OpenVibeCoding/.github/workflows/continuous-governance.yml at 7a22833413e4120e1aa5c5c5633562f483787cfa · xiaojiou176-open/OpenVibeCoding · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
name: Continuous Governance

on:
  workflow_dispatch:
    inputs:
      mode:
        description: Run mode for continuous governance
        required: true
        type: choice
        options:
          - quick
          - full
        default: quick
      streak_windows:
        description: Recent streak windows CSV (e.g. 7,14)
        required: true
        default: "7,14"
        type: string
      streak_strict:
        description: Fail when recent run history is insufficient
        required: true
        default: true
        type: boolean
  schedule:
    # Daily run (Tuesday-Sunday): 03:00 UTC
    - cron: "0 3 * * 0,2-6"
    # Nightly full run: Monday 03:00 UTC
    - cron: "0 3 * * 1"

permissions:
  contents: read

concurrency:
  group: continuous-governance-${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  continuous-governance:
    name: Continuous Governance Ops
    runs-on: ubuntu-24.04
    timeout-minutes: 60

    permissions:
      contents: read
      actions: write

    steps:
      - name: Initialize Runner Tool Cache Env
        run: |
          echo "AGENT_TOOLSDIRECTORY=${RUNNER_TEMP}/hostedtoolcache-${GITHUB_JOB}-${GITHUB_RUN_ID}-${GITHUB_RUN_ATTEMPT}" >> "${GITHUB_ENV}"
          echo "RUNNER_TOOL_CACHE=${RUNNER_TEMP}/hostedtoolcache-${GITHUB_JOB}-${GITHUB_RUN_ID}-${GITHUB_RUN_ATTEMPT}" >> "${GITHUB_ENV}"

      - name: Repair Workspace Ownership
        run: |
          if [[ -d "${GITHUB_WORKSPACE}" ]]; then
            sudo chown -R "$(id -u):$(id -g)" "${GITHUB_WORKSPACE}" || true
          fi

      - name: Checkout
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
        with:
          persist-credentials: false
          clean: true

      - name: Resolve Continuous Governance Lane Inputs
        id: resolve
        env:
          EVENT_NAME: ${{ github.event_name }}
          EVENT_SCHEDULE: ${{ github.event.schedule || '' }}
          INPUT_MODE: ${{ inputs.mode || 'quick' }}
          INPUT_STREAK_WINDOWS: ${{ inputs.streak_windows || '7,14' }}
          INPUT_STREAK_STRICT: ${{ inputs.streak_strict || 'true' }}
        run: |
          set -euo pipefail
          MODE="quick"
          STREAK_WINDOWS="7,14"
          STREAK_STRICT="1"

          if [[ "${EVENT_NAME}" == "workflow_dispatch" ]]; then
            MODE="${INPUT_MODE}"
            STREAK_WINDOWS="${INPUT_STREAK_WINDOWS}"
            if [[ "${INPUT_STREAK_STRICT}" == "true" ]]; then
              STREAK_STRICT="1"
            else
              STREAK_STRICT="0"
            fi
          elif [[ "${EVENT_NAME}" == "schedule" && "${EVENT_SCHEDULE}" == "0 3 * * 1" ]]; then
            MODE="full"
          fi

          {
            echo "mode=${MODE}"
            echo "streak_windows=${STREAK_WINDOWS}"
            echo "streak_strict=${STREAK_STRICT}"
          } >> "${GITHUB_OUTPUT}"

      - name: Run Continuous Governance Lane via docker_ci
        env:
          GH_TOKEN: ${{ github.token }}
          RUN_ID: continuous_governance_${{ github.run_id }}_${{ github.run_attempt }}
          MODE: ${{ steps.resolve.outputs.mode }}
          STREAK_WINDOWS: ${{ steps.resolve.outputs.streak_windows }}
          STREAK_STRICT: ${{ steps.resolve.outputs.streak_strict }}
        run: |
          set -euo pipefail
          sudo -E bash scripts/docker_ci.sh lane continuous-governance \
            --mode "${MODE}" \
            --streak-windows "${STREAK_WINDOWS}" \
            --streak-strict "${STREAK_STRICT}" \
            --run-id "${RUN_ID}"

      - name: Publish Streak Trend Summary
        if: always()
        env:
          RUN_ID: continuous_governance_${{ github.run_id }}_${{ github.run_attempt }}
        run: |
          SUMMARY_FILE=".runtime-cache/test_output/continuous_governance/${RUN_ID}/recent_streak_summary.md"
          if [[ -f "$SUMMARY_FILE" ]]; then
            cat "$SUMMARY_FILE" >> "$GITHUB_STEP_SUMMARY"
          else
            echo "### Continuous Governance Trend Score" >> "$GITHUB_STEP_SUMMARY"
            echo "- recent_streak_summary.md not found for run_id=${RUN_ID}" >> "$GITHUB_STEP_SUMMARY"
          fi

      - name: Upload Continuous Governance Artifacts
        if: always()
        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02
        with:
          name: continuous-governance-artifacts-${{ github.run_id }}-${{ github.run_attempt }}
          retention-days: 14
          path: |
            .runtime-cache/test_output/continuous_governance
            .runtime-cache/openvibecoding/reports/ci
          if-no-files-found: warn