Skip to content

ci: allow default branch health gates#119

Merged
saagpatel merged 3 commits into
masterfrom
codex/ci/default-branch-gates
May 17, 2026
Merged

ci: allow default branch health gates#119
saagpatel merged 3 commits into
masterfrom
codex/ci/default-branch-gates

Conversation

@saagpatel
Copy link
Copy Markdown
Owner

@saagpatel saagpatel commented May 17, 2026

What

  • Route the quality workflow diff-coverage step through the existing script.
  • Let diff coverage skip on default-branch runs where there is no PR base ref.
  • Let the branch-name guard skip default-branch CI checkouts.

Why

  • Default-branch health/security scans need to run after merges so GitHub security evidence can refresh.
  • The old PR-only assumptions block default-branch CI from completing cleanly.

How

  • Centralize diff coverage in scripts/ci/run-diff-coverage.sh.
  • Detect default-branch CI by comparing the current branch to the default remote branch.
  • Permit main/master only in GitHub Actions CI, while keeping local direct-branch work blocked.

Testing

  • Workflow YAML parse passed locally.
  • bash -n scripts/ci/run-diff-coverage.sh scripts/git/guard-branch.sh passed locally.

Performance Impact

  • None expected at runtime. CI reliability improves for default-branch health gates.

Risk / Notes

  • The branch guard remains active for local work and non-default branches. This only relaxes the guard for GitHub Actions default-branch checkouts.

@saagpatel saagpatel merged commit 0a9cce5 into master May 17, 2026
33 checks passed
@saagpatel saagpatel deleted the codex/ci/default-branch-gates branch May 17, 2026 22:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@saagpatel