Skip to content

fix(ci): debounce canonical main runner admission#95681

Merged
vincentkoc merged 3 commits into
mainfrom
ci-admission-debounce-v2
Jun 22, 2026
Merged

fix(ci): debounce canonical main runner admission#95681
vincentkoc merged 3 commits into
mainfrom
ci-admission-debounce-v2

Conversation

@vincentkoc

Copy link
Copy Markdown
Member

Summary

  • add a hosted 90-second admission window before canonical main CI reaches Blacksmith
  • let the existing main concurrency cancellation drop superseded pushes before runner registration
  • document and guard the CI graph dependency

Verification

  • node scripts/run-vitest.mjs test/scripts/ci-workflow-guards.test.ts
  • 25 tests passed
  • git diff --check

This keeps PR and manual CI immediate; only canonical main pushes sleep.

@openclaw-barnacle openclaw-barnacle Bot added docs Improvements or additions to documentation size: XS maintainer Maintainer-authored PR labels Jun 22, 2026
@vincentkoc vincentkoc marked this pull request as ready for review June 22, 2026 07:00
@clawsweeper

clawsweeper Bot commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

Codex review: needs maintainer review before merge. Reviewed June 22, 2026, 4:10 AM ET / 08:10 UTC.

Summary
The PR adds a GitHub-hosted runner-admission job that sleeps before preflight and security-fast only for canonical main pushes, then updates CI docs and workflow guard coverage.

PR surface: Tests +16, Docs +13, Config +22. Total +51 across 3 files.

Reproducibility: not applicable. this is a maintainer CI workflow change rather than a user bug report. Source inspection and PR CI logs prove the PR path takes the no-op admission branch; the real canonical-main sleep path is only observable on main.

Review metrics: 1 noteworthy metric.

  • CI Admission Gates: 1 added job, 2 root jobs gated. This quantifies the automation behavior change: the Blacksmith matrix waits behind one hosted admission job while PR and manual paths stay effectively immediate.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🌊 off-meta tidepool
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

  • [P2] Resolve or explicitly accept the current checks-node-core-fast failure before merge.
  • After landing, watch the first canonical main CI push to confirm superseded runs cancel before Blacksmith admission.

Risk before merge

  • [P1] The canonical main push sleep-and-cancel behavior cannot be fully exercised by PR CI because the branch is not refs/heads/main; the first post-merge main push should be watched for cancellation before Blacksmith registration.
  • [P1] Exact-head CI currently has a checks-node-core-fast plugin SDK surface budget failure that appears outside the touched files, so merge should still wait for green CI or an owner-accepted rerun/override.

Maintainer options:

  1. Land With Post-Merge Main-CI Monitoring (recommended)
    Accept the 90-second canonical-main admission debounce once required checks are green or explicitly accepted, then watch the first main push to confirm superseded runs cancel before Blacksmith registration.

Next step before merge

  • [P2] No repair lane is appropriate; the remaining action is maintainer CI/merge-gate handling for a protected maintainer workflow change.

Security
Cleared: The workflow diff adds a fixed shell sleep and read-only permissions without new third-party actions, secrets access, dependency sources, or broadened token scope.

Review details

Best possible solution:

Land the hosted debounce only after exact-head CI is acceptable, then keep the documented runner-admission graph and monitor the first main push to confirm the intended cancellation behavior.

Do we have a high-confidence way to reproduce the issue?

Not applicable: this is a maintainer CI workflow change rather than a user bug report. Source inspection and PR CI logs prove the PR path takes the no-op admission branch; the real canonical-main sleep path is only observable on main.

Is this the best way to solve the issue?

Yes, this is a narrow workflow-layer solution: it gates the two root CI jobs that can register Blacksmith work, while downstream jobs already depend on preflight. The safer remaining step is operational proof after merge, not a different code shape.

AGENTS.md: found and applied where relevant.

Codex review notes: model internal, reasoning high; reviewed against d3f7f7d1fc91.

Label changes

Label changes:

  • add P2: This is a normal-priority CI automation improvement with limited product blast radius but meaningful maintainer operational impact.
  • add merge-risk: 🚨 automation: The diff changes the main CI workflow graph and intentionally delays canonical main runner admission, which green PR checks cannot fully prove for the real main-push path.
  • add rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🌊 off-meta tidepool and patch quality is 🐚 platinum hermit.
  • add status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Not applicable: The contributor proof gate does not apply because this is a repository-member, maintainer-labeled PR; PR CI still shows the non-main admission branch executing successfully.

