Skip to content

ci: reduce PR proptest cost, add Ubuntu-only full-strength crypto lane#87

Merged
EffortlessSteven merged 2 commits into
mainfrom
ci/reduce-proptest-cost
Apr 16, 2026
Merged

ci: reduce PR proptest cost, add Ubuntu-only full-strength crypto lane#87
EffortlessSteven merged 2 commits into
mainfrom
ci/reduce-proptest-cost

Conversation

@EffortlessSteven

@EffortlessSteven EffortlessSteven commented Apr 16, 2026

Copy link
Copy Markdown
Member

Summary

Split the shipper-encrypt proptest load into two lanes:

  • PR matrix (test, 3 OSes, every trigger): PROPTEST_CASES=16 + PROPTEST_MAX_SHRINK_ITERS=1000. No Argon2 tax on developer round-trips.
  • New crypto-proptests-heavy job (Ubuntu-only): runs just shipper-encrypt with PROPTEST_CASES=256. Triggers on schedule (nightly 03:00 UTC cron), push to main, and workflow_dispatch. Not on pull_request — opt in per-branch via dispatch if you want to exercise it against a PR.

Also:

  • coverage job pinned to PROPTEST_CASES=16 (llvm-cov instrumentation + Argon2 is worst-of-both; coverage signal doesn't need max-strength exploration).

Why

The Argon2-heavy crypto proptests in shipper-encrypt (derive_key_deterministic_prop, decrypt_truncated_ciphertext_always_fails_prop, double_encrypt_roundtrip_prop, each_encrypt_produces_unique_ciphertext, etc.) were costing 10–20 min per platform at PROPTEST_CASES=256 on every PR — paying the same proof three times on every round-trip, without proportional signal.

This PR gives you:

  • fast PR confidence (three OSes, reduced intensity)
  • deep crypto confidence (Ubuntu, full strength, on main push + nightly + dispatch)

which is the shape the repo wants at this stage of closeout.

Scope discipline

  • No proptest code changes.
  • No nextest.toml change — the stale profile.ci.junit.report-successful key is already gone (removed in ci: stabilize nextest across platforms #82); verified against current main.
  • Heavy lane is Ubuntu-only by design: the Rust-level crypto paths we exercise are platform-independent, and triplicating the full-strength run across Ubuntu/Windows/macOS on schedule would cost 30–60 min of cumulative wall time without proportional signal.

Follow-ups (not this PR)

  • Branch protection: if you want crypto-proptests-heavy to be a required check on main, configure it in repo settings — the workflow change alone doesn't make it required.

Test plan

  • This PR's own CI run completes materially faster on the three-OS test matrix than recent PRs (ci: stabilize nextest across platforms #82ci: isolate CARGO_HOME in preflight snapshot test #86).
  • coverage job wall-clock drops.
  • crypto-proptests-heavy does not run on this PR (it's pull_request-excluded by design).
  • After merge to main, the next push-to-main run executes crypto-proptests-heavy at PROPTEST_CASES=256 — verify via workflow log.
  • Next nightly cron (0 3 * * *) executes crypto-proptests-heavy — verify via workflow log.
  • Manual workflow_dispatch on any branch executes crypto-proptests-heavy at full strength — verify via workflow log.

The Argon2-heavy crypto proptests in `shipper-encrypt` (derive_key_*,
decrypt_truncated_*, double_encrypt_roundtrip_*, each_encrypt_produces_*)
were dominating wall-clock on the three-platform `test` matrix at
PROPTEST_CASES=256, costing 10-20 minutes per platform on every PR.

Split the case count by event:
- PR / push to main: 16 cases (fast developer feedback)
- schedule (nightly cron) / workflow_dispatch: 256 cases (full strength)

Also pin coverage to 16 cases unconditionally, since llvm-cov
instrumentation on top of Argon2 proptests is the worst-of-both and
coverage does not need max-strength property exploration.

