xtask: add cratesio install smoke#580
Conversation
Adds `cargo xtask cratesio-smoke` to prove the published-manifest view
of `uselesskey`: a downstream consumer with no path dependencies on
this workspace can pull the crate from crates.io (or a local path),
compile against the public facade, build a binary, and run the
`uselesskey-cli` bundle workflow end-to-end.
Why this proves the external user view
--------------------------------------
v0.7.0 closeout exposed that the in-repo workspace tests cannot catch
failure classes a downstream consumer would hit first:
- Published-manifest drift (path-only deps leaking into a release
package, version fields out of sync).
- Missing crates.io dependency entries.
- Feature-flag drift between in-workspace and published surface.
- `cargo install uselesskey-cli` failing on a fresh cargo cache.
The smoke materializes a fresh binary crate under
`target/xtask/cratesio-smoke/` (gitignored), depends on `uselesskey`
with the curated `rsa,jwk,token` feature set, runs `cargo check` and
`cargo build`, executes the built binary, and then installs
`uselesskey-cli` to a sandbox root and exercises
`bundle --profile scanner-safe` -> `verify-bundle` -> `inspect-bundle`.
Modes
-----
--path . : pre-publish, offline-safe, exercises the
local workspace as if it were crates.io
--version 0.7.1 : post-publish, network-bound, exercises the
actual crates.io release (becomes useful
once v0.7.1 lands)
--skip-install-cli : CI cost lever — skips the expensive
`cargo install` step while keeping the
facade smoke
The project skeleton is hand-rolled rather than created via
`cargo init` so the parent workspace's Cargo.toml is never mutated as
a side effect.
Notes
-----
- `--version 0.7.1` cannot be wired into CI until v0.7.1 ships; the
command is implemented now so the publish workflow can adopt it the
moment the version is live.
- `--path .` mode does not touch the network and is safe for
airgapped CI.
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
|
Warning You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again! |
|
Warning Rate limit exceeded
You’ve run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (1)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Why patch mode
==============
v0.7.0 ran the full minor-release evidence lane, including expensive
gates like `cargo xtask mutants-nightly --scope public`, the broad
perf suite, and new product profile proofs. That investment is right
for a minor release that changes the user-facing platform.
v0.7.1 is different: it hardens release tooling and the user install
path without changing public behavior. It only needs confidence that
release-system gates and the user path still work. Running the full
minor lane on every patch wastes CI time and dulls the signal of the
minor lane itself.
What the patch lane runs
========================
`cargo xtask release-evidence --version <V> --patch [--summary]`
selects `release_evidence_steps_patch()` which runs 10 focused steps:
1. `public-surface` — re-confirm exported API
2. `check-file-policy` — non-Rust file allowlist
3. `publish-preflight` — metadata + cargo package --no-verify
4. `publish-check` — ordered publish dry-runs (includes
topology guard from #572 and
publish=false dep guard from #578)
5. `scanner-safe-reference --check` (#577) — scanner reference paths
6. `cratesio-smoke --path . --skip-install-cli` (#580) — user path
7. `docs-sync --check` — docs are in sync with code
8. `no-blob` — no secret-shaped blobs in test paths
9. `examples-smoke` — examples still compile / run
10. `impacted-evidence --base origin/main` — change-impact routing
What it deliberately omits
==========================
- `mutants-nightly --scope public` — full nightly mutation runs
against `main` on schedule; targeted mutation already runs through
`cargo xtask pr` when `impacted-evidence` flags the change.
- broad perf suite (`perf --compare`) — patch releases should not
shift baselines; if they do, escalate to the minor lane.
- new product profile proofs (scanner-safe bundle, OIDC contract
pack) — patch releases are not the venue to re-prove new profiles.
Receipt shape
=============
`ReleaseEvidenceReceipt` gains a `lane_mode` field (`"minor"` or
`"patch"`). The existing `lane: "release-evidence"` string is
preserved for backward compatibility with anything consuming the
shape; only the new field distinguishes the two lanes. The
release-evidence markdown gains a `Mode:` line; the summary opens
with a "Patch-mode evidence lane" callout when patch is set and
swaps the v0.7.0-specific gate table for the patch step list.
Tests
=====
- `release_evidence_patch_step_list_excludes_mutants_nightly`
- `release_evidence_minor_step_list_includes_mutants_nightly`
- `release_evidence_patch_step_list_includes_scanner_safe_reference`
- `release_evidence_patch_step_list_includes_cratesio_smoke`
- `release_evidence_patch_receipt_records_patch_mode`
- `release_evidence_patch_summary_announces_patch_lane`
Minor-lane callers (`release-evidence --version X [--summary]` with
no `--patch`) are unchanged in behavior and continue to run the
full 15-step lane.
Why
v0.7.0 closeout surfaced a gap: the internal workspace tests prove
the in-repo view of
uselesskey, but they cannot catch failures adownstream consumer would hit first. Specifically:
packages, version fields out of sync).
cargo install uselesskey-clifailing on a fresh cargo cache.This PR adds the missing "outside-the-workspace" smoke: a fresh
binary crate that depends on
uselesskeyeither from crates.io or alocal path, compiles against the public facade, runs the resulting
binary, and exercises the
uselesskey-clibundle workflowend-to-end.
What
New subcommand
cargo xtask cratesio-smokewith three flags:--path <DIR>(pre-publish, offline-safe) — depend onuselesskeyfrom a local workspace, useful before a release landson crates.io.
--path .resolves the current workspace.--version <X>(post-publish, network-bound) — depend on theactual crates.io release. Mutually exclusive with
--path.--skip-install-cli— CI cost lever; skips thecargo install uselesskey-clistep while keeping the facadesmoke.
The smoke:
target/xtask/cratesio-smoke/smoke-app/(gitignored). Theproject skeleton is hand-rolled so the parent workspace's
Cargo.toml is never mutated as a side effect of
cargo init.uselesskeywith featuresrsa,jwk,tokenviacargo add.main.rsthat exercisesFactory,RsaFactoryExt,TokenFactoryExt, and the JWK pipeline.cargo check, thencargo build, then executes the builtbinary.
uselesskey-cliinto<temp>/cli-root/with--lockedand runs
bundle --profile scanner-safe -> verify-bundle -> inspect-bundle, asserting each step exits 0.Mutual exclusion is enforced at the clap layer; the runtime guard
also rejects the "neither flag supplied" case with a clear error.
v0.7.1 plan
This is PR 4 of the v0.7.1 publish-system hardening series (PRs 1-3
and 6 already merged).
--version 0.7.1is the post-publish modeand only becomes runnable once v0.7.1 lands on crates.io; the
implementation is ready now so the release workflow can adopt it
immediately.
Test plan
cargo build -p xtasksucceedscargo test -p xtask cratesio_smokepasses (clap-validationunit test covers bare invocation, mutual exclusion, both happy
paths, and
--skip-install-clipropagation)cargo xtask cratesio-smoke --path . --skip-install-clisucceeds end-to-end (facade smoke without CLI install)
cargo xtask cratesio-smoke --path .succeeds end-to-end(facade smoke +
cargo install uselesskey-cli+ bundle /verify-bundle / inspect-bundle workflow)
cargo fmt --check -p xtaskcleancargo clippy -p xtask --all-targets -- -D warningsclean