OpenVibeCoding/.github/workflows/continuous-governance.yml at main · xiaojiou176-open/OpenVibeCoding · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
name: Continuous Governance

on:
  workflow_dispatch:
    inputs:
      mode:
        description: Run mode for continuous governance
        required: true
        type: choice
        options:
          - quick
          - full
        default: quick
      streak_windows:
        description: Recent streak windows CSV (e.g. 7,14)
        required: true
        default: "7,14"
        type: string
      streak_strict:
        description: Fail when recent run history is insufficient
        required: true
        default: true
        type: boolean
  schedule:
    # Daily run (Tuesday-Sunday): 03:00 UTC
    - cron: "0 3 * * 0,2-6"
    # Nightly full run: Monday 03:00 UTC
    - cron: "0 3 * * 1"

permissions:
  contents: read

concurrency:
  group: continuous-governance-${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  continuous-governance:
    name: Continuous Governance Ops
    runs-on: ubuntu-24.04
    timeout-minutes: 60

    permissions:
      contents: read
      actions: write

    steps:
      - name: Initialize Runner Tool Cache Env
        run: |
          echo "AGENT_TOOLSDIRECTORY=${RUNNER_TEMP}/hostedtoolcache-${GITHUB_JOB}-${GITHUB_RUN_ID}-${GITHUB_RUN_ATTEMPT}" >> "${GITHUB_ENV}"
          echo "RUNNER_TOOL_CACHE=${RUNNER_TEMP}/hostedtoolcache-${GITHUB_JOB}-${GITHUB_RUN_ID}-${GITHUB_RUN_ATTEMPT}" >> "${GITHUB_ENV}"

      - name: Repair Workspace Ownership
        run: |
          if [[ -d "${GITHUB_WORKSPACE}" ]]; then
            sudo chown -R "$(id -u):$(id -g)" "${GITHUB_WORKSPACE}" || true
          fi

      - name: Checkout
        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd
        with:
          persist-credentials: false
          clean: true

      - name: Resolve Continuous Governance Lane Inputs
        id: resolve
        env:
          EVENT_NAME: ${{ github.event_name }}
          EVENT_SCHEDULE: ${{ github.event.schedule || '' }}
          INPUT_MODE: ${{ inputs.mode || 'quick' }}
          INPUT_STREAK_WINDOWS: ${{ inputs.streak_windows || '7,14' }}
          INPUT_STREAK_STRICT: ${{ inputs.streak_strict || 'true' }}
        run: |
          set -euo pipefail
          MODE="quick"
          STREAK_WINDOWS="7,14"
          STREAK_STRICT="1"

          if [[ "${EVENT_NAME}" == "workflow_dispatch" ]]; then
            MODE="${INPUT_MODE}"
            STREAK_WINDOWS="${INPUT_STREAK_WINDOWS}"
            if [[ "${INPUT_STREAK_STRICT}" == "true" ]]; then
              STREAK_STRICT="1"
            else
              STREAK_STRICT="0"
            fi
          elif [[ "${EVENT_NAME}" == "schedule" && "${EVENT_SCHEDULE}" == "0 3 * * 1" ]]; then
            MODE="full"
          fi

          {
            echo "mode=${MODE}"
            echo "streak_windows=${STREAK_WINDOWS}"
            echo "streak_strict=${STREAK_STRICT}"
          } >> "${GITHUB_OUTPUT}"

      - name: Run Continuous Governance Lane via docker_ci
        env:
          GH_TOKEN: ${{ github.token }}
          RUN_ID: continuous_governance_${{ github.run_id }}_${{ github.run_attempt }}
          MODE: ${{ steps.resolve.outputs.mode }}
          STREAK_WINDOWS: ${{ steps.resolve.outputs.streak_windows }}
          STREAK_STRICT: ${{ steps.resolve.outputs.streak_strict }}
        run: |
          set -euo pipefail
          sudo -E bash scripts/docker_ci.sh lane continuous-governance \
            --mode "${MODE}" \
            --streak-windows "${STREAK_WINDOWS}" \
            --streak-strict "${STREAK_STRICT}" \
            --run-id "${RUN_ID}"

      - name: Publish Streak Trend Summary
        if: always()
        env:
          RUN_ID: continuous_governance_${{ github.run_id }}_${{ github.run_attempt }}
        run: |
          SUMMARY_FILE=".runtime-cache/test_output/continuous_governance/${RUN_ID}/recent_streak_summary.md"
          if [[ -f "$SUMMARY_FILE" ]]; then
            cat "$SUMMARY_FILE" >> "$GITHUB_STEP_SUMMARY"
          else
            echo "### Continuous Governance Trend Score" >> "$GITHUB_STEP_SUMMARY"
            echo "- recent_streak_summary.md not found for run_id=${RUN_ID}" >> "$GITHUB_STEP_SUMMARY"
          fi

      - name: Upload Continuous Governance Artifacts
        if: always()
        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
        with:
          name: continuous-governance-artifacts-${{ github.run_id }}-${{ github.run_attempt }}
          retention-days: 14
          path: |
            .runtime-cache/test_output/continuous_governance
            .runtime-cache/openvibecoding/reports/ci
          if-no-files-found: warn