No change to nextest config, no new jobs, no platform carve-out yet.
@gemini-code-assist

Copy link
Copy Markdown

Note

Gemini is unable to generate a review for this pull request due to the file types involved not being currently supported.

@coderabbitai

coderabbitai Bot commented Apr 16, 2026

Copy link
Copy Markdown

Warning

Rate limit exceeded

@EffortlessSteven has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 40 minutes and 5 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 40 minutes and 5 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: edff014b-c241-4384-a173-06a514b67dfd

📥 Commits

Reviewing files that changed from the base of the PR and between c202633 and a78f9e9.

📒 Files selected for processing (1)
  • .github/workflows/ci.yml

Walkthrough

The changes modify environment variables in CI workflow steps. PROPTEST_CASES now varies by trigger event in the test job (256 for scheduled/manual runs, 16 for push/PR). The coverage job gains environment variables to control property testing intensity and snapshot updates during code coverage generation.

Changes

Cohort / File(s) Summary
CI Workflow Configuration
.github/workflows/ci.yml
Modified PROPTEST_CASES to be event-dependent in test job (256 for schedule/workflow_dispatch, 16 for push/PR). Added env block to cargo llvm-cov step in coverage job setting INSTA_UPDATE="no" and PROPTEST_CASES="16".

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Poem

🐰 Hops excitedly
Our CI tests now smartly shift their pace,
Full strength for scheduled runs in their space!
But quick pushes get lighter hops instead—
Coverage runs swift without property's dread.
Efficiency blooms! thump thump 🌿

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check ✅ Passed The title clearly summarizes the main objective: reducing proptest cost on PRs while adding a full-strength crypto testing lane (Ubuntu-only).
Description check ✅ Passed The description is directly related to the changeset, providing clear rationale, scope discipline, and test plan for the CI workflow modifications.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch ci/reduce-proptest-cost

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Completes the PR-matrix / deep-lane split that the previous commit
on this branch stopped short of.

- `test` matrix (3 OSes, every trigger): PROPTEST_CASES=16 always.
  Drop the event-driven ternary; the matrix no longer carries the
  full-strength case count on any trigger. Also cap shrink iterations
  (PROPTEST_MAX_SHRINK_ITERS=1000) so failures surface fast.

- New `crypto-proptests-heavy` job: Ubuntu-only, runs just
  `shipper-encrypt` with PROPTEST_CASES=256. Gated on schedule,
  push-to-main, and workflow_dispatch. Not run on pull_request, so
  developer feedback stays fast; opt in per-branch via dispatch if
  needed.

Net effect:
- PR CI: three OSes at reduced intensity, no Argon2 tax.
- main push + nightly cron: full-strength crypto proof on Ubuntu.
- workflow_dispatch: full-strength on demand against any ref.

Rationale for Ubuntu-only heavy lane: crypto correctness is
platform-independent at the Rust layer we exercise here, and the
three-OS cost for full proptests was 30-60 min of cumulative wall
time every PR without proportional signal.

Note on the stale `profile.ci.junit.report-successful` nextest key:
already removed on main (see #82). No change needed to nextest.toml.
@EffortlessSteven EffortlessSteven changed the title ci: fast-path shipper-encrypt proptests on PR matrix ci: reduce PR proptest cost, add Ubuntu-only full-strength crypto lane Apr 16, 2026
@EffortlessSteven EffortlessSteven marked this pull request as draft April 16, 2026 08:28
@EffortlessSteven

Copy link
Copy Markdown
Member Author

Deferring this PR: current main is the release-candidate baseline for the first crates.io publish wave. Per the closeout plan, no mainline changes (including this CI topology change) should land before that wave completes.

Queued for re-ready after first successful crates.io train. The Option B design stands; nothing needs to change on the branch in the meantime. Marking as draft.

@codecov

codecov Bot commented Apr 16, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@EffortlessSteven EffortlessSteven marked this pull request as ready for review April 16, 2026 09:11
@EffortlessSteven EffortlessSteven merged commit ee8dc5d into main Apr 16, 2026
20 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant