Skip to content

fix(ci): skip E2E gates when web/desktop unchanged#407

Merged
FSM1 merged 2 commits into
mainfrom
fix/release-gate-change-detection
Mar 30, 2026
Merged

fix(ci): skip E2E gates when web/desktop unchanged#407
FSM1 merged 2 commits into
mainfrom
fix/release-gate-change-detection

Conversation

@FSM1

@FSM1 FSM1 commented Mar 30, 2026

Copy link
Copy Markdown
Owner

Summary

  • Added web change detection to the release gate (previously only desktop had skip logic) — Web E2E is now skipped when no web-related paths changed since the last release
  • Removed .github/workflows/ci-e2e.yml from DESKTOP_PATTERNS — the orchestrator workflow changing doesn't mean the desktop app changed, and this was causing false positives
  • Fixes the release gate failure on chore: release main #406 where only CI config changed (fix(ci): use --cvm-id flag for Phala Cloud CVM redeployment #405) but both E2E suites were required

Test plan

  • Merge this PR, then re-run the release gate on the release-please PR — both E2E gates should skip
  • Verify a future release with actual web/desktop changes still triggers the appropriate E2E gates

🤖 Generated with Claude Code

Summary by CodeRabbit

  • Chores
    • CI updated to detect web vs desktop changes separately so web end-to-end tests run only when web changes are present, and test summaries clearly report web and desktop change status.

…ml from desktop patterns

The release gate was unconditionally requiring Web E2E for all release
PRs and falsely detecting desktop changes when only the CI orchestrator
workflow changed. Now both Web and Desktop E2E gates are skipped when
their respective app paths haven't changed since the last release.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Entire-Checkpoint: 46a49b3a67bd
@coderabbitai

coderabbitai Bot commented Mar 30, 2026

Copy link
Copy Markdown

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: c8fd3c1a-6bf1-4b86-9383-2f7c0a82b8dd

📥 Commits

Reviewing files that changed from the base of the PR and between f366749 and ab6d68b.

📒 Files selected for processing (1)
  • .github/workflows/release-gate.yml

Walkthrough

The release-gate GitHub Actions workflow now detects web changes separately from desktop changes, exports a new web output from detect-changes, and conditions verify-e2e steps to skip or wait for web E2E based on that output. Summary printing includes both flags.

Changes

Cohort / File(s) Summary
GitHub Actions workflow
\.github/workflows/release-gate.yml
Added web change detection (WEB_PATTERNS, scanning CHANGED_FILES) and new jobs.detect-changes.outputs.web. Adjusted fallback when no previous tag to set both web=true and desktop=true. Removed .github/workflows/ci-e2e.yml from desktop patterns. In verify-e2e, added conditional "Skip Web E2E" step when web != 'true', gated "Wait for Web E2E" to web == 'true', and extended the final summary to print both Web changes and Desktop changes.

Sequence Diagram(s)

mermaid
sequenceDiagram
participant PR as Pull Request
participant Detect as detect-changes (job)
participant Verify as verify-e2e (job)
participant WebE2E as Web E2E checks
participant DesktopE2E as Desktop E2E checks

PR->>Detect: provide CHANGED_FILES
Detect-->>Detect: evaluate WEB_PATTERNS and DESKTOP_PATTERNS\nset outputs `web` and `desktop`
Detect->>Verify: propagate outputs (web, desktop)
Verify->>Verify: if web != 'true' -> Skip Web E2E step
alt web == 'true'
    Verify->>WebE2E: wait/poll for Web E2E
end
Verify->>DesktopE2E: wait/poll for Desktop E2E (existing logic)
Verify->>Verify: emit final Summary including web & desktop outputs

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title directly and accurately describes the main change: adding logic to skip E2E gates when web and/or desktop code is unchanged, which is exactly what the PR accomplishes.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/release-gate-change-detection

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@codecov

codecov Bot commented Mar 30, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 61.28%. Comparing base (4e7fb92) to head (ab6d68b).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main     #407      +/-   ##
==========================================
+ Coverage   61.25%   61.28%   +0.03%     
==========================================
  Files         133      133              
  Lines        9790     9790              
  Branches      986      988       +2     
==========================================
+ Hits         5997     6000       +3     
+ Misses       3577     3574       -3     
  Partials      216      216              
Flag Coverage Δ
api 84.36% <ø> (+0.05%) ⬆️
api-client 84.36% <ø> (+0.05%) ⬆️
core 84.36% <ø> (+0.05%) ⬆️
crypto 84.36% <ø> (+0.05%) ⬆️
sdk 84.36% <ø> (+0.05%) ⬆️
sdk-core 84.36% <ø> (+0.05%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.
see 1 file with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the release-gate workflow to conditionally require Web/Desktop E2E verification only when relevant code paths have changed since the last release, reducing false-positive release blocks from CI-only changes.

