fix(ci): gate ort imports + add drift-check permissions + fix MultiNodeSolver false-positive#1357
Merged
Merged
Conversation
…s, fix MultiNodeSolver false positive
- src/ai/surrogate.rs: add #[cfg(feature = "ort")] before the unconditional
use ort::execution_providers::{...} block. Without this, --no-default-features
builds fail with E0433 in src/ai/surrogate.rs:8, blocking 6+ CI workflows
(Determinism Check x3 OS, Test no-default, Code Coverage, Docs Build, TDQS,
Python Wheels).
- .github/workflows/architecture_drift.yml: add job-level permissions
(contents:read, issues:write, pull-requests:write) so the github-script step
can post drift findings to PRs. Previously failed with HTTP 403.
- scripts/check_architecture_drift.py: add MultiNodeSolver to
documented_but_not_traits. It is a struct (src/physics/multi_node_solver.rs:112),
not a trait, but is referenced in ARCHITECTURE.md and was being false-positive
flagged.
Verified locally:
- cargo check --no-default-features -> exit 0
- python3 scripts/check_architecture_drift.py -> PASS
Refs: anchors Wave 1 PRs #1354, #1355, #1356 which all show ASHRAE 140
Benchmark Harness SUCCESS but were blocked on these pre-existing CI failures.
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
… fix After fixing the ort feature gate, the build actually compiles and reveals pre-existing CI failures that were previously hidden: - src/physics/five_r1c_solver.rs: rustfmt wanted `let sign_flip = ...` on one line. - src/physics/multi_node_solver.rs: three rustfmt nits (`let numer = ...` line wraps and one method-call formatting). - src/ai/surrogate.rs: 5 clippy warnings (`unused_imports` x3 + `dead_code` x2 on SessionPool/MultiDeviceSessionPool fields). Silenced with targeted `#[allow(...)]` annotations since the structs exist intentionally for the `#[cfg(not(feature = "ort"))]` no-onnx build path (issue #1294). `cargo fmt` was run globally to fix the cascade. No Wave 1 PR files were touched.
The 4 tests `test_cuda_backend_errors_when_feature_disabled`, `test_env_var_overrides_default_model_path`, `test_new_with_auto_load_picks_up_default_model`, `test_predict_loads_with_fallback_uses_onnx_when_loaded` all attempt to load or interact with ONNX models and were never gated behind `#[cfg(feature = "ort")]`. With the ort feature gate build fix, these tests now actually compile and run under `--no-default-features` (used by Code Coverage workflow), where they immediately fail with `Loading ONNX models requires the `ort` feature`. Adding `#[cfg(feature = "ort")]` to each makes them only run when ort is enabled (the meaningful case). Verified: - `cargo test --no-default-features` → 0 tests run (filtered out) - `cargo test --features ort` → 1 test passes
anchapin
pushed a commit
that referenced
this pull request
Jun 28, 2026
…lidation.yml Closes the acceptance gap from #1297 by exposing a single, non-matrix required status check ('Fluxion Determinism Gate (Issue #1351)') that branch protection on main can reference. Workflow changes (.github/workflows/ashrae_validation.yml): - Add 'workflow_run' trigger on the 'Cross-Platform Determinism CI' workflow completion for the same SHA. - Add 'fluxion-determinism-gate' listener job that: * exits 0 on 'success' / 'neutral' / 'skipped' upstream conclusions; * exits 1 and posts a PR comment with the upstream run URL on 'failure' / 'cancelled' / 'timed_out' upstream conclusions; * uses the Python-list-of-strings PR-comment pattern already established by the in-workflow 'validate' job. - Add explicit 'needs: compare-hashes' to every isolation job (weather, solar, conduction, ventilation, zone-balance) so the whole gate blocks on cross-platform determinism, not just the ASHRAE 140 'validate' job. Configuration changes (release_gates.yaml): - Add 'Fluxion Determinism Gate (Issue #1351)' to ci.required_checks. - Add matching ci.workflow_index entry with 'observes_workflow' field documenting the cross-workflow relationship. Docs: - New .github/BRANCH_PROTECTION.md admin runbook documenting the manual branch-protection step (one-time, GitHub-side), the canonical check