ci: architecture-guard .rs filter + drop stale fuzz target#85
Conversation
The architecture-guard job uses grep -rE to assert that lower layers
don't import upward. Without --include='*.rs', grep also scans the
per-layer CLAUDE.md files — which, for documentation purposes, explicitly
list the forbidden import patterns ('use crate::engine::...' etc.) as
examples of what NOT to do.
That's enough to flip the guard red on every push to main, even though
no .rs file actually violates the rule. Filter the grep to .rs files for
each of the four layer checks (ops, runtime, state, plan).
Verified locally that all four per-layer greps report clean on main.
|
Warning You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again! |
|
Warning Rate limit exceeded
Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 12 minutes and 12 seconds. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (2)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Summary
Two latent CI hygiene issues that would keep main red or fail post-launch:
1.
architecture-guardfalse positive onCLAUDE.mdThe job uses
grep -rEto assert lower layers don't import upward. Without--include='*.rs', grep also scans the per-layerCLAUDE.mddocs — which list the forbidden import patterns (use crate::engine::..., etc.) as examples of what NOT to do. That's enough to flip the guard red on every push.Fix: add
--include='*.rs'to each of the four layer greps (ops,runtime,state,plan).2. Nightly
fuzz.ymlstill lists deletedpolicy_effectstargetSame class of stale reference as the PR
Fuzz Smokelane fixed in #83:policy_effectswas deleted whenshipper-policywas absorbed intoshipper::runtime::policy(commit54dbadf). The nightly fuzz matrix still references it and would fail every scheduled run at 3 AM UTC.Verification
Per-layer local greps on
mainwith the new filter:opsuse crate::(engine|plan|state|runtime)::runtimeuse crate::(engine|plan|state)::stateuse crate::(engine|plan)::planuse crate::engine::Test plan
architecture-guard / forbid upward layer importsgreen on this PRFuzzworkflow run doesn't fail on missingpolicy_effects