Skip to content

ci: expand build matrix to Linux x86_64 / Linux aarch64 / macOS arm64#2

Open
SMC17 wants to merge 1 commit into
mainfrom
ci/cross-platform-matrix
Open

ci: expand build matrix to Linux x86_64 / Linux aarch64 / macOS arm64#2
SMC17 wants to merge 1 commit into
mainfrom
ci/cross-platform-matrix

Conversation

@SMC17
Copy link
Copy Markdown
Owner

@SMC17 SMC17 commented May 14, 2026
edited
Loading

Summary

Expands CI from a single ubuntu-latest (x86_64) job to a three-runner native matrix plus a four-target cross-compile sanity job:

  • ubuntu-latest (x86_64, native) — current default
  • ubuntu-24.04-arm (aarch64, native) — new
  • macos-14 (Apple Silicon aarch64, native) — new
  • cross-compile sanity (aarch64-linux-gnu, aarch64-macos, x86_64-linux-gnu, x86_64-macos) from the x86_64 host

Why

Raises the tide on the hardware-verified evidence level defined in AGENT_HARNESS.md. zig-cobs is the bottom of the substrate stack; its portability claims should be checked on real silicon, not just one runner shape.

Local verification

  • zig build test on Linux x86_64 → PASS (22/22 + 117k fuzz)
  • zig build -Dtarget=aarch64-linux-gnu on Linux x86_64 → PASS
  • zig build -Dtarget=aarch64-macos on Linux x86_64 → PASS
  • zig fmt --check src/ build.zig tests/ → PASS

Caveats

  • macOS runners use native Apple toolchain — they do not exercise the same LLD-via-Linux codepath the cross-compile sanity job hits. That's intentional; the two paths catch different regressions.
  • ubuntu-24.04-arm is GitHub's GA-on-public-repo arm64 runner. If the org ever loses access to it, the cross-compile sanity job still validates the same build paths from the x86_64 host.

Type-I / Type-II audit

  • Type I (false positive risk): matrix labels (Linux aarch64, macOS arm64) describe the runner architecture only. We are not claiming any benchmark numbers; only that zig build test runs green on native arm64 Linux + Apple Silicon.
  • Type II (missed risk): without this matrix, any aarch64-only regression (alignment, endianness assumption, std-lib stub) lands silently. The cross-compile sanity job catches the compile-side; the native runners catch the test-side.

Test plan

  • All matrix legs green on CI
  • No regression on existing fmt / build / test / fuzz steps
  • Cross-compile sanity job catches a hand-broken aarch64-only path in a follow-up smoke test (not in this PR)

ci: expand build matrix to Linux x86_64 / Linux aarch64 / macOS arm64
5d9e0a6 
Adds native-runner coverage on three platforms (ubuntu-latest x86_64,
ubuntu-24.04-arm aarch64, macos-14 aarch64) plus a cross-compile sanity
job that exercises four targets from the x86_64 host. Closes the
hardware-class gap on the AGENT_HARNESS evidence ladder: the
`hardware-verified` proof level can now reference real arm64 silicon for
this substrate library.

Type-I lens: matrix labels (`Linux aarch64`, `macOS arm64`) are accurate
to the runner architecture GitHub provides; we are not claiming Apple M-
series performance characteristics, only that the same Zig 0.16.0 build
+ test invocations run green on those native runners.

Type-II lens: cross-compile sanity job catches platform regressions
even if a native runner is offline or queued.
SMC17 added a commit to SMC17/SMC17 that referenced this pull request May 14, 2026
@SMC17 @claude
fleet: integrate Wave-4 cross-platform CI matrix — 5 PRs on Tier S/A …
85ded93 
…Zig repos

zig-cobs / zig-frame-protocol / zig-graph / zig-h3 / sentinel-sbom each
expanded from a single ubuntu-latest job to 3 native runners
(Linux x86_64, Linux aarch64, macOS Apple Silicon) plus a 4-target
cross-compile sanity job. The `hardware-verified` evidence level is
no longer dormant.

zig-h3's macOS-from-Linux cross-compile is restricted to Linux targets
only — documented as a Zig 0.16.0 LLD-on-mach-o gap, not as a missing
test. sentinel-sbom's macOS path also swaps `sha256sum` → `shasum -a 256`.

