Skip to content

Commit e9d4cb2

Browse files
vincentkocvincentkoc
authored
chore(ci): add memory CodeQL PR quality guard
Adds the memory runtime quality shard to the PR CodeQL guard while preserving provider/plugin overlap only for the memory files that share those contracts.
1 parent c259a90 commit e9d4cb2

2 files changed

Lines changed: 31 additions & 3 deletions

File tree

.github/workflows/codeql-critical-quality.yml

Lines changed: 29 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ on:
1212
- all
1313
- channel-runtime-boundary
1414
- gateway-runtime-boundary
15+
- memory-runtime-boundary
1516
- mcp-process-runtime-boundary
1617
- plugin-boundary
1718
- plugin-sdk-package-contract
@@ -25,13 +26,17 @@ on:
2526
- ".github/workflows/codeql-critical-quality.yml"
2627
- "packages/plugin-package-contract/**"
2728
- "packages/plugin-sdk/**"
29+
- "packages/memory-host-sdk/**"
2830
- "src/channels/**"
2931
- "src/auto-reply/reply/post-compaction-context.ts"
3032
- "src/auto-reply/reply/queue/**"
3133
- "src/auto-reply/reply/startup-context.ts"
34+
- "src/commands/doctor-cron-dreaming-payload-migration.ts"
35+
- "src/commands/doctor-memory-search.ts"
3236
- "src/commands/doctor-session-*.ts"
3337
- "src/commands/session-store-targets.ts"
3438
- "src/commands/sessions*.ts"
39+
- "src/gateway/server-startup-memory.ts"
3540
- "src/gateway/method-scopes.ts"
3641
- "src/gateway/protocol/**"
3742
- "src/gateway/server-methods/**"
@@ -42,6 +47,8 @@ on:
4247
- "src/infra/outbound/**"
4348
- "src/infra/session-delivery-queue*.ts"
4449
- "src/logging/diagnostic*.ts"
50+
- "src/memory/**"
51+
- "src/memory-host-sdk/**"
4552
- "src/mcp/**"
4653
- "src/model-catalog/**"
4754
- "src/plugin-sdk/**"
@@ -71,6 +78,7 @@ jobs:
7178
outputs:
7279
channel: ${{ steps.detect.outputs.channel }}
7380
gateway: ${{ steps.detect.outputs.gateway }}
81+
memory: ${{ steps.detect.outputs.memory }}
7482
mcp_process: ${{ steps.detect.outputs.mcp_process }}
7583
plugin: ${{ steps.detect.outputs.plugin }}
7684
plugin_sdk_package: ${{ steps.detect.outputs.plugin_sdk_package }}
@@ -90,6 +98,7 @@ jobs:
9098
9199
channel=false
92100
gateway=false
101+
memory=false
93102
mcp_process=false
94103
plugin=false
95104
plugin_sdk_package=false
@@ -100,6 +109,7 @@ jobs:
100109
if [[ "${EVENT_NAME}" != "pull_request" ]]; then
101110
channel=true
102111
gateway=true
112+
memory=true
103113
mcp_process=true
104114
plugin=true
105115
plugin_sdk_package=true
@@ -112,6 +122,7 @@ jobs:
112122
.github/codeql/*|.github/workflows/codeql-critical-quality.yml)
113123
channel=true
114124
gateway=true
125+
memory=true
115126
mcp_process=true
116127
plugin=true
117128
plugin_sdk_package=true
@@ -128,6 +139,9 @@ jobs:
128139
src/gateway/method-scopes.ts|src/gateway/protocol/*|src/gateway/server-methods/*|src/gateway/server-methods.ts|src/gateway/server-methods-list.ts)
129140
gateway=true
130141
;;
142+
packages/memory-host-sdk/*|src/commands/doctor-cron-dreaming-payload-migration.ts|src/commands/doctor-memory-search.ts|src/gateway/server-startup-memory.ts|src/memory/*|src/memory-host-sdk/*)
143+
memory=true
144+
;;
131145
src/infra/outbound/base-session-key.ts|src/infra/outbound/delivery-queue*.ts|src/infra/outbound/outbound-session.ts|src/infra/outbound/session-binding*.ts|src/infra/outbound/session-context.ts|src/infra/outbound/targets-session.ts)
132146
mcp_process=true
133147
session_diagnostics=true
@@ -140,6 +154,11 @@ jobs:
140154
plugin_sdk_package=true
141155
plugin_sdk_reply=true
142156
;;
157+
src/plugin-sdk/memory-*.ts|src/plugin-sdk/memory-core-host-*.ts)
158+
memory=true
159+
plugin=true
160+
plugin_sdk_package=true
161+
;;
143162
src/plugin-sdk/*)
144163
plugin=true
145164
plugin_sdk_package=true
@@ -148,6 +167,13 @@ jobs:
148167
plugin=true
149168
provider=true
150169
;;
170+
src/plugins/memory-embedding-provider*.ts|src/plugins/memory-embedding-providers*.ts)
171+
memory=true
172+
provider=true
173+
;;
174+
src/plugins/memory-*.ts)
175+
memory=true
176+
;;
151177
src/model-catalog/*|src/plugins/*provider*.ts|src/plugins/capability-provider-runtime.ts|src/plugins/compaction-provider.ts|src/plugins/memory-embedding-provider*.ts|src/plugins/memory-embedding-providers*.ts|src/plugins/migration-provider-runtime.ts|src/plugins/synthetic-auth.runtime.ts|src/plugins/web-fetch-providers*.ts|src/plugins/web-search-providers*.ts)
152178
provider=true
153179
;;
@@ -164,6 +190,7 @@ jobs:
164190
{
165191
echo "channel=${channel}"
166192
echo "gateway=${gateway}"
193+
echo "memory=${memory}"
167194
echo "mcp_process=${mcp_process}"
168195
echo "plugin=${plugin}"
169196
echo "plugin_sdk_package=${plugin_sdk_package}"
@@ -309,7 +336,8 @@ jobs:
309336

