From efca6fd330239e3a44b432767679364b88fc4171 Mon Sep 17 00:00:00 2001 From: Aaron Stainback Date: Mon, 27 Apr 2026 20:47:55 -0400 Subject: [PATCH 1/2] ci(gate): macos-26 back to PR cadence (Aaron 2026-04-28) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Maintainer 2026-04-28: "mac is less than that too so we might as wel move that back form per merge to per pr, i think that means only low memory is per merge now." Changes: - gate.yml matrix-setup: pull_request + merge_group now include macos-26 alongside ubuntu legs (was Linux-only). Push-to-main + workflow_dispatch unchanged (still get full set + Windows). - expected.json required_status_checks: add `build-and-test (macos-26)` back. Was removed in #651 when macOS was on per-merge only; now that it's PR-cadence, the gate makes sense again. Cadence after this lands: - PR + merge_group: ubuntu-24.04, ubuntu-24.04-arm, macos-26 - Push-to-main / workflow_dispatch: + windows-2025, windows-11-arm - ubuntu-slim (low-memory.yml): push-to-main + nightly schedule - Windows experimental: continue-on-error: true (peer-harness pending) Cost impact: zero — standard GitHub-hosted runners are free for public repos (Otto-210 / Otto-249). Duration verification (pre-disable codeql.yml era, last 50 runs 2026-04-28): no codeql.yml run > 5 min total wall-clock; recent code-PR breakdown was Path gate 52s + 4 Analyze legs 51s-2m58s. The 25-min concern that originally moved macOS to per-merge was an outlier (cold-cache from earlier era; current cache pins handle it). Branch protection live state untouched (still has macos-26 in required_status_checks per #651's deliberate non-touch). The github-settings-drift workflow will go from flagging the gap (expected != live) to passing (both equal) after this lands. Co-Authored-By: Claude Opus 4.7 --- .github/workflows/gate.yml | 29 +++++++++++---------- tools/hygiene/github-settings.expected.json | 1 + 2 files changed, 16 insertions(+), 14 deletions(-) diff --git a/.github/workflows/gate.yml b/.github/workflows/gate.yml index df5d1fdb..3a027ec8 100644 --- a/.github/workflows/gate.yml +++ b/.github/workflows/gate.yml @@ -76,12 +76,18 @@ concurrency: jobs: # Dynamic matrix for build-and-test: pre-merge events (pull_request - # and merge_group) get Linux-only (production build path, fast — - # keeps PR checks and merge-queue runs short). Push-to-main / - # workflow_dispatch get the full set including macos-26 - # (developer-experience verification) and the Windows experimental + # and merge_group) get Linux production legs + macos-26 + # (developer-experience verification — duration-verified ~3 min total + # codeql.yml run on recent code-PR per maintainer 2026-04-28). Push-to-main / + # workflow_dispatch additionally include the Windows experimental # legs. Standard GitHub-hosted runners are free for public repos so - # the post-merge run has no cost downside. + # all PR cadence has no cost downside. + # + # Maintainer 2026-04-28: "mac is less than that too so we might as + # wel move that back form per merge to per pr, i think that means + # only low memory is per merge now." → macos-26 moves to PR cadence; + # only ubuntu-slim (low-memory.yml) + Windows experimental remain + # on per-merge. matrix-setup: name: matrix setup runs-on: ubuntu-24.04 @@ -93,20 +99,15 @@ jobs: shell: bash run: | # Pre-merge (pull_request + merge_group): Linux production - # legs only (~3 min wall clock). - # Push-to-main / workflow_dispatch: full surface incl. - # macos-26 (developer-experience) + Windows legs - # (peer-harness milestone seeding per maintainer 2026-04-27 — - # "start the windows one as a per push to main too/merge to - # main, you can start slowly building that out before I get - # my windows laptop running the peer-mode agent, windows - # will be mostly ready and they can just clean it up"). + # legs + macos-26 dev-experience leg (~3-4 min total). + # Push-to-main / workflow_dispatch: pre-merge legs + Windows + # experimental legs (peer-harness milestone seeding). # Windows legs are gated by `continue-on-error: true` at the # build-and-test job level so initial failures (e.g. missing # tools/setup/install.ps1) don't block per-merge runs while # the peer-agent polishes the path. if [ "${GH_EVENT}" = "pull_request" ] || [ "${GH_EVENT}" = "merge_group" ]; then - echo 'os=["ubuntu-24.04","ubuntu-24.04-arm"]' >> "$GITHUB_OUTPUT" + echo 'os=["ubuntu-24.04","ubuntu-24.04-arm","macos-26"]' >> "$GITHUB_OUTPUT" else echo 'os=["ubuntu-24.04","ubuntu-24.04-arm","macos-26","windows-2025","windows-11-arm"]' >> "$GITHUB_OUTPUT" fi diff --git a/tools/hygiene/github-settings.expected.json b/tools/hygiene/github-settings.expected.json index 79c36be6..3eaf7737 100644 --- a/tools/hygiene/github-settings.expected.json +++ b/tools/hygiene/github-settings.expected.json @@ -131,6 +131,7 @@ "required_signatures": false, "required_status_checks": { "contexts": [ + "build-and-test (macos-26)", "build-and-test (ubuntu-24.04)", "build-and-test (ubuntu-24.04-arm)", "lint (actionlint)", From 57c93b43b8d6c5ebe14e47ec9d7fa9bfa6c9cea0 Mon Sep 17 00:00:00 2001 From: Aaron Stainback Date: Mon, 27 Apr 2026 20:53:43 -0400 Subject: [PATCH 2/2] =?UTF-8?q?fix(#657):=20Copilot=20review=20=E2=80=94?