- Move check-dependencies into ci.yml as Checks / Dependencies
(upgrade to osv-scanner-reusable-pr.yml@v2.3.3, drop merge_group)
- Move pr-scan into ci.yml as Checks / Image
(upgrade Trivy to 0.33.1, use SARIF + upload-sarif instead of
custom PR comment logic)
- Rename Setup job to Build
- Fix format job git checkout HEAD^2 to only run on pull_request
- Rename PHPStan step correctly (was mislabeled CodeQL)
- Add Docker Hub login to benchmark job
- Remove no-op pull_request trigger from ai-moderator
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Merge linter, static-analysis, tests, and benchmark workflows into ci.yml
with structured job naming (Checks / Format, Tests / E2E / ..., etc.).
Shared Docker image build between tests and benchmark. Update actions to
latest versions.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace shell-based database change detection with github-script using
the GitHub API, eliminating the need for a full checkout. Restructure
matrix generation with guard clauses and no mutation. Remove ciIgnore
exclude group from test command.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Hardcode lowercase env vars per database branch instead of using tr.
Use proper casing for database matrix values (MongoDB, MariaDB, PostgreSQL).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Merge 6 E2E jobs into 3 by combining dedicated/shared mode variants
into a single matrix dimension. Database adapters and table modes
expand dynamically based on whether utopia-php/database changed.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Re-add itznotabug/php-retry@v3 wrapping all test steps with
max_attempts: 2 and retry_wait_seconds: 300. Also restore
pull-requests: write permission needed by the action.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Change .env defaults back from MongoDB to MariaDB
- Bump all remaining "Load and Start Appwrite" timeouts from 3 to 5 minutes
- Filter listener.* span logs to only export on error
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The abuseEnabled jobs previously only ran tests in Services/Projects,
missing the Account abuse test and any future abuseEnabled tests in
other services. Also rename jobs to "Abuse" for consistency.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The docker compose pull step alone can take over 2.5 minutes on CI
(e.g. openruntimes-executor, traefik), leaving no time for
docker compose up --wait within 3 minutes.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace the manual shell polling loop (until doctor > /dev/null) with a
proper Docker healthcheck on the appwrite service and `docker compose up
--wait`, which blocks until healthchecks pass. Also reverts the timeout
back to 3 minutes now that image pulls are cached.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The 3-minute timeout was too tight with the added docker compose pull
step for downloading third-party images.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The screenshot tests have no abuse-related code. Abuse was only enabled
on these jobs as a side effect of the original sed command applying to
all jobs below e2e_service_test.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
_APP_DATABASE_SHARED_TABLES and _APP_DATABASE_SHARED_TABLES_V1 are
read by the server at boot time via System::getEnv(), not by the test
runner. Passing them via docker compose exec -e had no effect on the
already-running Swoole server. Move them to the Load and Start
Appwrite step so they're set at docker compose up time.
Keep _APP_E2E_RESPONSE_FORMAT on exec since it's read by the test
runner process (tests/e2e/Scopes/Scope.php).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Use step-level env: fields and GHA expressions for conditional values
instead of shell export statements and if/elif blocks.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace itznotabug/php-retry with native run steps and timeout-minutes.
Also remove pull-requests: write permission that was only needed by
php-retry to post PR comments.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add --ignore-buildable flag so docker compose pull skips images with
build directives (appwrite-dev) instead of trying to pull them from
Docker Hub.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Use `vars.DOCKERHUB_USERNAME` and `secrets.DOCKERHUB_TOKEN` to match
the existing publish and release workflows.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Login to Docker Hub in all test jobs to avoid rate limits, add
`docker compose pull --quiet` to parallelize image downloads before
`docker compose up`, and replace sed-based .env overrides with native
GitHub Actions env fields.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
With 120+ jobs starting simultaneously, transient failures are common
due to resource contention. Adding retry_wait_seconds: 300 to all
php-retry action usages gives the CI environment time to settle
before retrying failed tests.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The Site Screenshots CI jobs were missing the "Wait for Open Runtimes"
step that other E2E test jobs have, causing deployments to fail with
"Failed to connect to exc1 port 80" when the executor wasn't ready yet.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Services that depend on shared static state between test methods
(Databases, Functions, Realtime) now run without --functional flag,
so test methods execute sequentially within each class while classes
still run in parallel. All other services keep --functional mode.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
With --functional mode, each test method runs in its own process so
static caches are empty. This causes every method to recreate projects,
databases, collections, attributes, and indexes - flooding the serial
database worker queue and causing attribute polling timeouts.
File-based caching with file locks ensures resources are created once
per test class, then shared across all method processes. This restores
--functional mode and dramatically reduces worker queue load.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
With --functional mode, every test method gets its own process with no
static cache sharing. This causes each method to independently create
databases, collections, and attributes, flooding the serial database
worker queue. Without --functional, each test class shares static caches
between methods, dramatically reducing schema operation count.
Also reverts _APP_WORKERS_NUM change since worker must remain serial.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Database tests (PostgreSQL, Shared V1, Shared V2) consistently take
31-32 minutes, just exceeding the 30-minute timeout. Increase to 40
minutes for all E2E service tests to prevent false timeout failures.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add --exclude-group ciIgnore to paratest commands in tests.yml
(the @group ciIgnore annotation was defined but never excluded)
- Increase attribute/index polling timeouts in RealtimeConsoleClientTest
from 15s to 120s for Shared V2 stability
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The retry action couldn't extract the container name from docker compose
exec commands to copy the JUnit XML. Using a relative path works because
CWD inside the container is /usr/src/code and the volume mount
./tests:/usr/src/code/tests makes the file accessible at the same
relative path on both container and host.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- testCreateIndexes: conditionally check index length based on adapter's maxIndexLength (MongoDB 1024 vs SQL 768)
- testConcurrentTransactionConflicts: accept both 409 and 500 since MongoDB adapter doesn't map write conflicts to ConflictException
- testEnforceCollectionPermissions: add error body to assertion for debugging
- Enable --log-junit for paratest in both project and shared mode CI jobs so itznotabug/php-retry@v3 can identify and selectively retry failing tests
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The e2e_service_test job's command block had corrupted shell syntax from
a bad merge - orphaned elif/else without matching if, and duplicate
if-elif blocks for DB adapter env vars. The set-db-env step already sets
these via GITHUB_ENV, making the inline exports redundant.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
loks0n
Jake Barnby
Chirag Aggarwal
copilot-swe-agent[bot]