Changes:

  • Add web change detection output and skip logic so Web E2E gates are skipped when no web-related paths changed.
  • Remove .github/workflows/ci-e2e.yml from desktop change patterns to avoid treating orchestrator edits as desktop changes.
  • Improve gate summary output to explicitly report which suites were considered applicable.

Comment thread .github/workflows/release-gate.yml Outdated

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
.github/workflows/release-gate.yml (1)

70-90: ⚠️ Potential issue | 🟠 Major

Don't let ci-e2e.yml changes bypass both E2E gates.

These pattern lists no longer match .github/workflows/ci-e2e.yml, which still includes .github/workflows/ci-e2e.yml in both the web and desktop filters. A change to the orchestrator can therefore break one suite's execution on main while release-gate.yml skips both checks and still passes the release.

🔧 Proposed fix
           DESKTOP_PATTERNS=(
             'tests/vectors/'
             'packages/crypto/src/'
             'packages/crypto/tsconfig'
             '.github/workflows/desktop-e2e.yml'
+            '.github/workflows/ci-e2e.yml'
           )
           WEB_PATTERNS=(
             'tests/web-e2e/'
             'tools/mock-ipns-routing/'
             '.github/workflows/web-e2e.yml'
+            '.github/workflows/ci-e2e.yml'
           )

If the new intent is to ignore orchestrator-only changes, make the same filter change in .github/workflows/ci-e2e.yml instead so the trigger rules and the release gate stay aligned.

Also applies to: 94-102

🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/release-gate.yml around lines 70 - 90, The
DESKTOP_PATTERNS (and corresponding WEB_PATTERNS) arrays were changed to remove
the '.github/workflows/ci-e2e.yml' entry, which lets changes to the orchestrator
bypass both E2E release gates; restore alignment by either re-adding
'.github/workflows/ci-e2e.yml' to the DESKTOP_PATTERNS (and the analogous
WEB_PATTERNS) or make the identical filter change inside ci-e2e.yml so the
workflow trigger rules remain consistent with the release-gate checks; update
the pattern arrays referenced as DESKTOP_PATTERNS (and WEB_PATTERNS) and ensure
the ci-e2e.yml trigger rules match exactly to avoid bypassing E2E gates.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In @.github/workflows/release-gate.yml:
- Around line 70-90: The DESKTOP_PATTERNS (and corresponding WEB_PATTERNS)
arrays were changed to remove the '.github/workflows/ci-e2e.yml' entry, which
lets changes to the orchestrator bypass both E2E release gates; restore
alignment by either re-adding '.github/workflows/ci-e2e.yml' to the
DESKTOP_PATTERNS (and the analogous WEB_PATTERNS) or make the identical filter
change inside ci-e2e.yml so the workflow trigger rules remain consistent with
the release-gate checks; update the pattern arrays referenced as
DESKTOP_PATTERNS (and WEB_PATTERNS) and ensure the ci-e2e.yml trigger rules
match exactly to avoid bypassing E2E gates.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 7c93c308-80eb-4bc9-a757-21bf7fc30380

📥 Commits

Reviewing files that changed from the base of the PR and between 4e7fb92 and f366749.

📒 Files selected for processing (1)
  • .github/workflows/release-gate.yml

…orchestrator

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Entire-Checkpoint: 129364ea5b30
@FSM1

FSM1 commented Mar 30, 2026

Copy link
Copy Markdown
Owner Author

@coderabbitai

Re: concern about ci-e2e.yml being removed from both pattern lists —

This is intentional. ci-e2e.yml includes itself in its own dorny/paths-filter for both web and desktop, so any change to the orchestrator still triggers both E2E suites on main. The release gate just doesn't require those runs to pass for the release. If an orchestrator change breaks E2E, the failure is visible on the ci-e2e run itself.

