chore(ci): remove deprecated PR-time stub workflow#875
Merged
danielmeppiel merged 2 commits intomainfrom Apr 23, 2026
Merged
Conversation
- Document merge-gate.yml as the single-authority PR-time aggregator
- Mark ci-integration-pr-stub.yml as DEPRECATED (slated for deletion)
- Renumber workflow list (now 6 entries, was misnumbered with two #3s)
- New section: Branch Protection & Required Checks
- Ruleset 'context' field MUST match check-run name ('gate'), not the
UI display string ('Merge Gate / gate'). Storing the display string
causes permanent 'Expected - Waiting for status to be reported' that
blocked PR #860 today
- Adding new required checks goes through EXPECTED_CHECKS in
merge-gate.yml, not the ruleset
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The four PR stubs (Build/Smoke/Integration/Release Validation - Linux) were a holdover from the pre-merge-gate model where branch protection required each Tier 2 check name directly. After #867, branch protection requires only the single 'gate' check from merge-gate.yml, so the stubs are dead weight that fire on every PR for no reason. Changes: - Delete .github/workflows/ci-integration-pr-stub.yml - Reduce EXPECTED_CHECKS in merge-gate.yml to just 'Build & Test (Linux)' (the only PR-time check we still emit) - Update merge-gate.yml + ci-integration.yml header comments - Update cicd.instructions.md (drop DEPRECATED entry, renumber to 5 workflows) - Drop stale CODEOWNERS reference to the deleted file - CHANGELOG entry under [Unreleased] > Removed Stacked on #874 (docs). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Removes the deprecated PR-time Tier 2 stub workflow now that branch protection relies only on the Merge Gate job (gate) and the gate only needs to aggregate the real PR-time check from ci.yml.
Changes:
- Delete
.github/workflows/ci-integration-pr-stub.yml(PR-time no-op stub jobs). - Update
merge-gate.ymlto poll onlyBuild & Test (Linux)and refresh workflow header comments. - Update CI/CD documentation and CODEOWNERS references; add a changelog entry under
[Unreleased].
Show a summary per file
| File | Description |
|---|---|
| CHANGELOG.md | Adds [Unreleased] entries describing the CI workflow cleanup. |
| .github/workflows/merge-gate.yml | Shrinks EXPECTED_CHECKS to only Build & Test (Linux) and updates comments to reflect the single required check model. |
| .github/workflows/ci-integration.yml | Updates header comments to remove reliance on the deleted PR stub. |
| .github/workflows/ci-integration-pr-stub.yml | Deleted deprecated PR-time stub workflow. |
| .github/instructions/cicd.instructions.md | Updates CI/CD architecture docs to remove the stub workflow and document the merge-gate model. |
| .github/CODEOWNERS | Removes stale comment referencing the deleted stub workflow. |
Copilot's findings
- Files reviewed: 6/6 changed files
- Comments generated: 2
Comment on lines
8
to
12
| ## Workflow Architecture (Tiered + Merge Queue) | ||
| Four workflows split by trigger and tier. PRs get fast feedback; the heavy | ||
| Five workflows split by trigger and tier. PRs get fast feedback; the heavy | ||
| integration suite runs only at merge time via GitHub Merge Queue | ||
| (microsoft/apm#770). | ||
|
|
There was a problem hiding this comment.
This doc was updated, but there are other copies in the repo that still reference the deleted ci-integration-pr-stub.yml (e.g. .apm/instructions/cicd.instructions.md and custom-instructions/repo/.github/instructions/cicd.instructions.md). If those files are consumed anywhere (or checked for consistency), they should be updated/removed in the same PR or documented as generated artifacts to avoid drift.
Comment on lines
+13
to
+17
| - CI docs: clarify that branch-protection ruleset must store the check-run name (`gate`), not the workflow display string (`Merge Gate / gate`); document the merge-gate aggregator in `cicd.instructions.md` and mark the legacy stub workflow as deprecated. | ||
|
|
||
| ### Removed | ||
|
|
||
| - CI: deleted `ci-integration-pr-stub.yml`. The four stubs were a holdover from the pre-merge-gate model where branch protection required each Tier 2 check name directly. After #867, branch protection requires only `gate`, so the stubs are dead weight. Reduced `EXPECTED_CHECKS` in `merge-gate.yml` to just `Build & Test (Linux)`. |
There was a problem hiding this comment.