Per-repo PRs:
- zig-cobs           SMC17/zig-cobs#2
- zig-frame-protocol SMC17/zig-frame-protocol#2
- zig-graph          SMC17/zig-graph#2
- zig-h3             SMC17/zig-h3#2
- sentinel-sbom      SMC17/sentinel-sbom#2

Honest incident: agent ran `git checkout README.md` while branching
zig-cobs and discarded an uncommitted WIP. Reported instead of hidden.
Matches the blast-radius-protection-is-substrate-primitive doctrine.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@SMC17 SMC17 force-pushed the ci/cross-platform-matrix branch from a26735d to b41cb4e Compare May 14, 2026 20:34
SMC17 added a commit to SMC17/SMC17 that referenced this pull request May 14, 2026
@SMC17
fleet: integrate Wave-4 cross-platform CI matrix — 5 PRs on Tier S/A …
b8898fd 
…Zig repos

zig-cobs / zig-frame-protocol / zig-graph / zig-h3 / sentinel-sbom each
expanded from a single ubuntu-latest job to 3 native runners
(Linux x86_64, Linux aarch64, macOS Apple Silicon) plus a 4-target
cross-compile sanity job. The `hardware-verified` evidence level is
no longer dormant.

zig-h3's macOS-from-Linux cross-compile is restricted to Linux targets
only — documented as a Zig 0.16.0 LLD-on-mach-o gap, not as a missing
test. sentinel-sbom's macOS path also swaps `sha256sum` → `shasum -a 256`.

Per-repo PRs:
- zig-cobs           SMC17/zig-cobs#2
- zig-frame-protocol SMC17/zig-frame-protocol#2
- zig-graph          SMC17/zig-graph#2
- zig-h3             SMC17/zig-h3#2
- sentinel-sbom      SMC17/sentinel-sbom#2

Honest incident: agent ran `git checkout README.md` while branching
zig-cobs and discarded an uncommitted WIP. Reported instead of hidden.
Matches the blast-radius-protection-is-substrate-primitive doctrine.
@SMC17 SMC17 force-pushed the ci/cross-platform-matrix branch from b41cb4e to 5d9e0a6 Compare May 14, 2026 21:04
SMC17 pushed a commit to SMC17/SMC17 that referenced this pull request May 14, 2026
fleet: integrate Wave-4 cross-platform CI matrix — 5 PRs on Tier S/A …
a596ef5 
…Zig repos

zig-cobs / zig-frame-protocol / zig-graph / zig-h3 / sentinel-sbom each
expanded from a single ubuntu-latest job to 3 native runners
(Linux x86_64, Linux aarch64, macOS Apple Silicon) plus a 4-target
cross-compile sanity job. The `hardware-verified` evidence level is
no longer dormant.

zig-h3's macOS-from-Linux cross-compile is restricted to Linux targets
only — documented as a Zig 0.16.0 LLD-on-mach-o gap, not as a missing
test. sentinel-sbom's macOS path also swaps `sha256sum` → `shasum -a 256`.

Per-repo PRs:
- zig-cobs           SMC17/zig-cobs#2
- zig-frame-protocol SMC17/zig-frame-protocol#2
- zig-graph          SMC17/zig-graph#2
- zig-h3             SMC17/zig-h3#2
- sentinel-sbom      https://github.com/SMC17/sentinel-sbom/pull/2

Honest incident: agent ran `git checkout README.md` while branching
zig-cobs and discarded an uncommitted WIP. Reported instead of hidden.
Matches the blast-radius-protection-is-substrate-primitive doctrine.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@SMC17