config: require Format/Clippy/Test as org-wide branch-protection floor#58
Closed
avrabe wants to merge 1 commit into
Closed
config: require Format/Clippy/Test as org-wide branch-protection floor#58avrabe wants to merge 1 commit into
avrabe wants to merge 1 commit into
Conversation
…floor Currently temper applies branch protection to every pulseengine repo but the required_status_checks.contexts list is empty, so any PR can merge regardless of CI outcome. Add a minimal universal floor of checks that every Rust repo in the org has in its CI workflow. The list is deliberately minimal: - Format (rustfmt --check, every repo) - Clippy (cargo clippy, every repo) - Test (cargo test/nextest, every repo) Per-repo branch protection can extend this list with additional checks (spar already requires Cargo Deny, Mutation Testing, Security Audit, etc. via direct API config — those settings stack with this temper-managed floor without conflict). Bumping this list to require something not every repo ships will leave those repos stuck in unmergeable state, so keep it minimal and additive when adding new entries.
avrabe
added a commit
that referenced
this pull request
May 3, 2026
Adds the safety warning from a parallel duplicate PR (#58, closing in favour of this one). The risk is concrete: any context added to this list that not every repo's CI defines will leave those repos stuck unable to merge. Keep the list universal-only. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Contributor
Author
|
Closing as a duplicate of #57. Both PRs make the same Reasoning for picking #57 as the keeper:
The genuinely useful warning from this PR ("bumping the list will block merges in repos that don't ship the extra job") has been folded into #57 (commit 8f61637). Nothing lost. |
avrabe
added a commit
that referenced
this pull request
May 10, 2026
#57) * config: require Format/Clippy/Test as org-wide branch-protection floor Why: every active pulseengine Rust repo runs Format, Clippy, and Test under those exact job names. The previous empty `contexts: []` meant temper applied branch protection but didn't require any specific status checks — so brand-new repos and repos that hadn't been touched at the API level had unprotected merges. What: add the three universal Rust check names to `branch_protection.default.required_status_checks.contexts`. Repos with richer smithy patterns (spar, gale, sigil — Cargo Deny, Mutation Testing, etc.) keep their extras at the repo level via direct API; this list is the additive minimum, not an exclusive set. Test plan: - YAML parses cleanly (python yaml.safe_load). - npm test → 834 pass (unchanged; integration tests use inline config fixtures, not config.yml). - After merge: temper's scheduled sweep re-applies branch protection across all 27 pulseengine repos within the next sweep window. Out of scope: org-level Actions fork-PR-approval policy and allowed-actions allowlist (UI-only today; tracked as a follow-up feature request "feat: manage org-level Actions fork-PR-approval policy and allowed-actions allowlist via config.yml"). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * config: warn against adding non-universal contexts to the floor Adds the safety warning from a parallel duplicate PR (#58, closing in favour of this one). The risk is concrete: any context added to this list that not every repo's CI defines will leave those repos stuck unable to merge. Keep the list universal-only. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * config: weaken required_status_checks back to empty (small-repo safety) Audit during smithy migration rollout (2026-05-10) found that several pulseengine repos don't define Format/Clippy/Test under those exact names: rules_lean (only verify-rules + build), pulseengine.eu (web build), .github (community files), rules_rocq_rust (mostly Bazel), wasm-component-examples, moonbit_checksum_updater, and a couple of MCP-server templates. Setting Format/Clippy/Test as required contexts org-wide via Temper would leave all those repos permanently unable to merge PRs (the required check would never appear because the workflow doesn't define it). Reverting contexts back to [] keeps the org-wide protection benefits — strict, signed-commits, no force push, no deletion, enforce_admins — without the small-repo trap. Per-repo can add specific required checks via direct API; smithy already does this on spar's main branch (13-context full smithy migration set). If we want a real org floor later, the right vehicle is shipping a starter workflow via pulseengine/.github that emits the expected check names everywhere. --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Currently
branch_protection.default.required_status_checks.contextsis empty, so temper applies branch protection to every pulseengine
repo but doesn't gate merges on any specific CI outcome. This PR
adds a minimal universal floor:
Format,Clippy,Test— threejob names that every pulseengine Rust repo defines in its CI workflow.
Why minimal + additive
(e.g.
Mutation Testing,Cargo Deny,Security Audit) wouldleave those repos stuck in unmergeable state because the required
check would never appear on their PRs.
spar's main branch already requires the full 13-job set via
direct API config (added during the smithy migration); those
repo-level settings stack on top of this temper-managed floor.
Effect after merge
Temper's next sweep applies the new floor to all 27 pulseengine
repos. From that point on, any PR to a default branch must show
green Format / Clippy / Test before the merge button enables.
Test plan
sweep includes the three contexts
not replaced)
Followups (not this PR)