Re-adding ci-e2e.yml to the pattern lists would recreate the deadlock this PR fixes: the release gate detects "desktop changed" but ci-e2e.yml's narrower per-push filter may skip the Desktop E2E job, leaving no run for the gate to find.

@coderabbitai

coderabbitai Bot commented Mar 30, 2026

Copy link
Copy Markdown

Tip

For best results, initiate chat on the files or code changes.

@FSM1 Thanks for the detailed explanation — that reasoning is clear and compelling. The two-layer design makes sense:

  • ci-e2e.yml self-includes in its own dorny/paths-filter, so orchestrator changes still kick off both E2E suites on main pushes.
  • The release gate's pattern lists only need to reflect app-code changes that should block a release, not every file that can trigger CI.
  • Re-adding ci-e2e.yml would re-introduce the exact deadlock this PR resolves (gate sees "desktop changed" → waits for a Desktop E2E run that ci-e2e.yml's narrower filter never schedules).

I've retracted my concern and noted this design for future reviews.


✏️ Learnings added
Learnt from: FSM1
URL: https://github.com/FSM1/cipher-box/pull/407

Timestamp: 2026-03-30T01:40:47.029Z
Learning: In FSM1/cipher-box (`release-gate.yml`), `.github/workflows/ci-e2e.yml` is intentionally excluded from both `WEB_PATTERNS` and `DESKTOP_PATTERNS` in the release gate's change-detection step. Reason: `ci-e2e.yml` self-includes in its own `dorny/paths-filter` for both `web` and `desktop`, so any change to the orchestrator still triggers both E2E suites on `main` pushes. Including it in the release gate patterns would cause a deadlock: the gate detects "desktop changed" but `ci-e2e.yml`'s narrower per-push filter may not schedule a Desktop E2E job, leaving no run for the gate to find. The release gate only needs to block on actual app-code changes, not on CI config changes. Do NOT flag the absence of `ci-e2e.yml` from the release gate pattern lists.

Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.


🧠 Learnings used
Learnt from: FSM1
Repo: FSM1/cipher-box PR: 318
File: tests/sdk-e2e/package.json:9-9
Timestamp: 2026-03-22T18:40:19.224Z
Learning: In FSM1/cipher-box (`tests/sdk-e2e/package.json` and `tests/load/package.json`), the `"test:single"` npm script uses `vitest run --no-coverage --testPathPattern` as an intentional shorthand prefix. Users append a pattern value as a positional argument (e.g. `pnpm test:single mixed-workload`). Although `--testPathPattern` is not a documented Vitest CLI flag, it is accepted by Vitest's underlying `cac` CLI parser without erroring. Do NOT flag this as a broken or unsupported flag in future PRs — the maintainer has confirmed it works as designed.

Learnt from: FSM1
Repo: FSM1/cipher-box PR: 267
File: .github/workflows/codecov-base.yml:56-57
Timestamp: 2026-03-04T20:40:22.406Z
Learning: In the cipher-box project, the `desktop` flag in `codecov.yml` corresponds to a Rust/Tauri application that does not produce lcov-format coverage output. The `coverage-lcov` CI artifact therefore intentionally contains only `apps/api/coverage/lcov.info` and `packages/crypto/coverage/lcov.info`. The missing desktop flag is handled by `carryforward: true` in `codecov.yml`, which carries forward the last known desktop coverage value. Do not flag the absence of a desktop lcov file or desktop flag in Codecov upload steps.

Learnt from: FSM1
Repo: FSM1/cipher-box PR: 253
File: tests/e2e-desktop/scripts/test-conflict-detection.ps1:156-157
Timestamp: 2026-03-03T14:55:05.884Z
Learning: In `tests/e2e-desktop/scripts/*.{sh,ps1}` (FUSE E2E tests): Fixed sleep-based waits after file mutations are an inherent limitation of FUSE-mount testing. The FUSE daemon provides no IPC signal or status endpoint to indicate when a debounced IPNS metadata publish completes. Tests use conservative fixed waits (e.g., 8s for initial publish accounting for 1.5s debounce + 10s safety valve, 15s for conflict resolution) and can be increased if CI proves flaky. Eliminating sleep-based waits would require exposing an IPC readiness signal from the FUSE daemon.

@FSM1 FSM1 merged commit 28d1390 into main Mar 30, 2026
26 checks passed
@FSM1 FSM1 deleted the fix/release-gate-change-detection branch March 30, 2026 01:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants