Skip to content

ci: accelerate runtime, clone, and TypeScript E2E checks#2882

Merged
unarbos merged 34 commits into
fix-fill-or-kill-doc-typofrom
codex/accelerate-runtime-and-e2e-ci
Jul 13, 2026
Merged

ci: accelerate runtime, clone, and TypeScript E2E checks#2882
unarbos merged 34 commits into
fix-fill-or-kill-doc-typofrom
codex/accelerate-runtime-and-e2e-ci

Conversation

@UnArbosFive

@UnArbosFive UnArbosFive commented Jul 13, 2026

Copy link
Copy Markdown
Contributor

What changes

This stacks the runtime/clone work from #2876 and the TypeScript E2E acceleration on #2875.

  • A daily producer creates one exact-finalized, manifest-backed try-runtime snapshot for each of devnet, testnet, and mainnet. Consumers select each artifact independently by canonical workflow, default branch, repository, immutable run/artifact ID, producer SHA, age, network/CLI identity, size, and SHA-256 checksum.
  • Cached try-runtime jobs run on ubuntu-latest without chain RPC calls. The try-runtime wasm and release node build in parallel; try-runtime depends only on its wasm. MultiBlockMigrator = () enables --disable-mbm-checks; a non-unit migrator retains the full path and ambiguous detection fails.
  • The mainnet clone uses a separate daily, preinitialized chainspec/database checkpoint. It has the same provenance-bound lookup, but not the try-runtime finalized-block manifest contract. It is optional and retains live mainnet fallback.
  • Four clone-upgrade shards become one turbo-8 job and one checkpoint download. Interval sealing produces a block every 250 ms while advancing logical time by a normal 12-second slot. Issuance runs on pristine state; the checkpoint is restored before the other eight regressions run sequentially. This reduces runner use and duplicate setup at the cost of shard-level failure isolation.
  • Staking, coldkey-swap, EVM, and subnet state suites use one immediately-finalized validator. Shield still runs all six files and 19 tests on its six-node/three-validator topology, split into three measured-time-balanced environments. Two general workers plus three Shield workers peak at five self-hosted test runners; an aggregate job preserves the required Shield check name.
  • EVM wallets bypass ethers' 250 ms cache for automatic pending-nonce reads; explicit-nonce replacement tests retain their manual behavior. Frontier-state reads are synchronized for the faster environment. Runtime path filtering executes the trusted base revision, validates pagination completeness, classifies both sides of renames, and enables all checks when it cannot classify safely.
  • Try-runtime consumers and scheduled/release smoke checks move off fireactions-tryruntime; smoke retains its six-hour cadence on ubuntu-latest. Snapshot production uses shared turbo-8 because assembly exceeded hosted-runner memory, so the dedicated try-runtime pool is no longer used. Scheduled sccache maintenance is fixed at 12:00 UTC.

Operational behavior

  • Try-runtime snapshots warn after 36 hours and are required to be at most 72 hours old. After three missed daily refreshes, normal PR checks fail closed until the producer is dispatched; fresh-try-runtime-state or manual fresh_state explicitly opts into live scraping.
  • Clone checkpoints are optional for seven days. A missing, expired, or unusable checkpoint triggers a slower live mainnet scrape instead of blocking the clone job.
  • The producer uses four clients against the dedicated archive endpoint (up to sixteen value-fetch workers). Try-runtime networks are serialized; the clone producer can run alongside them, so a refresh can occupy two shared turbo-8 runners.
  • Fork PRs cannot execute on persistent self-hosted runners. Existing required branch-protection check names and all three independent try-runtime network jobs are preserved.

Measured PR impact

Runner time below excludes queueing. “Clone path” means the release-node build plus clone jobs; the combined row covers the optimized clone path and TypeScript E2E jobs, not unrelated workflows.

Measure Before After Change
Critical path across these workflows 30m58s 14m40s 52.6% faster
Clone required gate 30m58s 12m21s 60.1% faster
Clone-path self-hosted time / peak runners 59m43s / 4 ~12m04s / 1 79.8% less time
TypeScript trigger-to-completion 25m54s 14m40s 43.4% faster
TypeScript self-hosted time / peak test runners 72m05s / 6 45m53s / 5 36.3% less time
Combined clone + TypeScript self-hosted time 131m48s ~57m57s 56.0% less time

Notable components: clone regression waiting fell from ~44m54s aggregate to ~3m; cached mainnet try-runtime takes 3m45s (6m36s from workflow trigger, including ~27s artifact restore/validation); EVM 17m30s -> 6m24s, staking 17m17s -> 4m35s, and coldkey-swap 5m35s -> 1m39s. Shield's critical pure Vitest shard fell from 517.62s to 369.92s (28.5%) while preserving all tests and the six-node/three-validator topology.

Four RPC clients reduced mainnet try-runtime snapshot creation from 39m54s to 21m14s on the former dedicated runner (benchmark). The final shared turbo-8 topology measured 48m43s for mainnet and ~67m30s for all three networks (final-runner measurement); this is off the PR critical path and is the capacity tradeoff for retiring the dedicated pool.

Verification

  • Runtime/clone measurement: all three cached try-runtime checks, build, clone restore, both isolated upgrades, pristine issuance invariant, all nine regressions, SDK drift, and required gate passed.
  • Final TypeScript measurement: all suites and the required Shield aggregate passed. Shield A/B/C completed in 6m22s, 6m45s, and 7m34s; all 19 Shield tests passed. The EVM job passed in 6m24s.
  • Snapshot/provenance/age/live-bypass and trusted path-classifier fixtures pass; the E2E validator covers all Shield files/topologies and four single-node suites. Workflow YAML/shell checks and the focused pallet clippy path pass.
  • The rebase onto docs: fix "fill or kill type or order" typo in allow_partial doc comments #2875 was conflict-free; git range-diff reports all 33 PR commits patch-identical.

@vercel

vercel Bot commented Jul 13, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
subtensor Ready Ready Preview, Comment Jul 13, 2026 3:03pm

Request Review

@github-actions

github-actions Bot commented Jul 13, 2026

Copy link
Copy Markdown
Contributor

🛡️ AI Review — Skeptic (security review)

VERDICT: SAFE

VERY HIGH account-age scrutiny (11-day-old account, no public repos), mitigated by repository admin permission and substantive merged CI work; no Gittensor association or author/committer mismatch; targets integration branch fix-fill-or-kill-doc-typo, which has an open PR into main.

Static analysis covered all 29 changed files, including the latest E2E setup commit, self-hosted runner gating, trusted base-revision path classification, snapshot provenance, artifact restoration, clone orchestration, and accelerated timestamp handling. The PR does not modify .github/ai-review/* or .github/copilot-instructions.md.

Findings

No findings.

Conclusion

No malicious behavior or actionable security vulnerability was identified.


🔍 AI Review — Auditor (domain review)

VERDICT: 👍

Gittensor association UNKNOWN; very new contributor account, mitigated by repository admin permission and prior merged CI work.

The PR description accurately reflects the three Shield shards and five-runner peak. The overlapping open PRs concern unrelated features, and this integration-branch target has no applicable spec_version check.

Findings

No findings.

Prior-comment reconciliation

  • cefac506: addressed — The PR body states that three Shield workers plus two general workers peak at five self-hosted test runners.

Conclusion

The artifact provenance checks, clone checkpoint orchestration, accelerated sealing, and E2E restructuring remain consistent with the description and adequately validated. No blocking domain issues remain.

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AI review — see the sticky summary comment for the verdict and the inline comments below for specific findings.

"type": "zombie",
"zombieSpec": {
"configPath": "./configs/zombie_node.json",
"configPath": "./configs/zombie_single_node.json",

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[HIGH] Accelerated EVM environment has repeatable nonce races

The PR body reports that the exact combined commit failed this suite twice with nonce too low, in different tests after 75 and 87 passes. This suite still performs concurrent transactions through shared raw wallets (not every sender is protected by a single NonceManager), so moving it to the immediately sealing single-node environment has produced a reproducible required-check regression. Serialize the EVM cases/files or coordinate every shared sender's nonce, then demonstrate a clean exact-head run.

@github-actions

Copy link
Copy Markdown
Contributor

🔄 AI review updated — Skeptic: SAFE Auditor: 👎

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AI review — see the sticky summary comment for the verdict and the inline comments below for specific findings.


beforeAll(async () => {
api = context.papi("Node").getTypedApi(subtensor);
provider = context.ethers("EVM").provider as ethers.JsonRpcProvider;

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[HIGH] Nonce manager does not resolve the cross-file race

This manager only coordinates transactions within 01-contract-deploy-call.test.ts. 00-evm-substrate-transfer.test.ts concurrently creates the same deterministic wallet and submits many transactions through its own signer, so both files can still select the same nonce—the failure mode already observed twice on the exact PR head. Serialize the EVM test files or give each file a distinct funded account, then demonstrate a clean full EVM run.

@github-actions

Copy link
Copy Markdown
Contributor

🔄 AI review updated — Skeptic: SAFE Auditor: 👎

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AI review — see the sticky summary comment for the verdict and the inline comments below for specific findings.

binary: release
- test: zombienet_shield
binary: release
- test: zombienet_evm

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[HIGH] Accelerated EVM job remains demonstrably flaky

The PR body reports that this exact integrated configuration failed twice with nonce too low, at different tests after 75 and 87 passes. The added NonceManager only covers 01-contract-deploy-call.test.ts; 00-evm-substrate-transfer.test.ts still shares raw wallets among its test cases. A required CI job cannot be merged with a repeatable known race. Serialize the EVM test files/cases or provide shared nonce coordination, then demonstrate a clean exact-head run.

@github-actions

Copy link
Copy Markdown
Contributor

🔄 AI review updated — Skeptic: SAFE Auditor: 👎

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AI review — see the sticky summary comment for the verdict and the inline comments below for specific findings.

binary: release
- test: zombienet_shield
binary: release
- test: zombienet_evm

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[HIGH] Accelerated EVM gate remains unproven and documented as flaky

The PR body still reports intermittent nonce too low failures in this accelerated EVM job and explicitly calls them a merge-readiness risk. The new uncached nonce read is plausible, but no post-fix run demonstrates stability. Repeatedly validate this exact commit or serialize the EVM tests before making this configuration a required gate.

@github-actions

Copy link
Copy Markdown
Contributor

🔄 AI review updated — Skeptic: SAFE Auditor: 👎

@github-actions

Copy link
Copy Markdown
Contributor

🔄 AI review updated — Skeptic: SAFE Auditor: 👍

@github-actions

Copy link
Copy Markdown
Contributor

🔄 AI review updated — Skeptic: SAFE Auditor: 👍

@UnArbosFive UnArbosFive changed the base branch from main to fix-fill-or-kill-doc-typo July 13, 2026 14:48
@UnArbosFive UnArbosFive force-pushed the codex/accelerate-runtime-and-e2e-ci branch from c7dd675 to c83cdba Compare July 13, 2026 14:48
@github-actions

Copy link
Copy Markdown
Contributor

🔄 AI review updated — Skeptic: SAFE Auditor: 👍

@github-actions

Copy link
Copy Markdown
Contributor

🔄 AI review updated — Skeptic: SAFE Auditor: 👍

@unarbos unarbos merged commit c87ac28 into fix-fill-or-kill-doc-typo Jul 13, 2026
176 checks passed
@UnArbosFive UnArbosFive deleted the codex/accelerate-runtime-and-e2e-ci branch July 13, 2026 15:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants