests_proxy_part1/part2 (tests/test_litellm/proxy) —
     already run across test-unit-proxy-auth.yml, test-unit-proxy-endpoints.yml,
     and test-unit-proxy-infra.yml
   Add rag_endpoints and realtime_endpoints to test-unit-proxy-endpoints.yml
   (they were only covered by the deleted CCI part2 job).
   Remove the corresponding workflow wiring, coverage combine entries, and
   upload-coverage dependencies in .circleci/config.yml.

2. Re-shard test-unit-proxy-db.yml from 4 alphabetic buckets to 8 semantic
   ones (auth-and-jwt, proxy-server, logging-and-callbacks, db-and-spend,
   guardrails-budget-hooks, endpoints-and-responses, plus the existing
   serial key-generation and test_proxy_utils.py shards). New test files are
   placed in whichever group they belong to instead of reshuffling slices.
   Add a dist input to _test-unit-services-base.yml so the test_proxy_utils.py
   shard can use --dist=worksteal to spread its ~64 (many parametrized)
   functions across workers; the default --dist=loadscope pins a single file
   to a single worker, which was the root cause of that shard running 10m+.
2026-04-23 14:48:38 -07:00
Yuneng Jiang aff4717494 [Infra] Expand CI branch filters for non-main PR targets
Required test-unit-* and related workflows only triggered on PRs targeting
main, so feature PRs routed through litellm_internal_staging or
litellm_oss_branch never dispatched the full suite. Branch protection
reported BLOCKED even when CircleCI was green.

Expand pull_request and push branch filters to also match
litellm_internal_staging, litellm_oss_branch, and "litellm_**" (using **
so branch names containing "/" also match).
2026-04-15 15:39:57 -07:00
d132b1bf51 [Infra] Remove Redundant Matrix Unit Test Workflow (#25251)
* Remove redundant matrix unit test workflow

All test paths in test-litellm-matrix.yml are fully covered by the
newer semantic unit test workflows (test-unit-*.yml), making the
matrix workflow redundant CI spend.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* Add Codecov coverage reporting to semantic unit test workflows

Add coverage collection (--cov) and Codecov OIDC upload to both
reusable base workflows and all 12 caller workflows, replacing the
coverage reporting that was previously only in the matrix workflow.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

* Move id-token/pull-requests permissions to job level for multi-job workflows

For workflows with multiple jobs (llm-providers, proxy-db), move
id-token: write and pull-requests: write from workflow level to job
level so permissions are scoped to only the jobs that need them.
Removes zizmor inline suppressions that were masking the issue.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-06 16:52:38 -07:00
Yuneng JiangandClaude Opus 4.6 a34ed20901 [Infra] Fix job naming in reusable workflow callers
Rename job keys from generic 'test' to descriptive names (e.g.,
'core-utils', 'proxy-auth', 'router') so GitHub checks display as
'core-utils / run' instead of 'test / test'.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-28 10:07:32 -07:00
Yuneng JiangandClaude Opus 4.6 3d527b722d [Infra] Add isolated unit test workflows with hardened security posture
Replace monolithic matrix workflow with individual, descriptively-named
workflow files. Each workflow uses a shared reusable base and follows
least-privilege security: zero secrets, read-only permissions, SHA-pinned
actions, persist-credentials: false, and env-var indirection to prevent
template injection.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-28 09:56:58 -07:00