feat: add gitealike Actions CI parity by mariusvniekerk · Pull Request #281 · wesm/middleman

mariusvniekerk · 2026-05-07T17:34:30Z

feat: add gitealike Actions CI parity

Merge Forgejo and Gitea Actions workflow runs into provider CI checks without duplicating commit statuses. Gitea Actions are gated to servers with the pinned SDK's 1.26+ workflow run API, leaving older hosts status-only.

fix: normalize gitealike action checks safely

Keep action runs with the same title as commit statuses when they point at distinct CI URLs, and normalize unsupported action conclusions without falling back through generic state mapping.

test: persist Gitea Actions checks through API sync

Add full-stack coverage for Gitea Actions CI ingestion so statuses and action runs are normalized, deduplicated by URL, persisted in SQLite, and returned through the pull detail API.

fix: keep latest gitealike action workflow run

Collapse Forgejo and Gitea action runs by workflow identity before CI aggregation so older failed reruns do not keep a pull request failed after a newer successful run.

feat: show locked pull request state

Render the locked PR state from the bool-backed API model only for providers whose frontend capability helper reports lock-state support. Add e2e coverage so the detail view consumes IsLocked instead of only carrying the field through the data model.

fix: prefer queued gitealike action reruns

Use action run numbers and created/updated timestamps when collapsing Gitea-like workflow runs so a queued rerun can supersede an older completed run for the same workflow. This prevents stale failed checks from remaining current after a rerun starts.

fix: keep Gitea Actions probe retryable

Enable the Gitea Actions reader without permanently disabling it from the startup version check. Known older-server version errors now fall back to commit statuses, while transient action/version read errors remain retryable on later syncs.

mariusvniekerk · 2026-05-07T17:34:32Z

This change is part of the following stack:

docs: plan Forgejo provider implementation #265
- feat: add Forgejo and Gitea SDK client skeletons #267
  - feat: share Forgejo and Gitea provider core #268
    - feat: convert Forgejo and Gitea SDK records #269
      - feat: read Forgejo and Gitea through shared provider core #270
        
        feat: start Forgejo and Gitea providers at runtime #271
        
        feat: recognize Forgejo and Gitea provider configuration #266
        
        test: cover Forgejo and Gitea repository imports #272
        
        feat: expose Forgejo and Gitea repository imports #273
        
        test: add Forgejo and Gitea container fixtures #274
        feat: enable proven Forgejo and Gitea mutations #275
        docs: document Forgejo and Gitea setup #276
        feat: add gitealike Actions CI parity #281 ◀

_{Change managed by git-spice.}

roborev-ci · 2026-05-07T17:35:58Z

roborev: Combined Review (`cbf8f20`)

One medium issue found; no high or critical findings.

Medium

packages/ui/src/components/detail/PullDetail.svelte:588 - detail.platform_host is used as a fallback, but detail does not have a platform_host property. Use the local platform_host variable instead, consistent with the surrounding provider, owner, and name usage.

Synthesized from 3 reviews (agents: codex, gemini | types: default, security)

roborev-ci · 2026-05-07T19:58:39Z

roborev: Combined Review (`cf1b689`)

No Medium, High, or Critical issues found.

All reported reviews found the changes clean; no actionable findings to include.

Synthesized from 3 reviews (agents: codex, gemini | types: default, security)

roborev-ci · 2026-05-07T20:19:06Z

roborev: Combined Review (`e69abde`)

Medium-risk issue found.

Medium

internal/platform/gitealike/normalize.go:259 - NormalizeStatuses deduplicates Actions runs solely by matching HTMLURL against commit status TargetURL, even when their states disagree. This can hide a failing Gitea/Forgejo Actions run if a successful commit status points to the same URL, causing CI to appear green.

Remediation: avoid URL-only dedupe. Keep both records when status/conclusion disagree, prefer Actions runs for action URLs, or merge conservatively so failure, pending, or queued states win over success. Use source identity such as app/source type, workflow id, context/name, and normalized state before suppressing a check.

Synthesized from 3 reviews (agents: codex, gemini | types: default, security)

roborev-ci · 2026-05-07T20:33:47Z

roborev: Combined Review (`052215a`)

No Medium, High, or Critical findings were reported.

All review agents reported no actionable issues at or above Medium severity.

Synthesized from 3 reviews (agents: codex, gemini | types: default, security)

roborev-ci · 2026-05-07T20:41:50Z

roborev: Combined Review (`be636d0`)

No medium-or-higher severity issues found.

All reviewers reported the code as clean.

Synthesized from 3 reviews (agents: codex, gemini | types: default, security)

roborev-ci · 2026-05-07T20:56:14Z

roborev: Combined Review (`374f982`)

No Medium, High, or Critical findings were reported.

All review agents that provided output found no issues.

Synthesized from 3 reviews (agents: codex, gemini | types: default, security)

roborev-ci · 2026-05-08T00:50:22Z

roborev: Combined Review (`34d9fb2`)

No Medium, High, or Critical issues were found.

Security review found no issues, and the only reported finding was Low severity, so it is omitted per the review rules.

Synthesized from 3 reviews (agents: codex, gemini | types: default, security)

roborev-ci · 2026-05-08T00:57:11Z

roborev: Combined Review (`daf96a5`)

No Medium, High, or Critical issues found.

All reviewed agents report the code is clean.

Synthesized from 3 reviews (agents: codex, gemini | types: default, security)

roborev-ci · 2026-05-08T01:02:08Z

roborev: Combined Review (`21fd08a`)

Summary verdict: One high-severity issue should be fixed before merge.

High

internal/platform/gitea/convert.go:172-173
- Created and Updated are mapped from run.StartedAt and run.CompletedAt instead of run.CreatedAt and run.UpdatedAt.
- For queued action runs, StartedAt is zero, so queued reruns can sort as older than prior completed runs and be ignored by actionRunIsNewer.
- Fix by mapping Created to run.CreatedAt and Updated to run.UpdatedAt, then update TestConvertGiteaActionRun accordingly.

Medium

frontend/tests/e2e-full/provider-capabilities.spec.ts:4
- The locked-state e2e coverage only verifies that a supported provider shows the Locked chip.
- It does not cover an unsupported provider with IsLocked: true, so the UI could regress by showing locked state even when supportsLocked is false.
- Add an e2e case with a mocked unsupported provider detail response and assert the Locked chip is absent.