310337
memory-runtime-boundary:
311338
name: Critical Quality (memory-runtime-boundary)
312-
if: ${{ github.event_name != 'pull_request' && (github.event_name != 'workflow_dispatch' || inputs.profile == 'all') }}
339+
needs: quality-shards
340+
if: ${{ needs.quality-shards.outputs.memory == 'true' && (github.event_name != 'pull_request' || !github.event.pull_request.draft) && (github.event_name == 'pull_request' || github.event_name != 'workflow_dispatch' || inputs.profile == 'all' || inputs.profile == 'memory-runtime-boundary') }}
313341
runs-on: blacksmith-4vcpu-ubuntu-2404
314342
timeout-minutes: 25
315343
steps:

docs/ci.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -335,12 +335,12 @@ The pull request guard stays light: it only starts for changes under `.github/ac
335335

336336
### Critical Quality categories
337337

338-
`CodeQL Critical Quality` is the matching non-security shard. It runs only error-severity, non-security JavaScript/TypeScript quality queries over narrow high-value surfaces on the smaller Blacksmith Linux runner. Its pull request guard is intentionally smaller than the scheduled profile: non-draft PRs only run the matching `channel-runtime-boundary`, `gateway-runtime-boundary`, `mcp-process-runtime-boundary`, `provider-runtime-boundary`, `session-diagnostics-boundary`, `plugin-boundary`, `plugin-sdk-package-contract`, and `plugin-sdk-reply-runtime` shards for channel runtime, gateway protocol/server-method, MCP/process/outbound delivery, provider runtime/model catalog, session diagnostics/delivery queues, plugin loader, Plugin SDK/package-contract, or Plugin SDK reply runtime changes. CodeQL config and quality workflow changes run all eight PR quality shards.
338+
`CodeQL Critical Quality` is the matching non-security shard. It runs only error-severity, non-security JavaScript/TypeScript quality queries over narrow high-value surfaces on the smaller Blacksmith Linux runner. Its pull request guard is intentionally smaller than the scheduled profile: non-draft PRs only run the matching `channel-runtime-boundary`, `gateway-runtime-boundary`, `memory-runtime-boundary`, `mcp-process-runtime-boundary`, `provider-runtime-boundary`, `session-diagnostics-boundary`, `plugin-boundary`, `plugin-sdk-package-contract`, and `plugin-sdk-reply-runtime` shards for channel runtime, gateway protocol/server-method, memory runtime/SDK glue, MCP/process/outbound delivery, provider runtime/model catalog, session diagnostics/delivery queues, plugin loader, Plugin SDK/package-contract, or Plugin SDK reply runtime changes. CodeQL config and quality workflow changes run all nine PR quality shards.
339339

340340
Manual dispatch accepts:
341341

342342
```
343-
profile=all|channel-runtime-boundary|gateway-runtime-boundary|mcp-process-runtime-boundary|plugin-boundary|plugin-sdk-package-contract|plugin-sdk-reply-runtime|provider-runtime-boundary|session-diagnostics-boundary
343+
profile=all|channel-runtime-boundary|gateway-runtime-boundary|memory-runtime-boundary|mcp-process-runtime-boundary|plugin-boundary|plugin-sdk-package-contract|plugin-sdk-reply-runtime|provider-runtime-boundary|session-diagnostics-boundary
344344
```
345345

346346
The narrow profiles are teaching/iteration hooks for running one quality shard in isolation.

0 commit comments

Comments
 (0)