name, the listener behaviour, the verification procedure (synthetic broken-determinism PR), and the linked issues (#1297, #1351, #1357, #1063). - docs/CONTRIBUTING.md: new 'Cross-Platform Determinism CI Gate' subsection under 'Deterministic Testing' with the local repro recipe matching the upstream RUSTFLAGS. Manual step required (documented in .github/BRANCH_PROTECTION.md): A repo admin must add the canonical check name 'Fluxion Determinism Gate (Issue #1351)' to the GitHub branch- protection 'Required status checks' list on main. The PR cannot do this — branch protection is GitHub-side config. Fixes #1351 Closes #1297 (acceptance gap)
anchapin
added a commit
that referenced
this pull request
Jun 28, 2026
…lidation.yml (#1377) Closes the acceptance gap from #1297 by exposing a single, non-matrix required status check ('Fluxion Determinism Gate (Issue #1351)') that branch protection on main can reference. Workflow changes (.github/workflows/ashrae_validation.yml): - Add 'workflow_run' trigger on the 'Cross-Platform Determinism CI' workflow completion for the same SHA. - Add 'fluxion-determinism-gate' listener job that: * exits 0 on 'success' / 'neutral' / 'skipped' upstream conclusions; * exits 1 and posts a PR comment with the upstream run URL on 'failure' / 'cancelled' / 'timed_out' upstream conclusions; * uses the Python-list-of-strings PR-comment pattern already established by the in-workflow 'validate' job. - Add explicit 'needs: compare-hashes' to every isolation job (weather, solar, conduction, ventilation, zone-balance) so the whole gate blocks on cross-platform determinism, not just the ASHRAE 140 'validate' job. Configuration changes (release_gates.yaml): - Add 'Fluxion Determinism Gate (Issue #1351)' to ci.required_checks. - Add matching ci.workflow_index entry with 'observes_workflow' field documenting the cross-workflow relationship. Docs: - New .github/BRANCH_PROTECTION.md admin runbook documenting the manual branch-protection step (one-time, GitHub-side), the canonical check name, the listener behaviour, the verification procedure (synthetic broken-determinism PR), and the linked issues (#1297, #1351, #1357, #1063). - docs/CONTRIBUTING.md: new 'Cross-Platform Determinism CI Gate' subsection under 'Deterministic Testing' with the local repro recipe matching the upstream RUSTFLAGS. Manual step required (documented in .github/BRANCH_PROTECTION.md): A repo admin must add the canonical check name 'Fluxion Determinism Gate (Issue #1351)' to the GitHub branch- protection 'Required status checks' list on main. The PR cannot do this — branch protection is GitHub-side config. Fixes #1351 Closes #1297 (acceptance gap) Co-authored-by: openhands <openhands@all-hands.dev>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Resolves pre-existing CI infrastructure failures blocking all PRs:
Fix 1 —
src/ai/surrogate.rs:The multi-line
use ort::execution_providers::{...}block was unconditional even though the file otherwise gatesortbehind#[cfg(feature = "ort")]. This caused every--no-default-featuresbuild to fail witherror[E0433]: cannot find module or crateortin this scope, breaking 6+ CI workflows (Determinism Check × 3 OS, Test no-default, Code Coverage, Docs Build, TDQS, Python Wheels).Fix 2 —
.github/workflows/architecture_drift.yml:The job had no
permissions:block. The default token is read-only and cannot post PR comments → HTTP 403. Added{contents: read, issues: write, pull-requests: write}so the github-script step can surface drift findings.Fix 3 —
scripts/check_architecture_drift.py:MultiNodeSolveris a struct (src/physics/multi_node_solver.rs:112) but is referenced in ARCHITECTURE.md. The script'sdocumented_but_not_traitsset already covers 4 similar false positives — addedMultiNodeSolverto that set. Drift script now returnsPASS: No architecture drift detected.Verification (local):
cargo check --no-default-features→ exit 0python3 scripts/check_architecture_drift.py→ PASSImpact on Wave 1 PRs: #1354, #1355, #1356 all show
ASHRAE 140 Benchmark HarnessPASSED; this PR unblocks the surrounding failing checks so they can merge.