CHANGELOG entries under [Unreleased] do not follow the repo's changelog rules: each PR should be a single concise bullet ending with a PR reference like "(#123)", but these bullets are multi-sentence and have no PR number. Also, the "Changed" bullet claims the stub workflow was "deprecated", but in this PR it is deleted (so that wording is inaccurate and should be updated or removed).
danielmeppiel
added a commit
that referenced
this pull request
Apr 23, 2026
Address PR #878 review: 1. Sync .apm/instructions/cicd.instructions.md (canonical source per #823) with .github/instructions/cicd.instructions.md so future apm install --target copilot regenerations don't revert the build-release smoke-gating doc note (and to bring along the stub-removal changes from #875 + branch-protection refinement from #874 that had also drifted). 2. Append (#878) suffix to the new CHANGELOG entry, matching the established Keep-a-Changelog convention used by neighbouring entries. No workflow behavior change. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
danielmeppiel
added a commit
that referenced
this pull request
Apr 23, 2026
* ci(build-release): gate smoke to tag/schedule/dispatch only Push-time smoke in build-release.yml's build-and-test job (Linux x86_64, Linux arm64, Windows) duplicated the merge-time smoke gate already enforced by ci-integration.yml on the same SHA content, while burning ~15 redundant codex-binary downloads per active day and amplifying network-flake exposure. Smoke now runs only at promotion boundaries: - tags (pre-ship release gate; only validation tag-cut releases receive) - schedule (nightly drift catch for upstream openai/codex URL changes) - workflow_dispatch (manual safety net) Push-to-main retains unit tests on all build-and-test platforms for platform-regression signal; smoke coverage on Linux at merge_group time (ci-integration.yml) and on Linux x86_64 nightly (ci-runtime.yml) is unchanged. Multi-platform smoke (arm64 + Windows) shifts from per-push to per-tag, narrowing the time-to-detection window for platform-specific regressions in scripts/runtime/setup-codex.sh by hours-to-days but trading that for a meaningful reduction in network noise. The gating expression matches the existing canonical pattern used by the macOS Intel/ARM jobs and integration-tests/release-validation jobs in this same workflow. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * ci(build-release): sync .apm canonical + add PR ref to changelog Address PR #878 review: 1. Sync .apm/instructions/cicd.instructions.md (canonical source per #823) with .github/instructions/cicd.instructions.md so future apm install --target copilot regenerations don't revert the build-release smoke-gating doc note (and to bring along the stub-removal changes from #875 + branch-protection refinement from #874 that had also drifted). 2. Append (#878) suffix to the new CHANGELOG entry, matching the established Keep-a-Changelog convention used by neighbouring entries. No workflow behavior change. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This was referenced Apr 23, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
After #867 the branch-protection ruleset requires only the single
gatecheck frommerge-gate.yml(which aggregates whatever PR-time signals we declare). The four stub jobs inci-integration-pr-stub.yml(Build (Linux),Smoke Test (Linux),Integration Tests (Linux),Release Validation (Linux)) were a holdover from the pre-merge-gate model where each name was required directly. They are now dead weight that fires on every PR for no reason.This deletes them and shrinks
EXPECTED_CHECKSto justBuild & Test (Linux)(the only real PR-time check ci.yml emits).What
.github/workflows/ci-integration-pr-stub.ymlmerge-gate.yml:EXPECTED_CHECKS->'Build & Test (Linux)'(was 5 names)merge-gate.yml+ci-integration.yml: header comments updated to drop stub referencescicd.instructions.md: drop the DEPRECATED entry, renumber the workflow list (5 entries now).github/CODEOWNERS: drop stale comment pointing at the deleted file[Unreleased] > RemovedStack
Stacked on #874 (docs PR). Merge that first to keep the diff readable; this PR rebases cleanly off main once #874 is merged.
Verification on this PR itself
This PR is a docs+workflow change. The
gatecheck on this PR is itself proof: withEXPECTED_CHECKS='Build & Test (Linux)', the gate must pass with only ci.yml emitting a check, and the four deleted stub names must NOT show up in the Checks tab.Out of scope (separate concerns)
merge_groupevent currently does not producegate(merge-gate.yml only triggers onpull_request). The merge queue has been merging successfully because GitHub treats absent required checks onmerge_groupSHAs differently than absent required checks on PR head SHAs. If we ever want belt-and-suspenders, we'd addmerge_groupto merge-gate.yml's triggers and aggregate Tier 2 names there too. Not changing today.merge-gate.ymlandci.ymlhavepaths-ignore: ['docs/**', '.gitignore', 'LICENSE']. A docs-only PR will skip the gate -> permanent BLOCKED. Worth fixing but separate.