Label justifications:

  • P2: This is a normal-priority CI automation improvement with limited product blast radius but meaningful maintainer operational impact.
  • merge-risk: 🚨 automation: The diff changes the main CI workflow graph and intentionally delays canonical main runner admission, which green PR checks cannot fully prove for the real main-push path.
  • rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🌊 off-meta tidepool and patch quality is 🐚 platinum hermit.
  • status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Not applicable: The contributor proof gate does not apply because this is a repository-member, maintainer-labeled PR; PR CI still shows the non-main admission branch executing successfully.
Evidence reviewed

PR surface:

Tests +16, Docs +13, Config +22. Total +51 across 3 files.

View PR surface stats
Area Files Added Removed Net
Source 0 0 0 0
Tests 1 16 0 +16
Docs 1 39 26 +13
Config 1 22 0 +22
Generated 0 0 0 0
Other 0 0 0 0
Total 3 77 26 +51

What I checked:

  • Protected maintainer PR: Live PR metadata shows author association MEMBER and labels docs, maintainer, and size: XS, so cleanup close is not appropriate under the review policy. (d4b0c7d552fa)
  • Admission job and graph gate: The PR head adds runner-admission on ubuntu-24.04, sleeps from a workflow-local 90-second env only for canonical main pushes, and makes both root Blacksmith jobs depend on it. (.github/workflows/ci.yml:44, d4b0c7d552fa)
  • Downstream Blacksmith jobs remain behind preflight: A PR-head workflow scan shows all other CI jobs with Blacksmith runner expressions depend on preflight, so gating preflight and security-fast covers the main matrix registration path without adding per-matrix sleeps. (.github/workflows/ci.yml:524, d4b0c7d552fa)
  • Docs align with workflow behavior: The docs now describe the 90-second hosted admission window, preserved PR/manual immediacy, and fail-fast order with runner-admission first. Public docs: docs/ci.md. (docs/ci.md:11, d4b0c7d552fa)
  • Workflow guard coverage: The added test asserts the hosted runner, canonical-main condition, 90-second env, dependency edges, and existing main/pull-request cancellation expression. (test/scripts/ci-workflow-guards.test.ts:121, d4b0c7d552fa)
  • PR-path live CI proof: The latest PR CI run executed runner-admission on the hosted runner and took the non-main no-op branch, then preflight and security-fast completed successfully after that dependency. (.github/workflows/ci.yml:54, d4b0c7d552fa)

Likely related people:

  • vincentkoc: Git blame and history show Vincent Koc authored the current CI concurrency/preflight/security-fast structure and recent runner-sizing guard work, and the current PR continues that same CI graph area. (role: recent CI workflow contributor; confidence: high; commits: 536c8a840bda, 7d3bc4d944cd, d4b0c7d552fa; files: .github/workflows/ci.yml, docs/ci.md, test/scripts/ci-workflow-guards.test.ts)
What the crustacean ranks mean
  • 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
  • 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
  • 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
  • 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
  • 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
  • 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
  • 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works
  • ClawSweeper keeps one durable marker-backed review comment per issue or PR.
  • Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
  • A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
  • PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
  • Maintainers can also comment @clawsweeper review to request a fresh review only.
  • Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
  • Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
  • Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

@clawsweeper clawsweeper Bot added rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR. P2 Normal backlog priority with limited blast radius. merge-risk: 🚨 automation 🚨 May affect CI, automerge, proof capture, label sync, or maintainer automation. labels Jun 22, 2026
@openclaw-barnacle openclaw-barnacle Bot added scripts Repository scripts size: M and removed size: XS labels Jun 22, 2026
@vincentkoc vincentkoc merged commit 607b2e9 into main Jun 22, 2026
77 of 79 checks passed
@vincentkoc vincentkoc deleted the ci-admission-debounce-v2 branch June 22, 2026 08:56
github-actions Bot pushed a commit to Desicool/openclaw that referenced this pull request Jun 23, 2026
Compacts canonical pull request CI to 18 bounded Node jobs, preserves isolated subprocess execution, and delays canonical main runner admission to smooth GitHub runner-registration bursts.

Verification: focused CI planner/workflow tests passed; fresh autoreview clean. Hosted CI had two pre-existing runtime-config failures on the current main baseline; merged with explicit maintainer override.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

docs Improvements or additions to documentation maintainer Maintainer-authored PR merge-risk: 🚨 automation 🚨 May affect CI, automerge, proof capture, label sync, or maintainer automation. P2 Normal backlog priority with limited blast radius. rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. scripts Repository scripts size: M status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant