Conversation
Adds the Garnet network-monitoring action to the smoke test job, the release workflow, and the npm tag workflow. The full CI test matrix is left untouched to keep per-job overhead off the broad cross-platform runs; the smoke test still exercises a representative install/test flow.
📝 WalkthroughWalkthroughGitHub Actions workflows across the repository are updated to integrate Garnet CI/CD functionality. The reusable test workflow declares a new ChangesGarnet Integration Across CI/CD Workflows
Estimated code review effort🎯 2 (Simple) | ⏱️ ~8 minutes Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
🧹 Nitpick comments (1)
.github/workflows/update-latest.yml (1)
21-23: ⚡ Quick winConsider fail-open for monitoring to avoid blocking release tagging.
garnet-org/action is a runtime monitoring/profiling tool that runs before the npm dist-tag operations. A transient monitoring outage shouldn't block critical release operations or the downstream publish-to-winget, post-to-reddit, and post-to-mastodon jobs. Adding
continue-on-error: truedecouples monitoring from release flow.Proposed change
- uses: garnet-org/action@9e819143e63d6dda04bca2e90ac85e3cf0e5289d # v2 + continue-on-error: true with: api_token: ${{ secrets.GARNET_API_TOKEN }}🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.github/workflows/update-latest.yml around lines 21 - 23, The garnet-org/action step (the line starting with "uses: garnet-org/action@9e819143e63d6dda04bca2e90ac85e3cf0e5289d") can block release tagging on transient failures; update that job step to be fail-open by adding continue-on-error: true to the step definition (keep the existing with: api_token: ${{ secrets.GARNET_API_TOKEN }} block intact) so monitoring failures don't prevent downstream publish-to-winget, post-to-reddit, and post-to-mastodon jobs from running.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Nitpick comments:
In @.github/workflows/update-latest.yml:
- Around line 21-23: The garnet-org/action step (the line starting with "uses:
garnet-org/action@9e819143e63d6dda04bca2e90ac85e3cf0e5289d") can block release
tagging on transient failures; update that job step to be fail-open by adding
continue-on-error: true to the step definition (keep the existing with:
api_token: ${{ secrets.GARNET_API_TOKEN }} block intact) so monitoring failures
don't prevent downstream publish-to-winget, post-to-reddit, and post-to-mastodon
jobs from running.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro Plus
Run ID: 7aa238ab-4e5b-41e9-8df1-ed6f5d734abb
📒 Files selected for processing (4)
.github/workflows/ci.yml.github/workflows/release.yml.github/workflows/test.yml.github/workflows/update-latest.yml
📜 Review details
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
- GitHub Check: copilot-pull-request-reviewer
- GitHub Check: Analyze (javascript)
- GitHub Check: Compile & Lint
🔇 Additional comments (3)
.github/workflows/test.yml (1)
12-18: LGTM!Also applies to: 42-45
.github/workflows/ci.yml (1)
45-47: ⚡ Quick win[Your rewritten review comment text here]
[Exactly ONE classification tag].github/workflows/release.yml (1)
27-29: ⚡ Quick winReview comment is inaccurate. The garnet-org/action v2 already implements fail-open behavior and cannot block release execution. The action's
main.jswraps therun()function in a try-catch that logs a warning on any error and continues execution without callingcore.setFailed(). Addingcontinue-on-error: trueis unnecessary.> Likely an incorrect or invalid review comment.
Summary
Wires the Garnet network-monitoring action into the workflows that touch publish/tag credentials or run a representative install/test:
ci.yml— runs on thetest-smokejob only. The full cross-platform/Node-version test matrix is intentionally excluded so the per-job overhead doesn't multiply across the matrix; the smoke job already exercises a representative install/test path.test.yml— gains an optionalgarnetboolean input (defaults tofalse) and an optionalGARNET_API_TOKENsecret in theworkflow_call:interface, so callers opt in explicitly. Secrets are passed explicitly fromci.ymlrather than viasecrets: inherit.release.yml— runs on thereleasejob, which performs the npm publishes (both trusted-publishing OIDC steps and the static-token step).update-latest.yml— runs on thetag-in-registryjob, which mutates npm dist-tags. The post-* notification jobs (winget/reddit/mastodon) are not instrumented.The action is pinned by SHA with a
# v2comment, matching the repo's existing pinning convention.Test plan
mainshows the garnet step running ontest-smokeand skipped on the rest of the test matrixrelease.ymlwithout blocking publishtag-in-registryjobWritten by an agent (Claude Code, claude-opus-4-7).
Summary by CodeRabbit