Batteries-included agent-harness base, extracted from mort's agent layer. This first cut establishes the module + the zero-coupling core primitives: - lane, dispatchguard, pendingattach, run/progress.go: moved verbatim from mort - config: host config Source seam + env-var default (nil-safe helpers) - deliver: output-egress seam + Discard/Stdout defaults - identity: AdminPolicy + MemberResolver seams (nil-safe) - fanout: programmatic N×M swarm (bounded global + per-key concurrency) - README/CLAUDE.md with the vibe-coded banner; CI with Go gates + the "core stays majordomo+stdlib only" invariant Core builds with stdlib only today; majordomo enters at P1 (model/structured). go build/vet/test -race all green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,82 @@
|
||||
name: executus CI
|
||||
|
||||
# Go library CI: build, vet, race-tested, tidy-clean, plus the executus
|
||||
# invariant that the CORE module never pulls a host/DB dependency. Mirrors
|
||||
# majordomo's gates; private-module access (the private majordomo dependency)
|
||||
# uses the same Gitea credentials gadfly's CI uses.
|
||||
#
|
||||
# Required repo secrets:
|
||||
# REGISTRY_USER / REGISTRY_PASSWORD Gitea creds with read access to the
|
||||
# private majordomo module.
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
tags: ["v*"]
|
||||
pull_request:
|
||||
types: [opened, synchronize, reopened]
|
||||
workflow_dispatch: {}
|
||||
|
||||
concurrency:
|
||||
group: executus-${{ github.ref }}
|
||||
cancel-in-progress: true
|
||||
|
||||
jobs:
|
||||
test:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 15
|
||||
steps:
|
||||
- name: Checkout
|
||||
run: |
|
||||
REPO_URL="https://token:${{ github.token }}@gitea.stevedudenhoeffer.com/${{ github.repository }}.git"
|
||||
if [ "${{ github.event_name }}" = "pull_request" ]; then
|
||||
git clone --depth=1 --branch "${{ github.head_ref }}" "$REPO_URL" .
|
||||
else
|
||||
git clone --depth=1 --branch "${{ github.ref_name }}" "$REPO_URL" .
|
||||
fi
|
||||
|
||||
- name: Set up Go
|
||||
run: |
|
||||
GO_VERSION=$(grep '^go ' go.mod | awk '{print $2}')
|
||||
curl -sL "https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz" | tar -C /usr/local -xzf -
|
||||
echo "/usr/local/go/bin" >> $GITHUB_PATH
|
||||
echo "GOPATH=${HOME}/go" >> $GITHUB_ENV
|
||||
echo "${HOME}/go/bin" >> $GITHUB_PATH
|
||||
|
||||
- name: Configure private module access
|
||||
env:
|
||||
REGISTRY_USER: ${{ secrets.REGISTRY_USER }}
|
||||
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
|
||||
run: |
|
||||
git config --global url."https://${REGISTRY_USER}:${REGISTRY_PASSWORD}@gitea.stevedudenhoeffer.com/".insteadOf "https://gitea.stevedudenhoeffer.com/"
|
||||
echo "GOFLAGS=-mod=mod" >> $GITHUB_ENV
|
||||
echo "GONOSUMCHECK=gitea.stevedudenhoeffer.com/*" >> $GITHUB_ENV
|
||||
echo "GONOSUMDB=gitea.stevedudenhoeffer.com/*" >> $GITHUB_ENV
|
||||
echo "GOPRIVATE=gitea.stevedudenhoeffer.com/*" >> $GITHUB_ENV
|
||||
|
||||
- name: Build
|
||||
run: go build ./...
|
||||
|
||||
- name: Vet
|
||||
run: go vet ./...
|
||||
|
||||
- name: Test (race)
|
||||
run: go test -race -count=1 -timeout 5m ./...
|
||||
|
||||
- name: go mod tidy is clean
|
||||
run: |
|
||||
go mod tidy
|
||||
git diff --exit-code go.mod go.sum
|
||||
|
||||
- name: Core stays majordomo+stdlib only
|
||||
run: |
|
||||
# The core module must never pull a host/DB dependency. If any of these
|
||||
# appear in go.sum, a battery leaked into the core import graph.
|
||||
[ -f go.sum ] || { echo "OK: no external dependencies yet."; exit 0; }
|
||||
FORBIDDEN='gorm.io|go-redis|redis/go-redis|bwmarrin/discordgo|modernc.org/sqlite|mattn/go-sqlite3|gin-gonic/gin'
|
||||
if grep -qE "$FORBIDDEN" go.sum; then
|
||||
echo "ERROR: forbidden dependency in core go.sum:"
|
||||
grep -E "$FORBIDDEN" go.sum
|
||||
exit 1
|
||||
fi
|
||||
echo "OK: core go.sum is free of host/DB dependencies."
|
||||
Reference in New Issue
Block a user