= =?UTF-8?q?=20sync=20build-and-test=20header=20comments=20+=20correct=20wo?= =?UTF-8?q?rkflow=20citation?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Copilot review on PR #657 caught two doc/code-mismatches: 1. The matrix-setup header citation said "~3 min total codeql.yml run on recent code-PR" as duration justification for adding macos-26 to the gate matrix. But this is gate.yml, not codeql.yml — the cited duration is for a different workflow. Replaced with gate.yml-specific evidence: "recent build-and-test job durations are typically 1-3 min on cached runners." 2. The build-and-test job header still claimed macos-26 "Runs only on push-to-main + schedule + workflow_dispatch" + Windows legs "same cadence as macos-26 (not on PR)" — both stale after the matrix-setup change. Updated to reflect the new cadence: - macos-26: PR + merge_group + push-to-main (with note on the 2026-04-28 duration verification that justified the move) - Windows: push-to-main / workflow_dispatch only (unchanged from prior, but no longer cross-references macos-26) Resolves both Copilot threads. Co-Authored-By: Claude Opus 4.7 --- .github/workflows/gate.yml | 43 +++++++++++++++++++++----------------- 1 file changed, 24 insertions(+), 19 deletions(-) diff --git a/.github/workflows/gate.yml b/.github/workflows/gate.yml index 3a027ec8..955e6c30 100644 --- a/.github/workflows/gate.yml +++ b/.github/workflows/gate.yml @@ -77,12 +77,16 @@ concurrency: jobs: # Dynamic matrix for build-and-test: pre-merge events (pull_request # and merge_group) get Linux production legs + macos-26 - # (developer-experience verification — duration-verified ~3 min total - # codeql.yml run on recent code-PR per maintainer 2026-04-28). Push-to-main / + # (developer-experience verification). Push-to-main / # workflow_dispatch additionally include the Windows experimental # legs. Standard GitHub-hosted runners are free for public repos so # all PR cadence has no cost downside. # + # Duration check (maintainer 2026-04-28): the original 25-min + # concern that pushed macos-26 to per-merge was an outlier. + # Recent build-and-test job durations are typically 1-3 min on + # cached runners — comfortably within PR-cadence budget. + # # Maintainer 2026-04-28: "mac is less than that too so we might as # wel move that back form per merge to per pr, i think that means # only low memory is per merge now." → macos-26 moves to PR cadence; @@ -142,30 +146,31 @@ jobs: # Reference: # https://github.blog/changelog/2026-01-22-1-vcpu-linux-runner-now-generally-available-in-github-actions/ # - # Per-merge experimental legs (maintainer 2026-04-27 — replaces - # the prior 2026-04-24 deferral so Windows infrastructure is - # mostly-ready when the peer-mode agent comes online): + # Per-merge experimental legs (maintainer 2026-04-27): # - windows-2025 Windows Server 2025 x64 (4 CPU, 16 GB) # - windows-11-arm Windows 11 arm64 (4 CPU, 16 GB) - # These run only on push-to-main / schedule / workflow_dispatch - # (not on PR — same cadence as macos-26). They carry - # `continue-on-error: true` because no PowerShell install script - # exists yet (`tools/setup/install.ps1` TBD); failures are - # visible-but-not-blocking until the peer-agent polishes the - # path. + # These run only on push-to-main / workflow_dispatch (not on PR). + # They carry `continue-on-error: true` because no PowerShell + # install script exists yet (`tools/setup/install.ps1` TBD); + # failures are visible-but-not-blocking until the peer-agent + # polishes the path. # # fail-fast: false so one leg's failure doesn't cancel the # others — we want the full signal across the matrix. # - # Per-PR / per-merge cadence split (maintainer 2026-04-27): - # - macos-26: developer-experience verification, NOT prod build. - # Runs only on push-to-main + schedule + workflow_dispatch. - # Same rationale as the Analyze (csharp) move below. + # Per-PR / per-merge cadence split (maintainer 2026-04-28): + # - macos-26: developer-experience verification. Runs on every + # PR + merge_group + push-to-main. Originally moved to + # per-merge over a 25-min duration concern; verified 2026-04-28 + # that recent gate.yml runs are well under that (typical + # build-and-test job is 1-3 min on cached runners), so back to + # PR cadence per maintainer ask. # - ubuntu-24.04 + ubuntu-24.04-arm: production build path; runs - # on every PR + push-to-main. - # The matrix is built dynamically by `matrix-setup` so PR runs - # only get the Linux legs while push-to-main / schedule / - # workflow_dispatch run all three. + # on every PR + merge_group + push-to-main. + # The matrix is built dynamically by `matrix-setup` so PR + + # merge_group runs include macos-26, while push-to-main / + # workflow_dispatch additionally include the Windows experimental + # legs. name: build-and-test (${{ matrix.os }}) timeout-minutes: 45 needs: matrix-setup