chore(ci): externalize workflow scripts and relocate main flow doc (#722)

* feat: Add GitHub Actions workflows for security audits, CodeQL analysis, contributor updates, performance benchmarks, integration tests, fuzz testing, and reusable Rust build jobs - Implemented `sec-audit.yml` for Rust package security audits using `rustsec/audit-check` and `cargo-deny-action`. - Created `sec-codeql.yml` for CodeQL analysis scheduled twice daily. - Added `sync-contributors.yml` to update the NOTICE file with new contributors automatically. - Introduced `test-benchmarks.yml` for performance benchmarks using Criterion. - Established `test-e2e.yml` for running integration and end-to-end tests. - Developed `test-fuzz.yml` for fuzz testing with configurable runtime. - Created `test-rust-build.yml` as a reusable job for executing Rust commands with customizable parameters. - Documented main branch delivery flows in `main-branch-flow.md` for clarity on CI/CD processes. * ci(workflows): update workflow scripts and rename for clarity; remove obsolete lint feedback script * chore(ci): externalize workflow scripts and relocate main flow doc
2026-02-17 19:48:37 -05:00 · 2026-02-17 19:48:37 -05:00 · 69a3b54968
commit 69a3b54968
parent 41da46e2b2
34 changed files with 2090 additions and 1777 deletions
--- a/.github/workflows/scripts/test_benchmarks_pr_comment.js
+++ b/.github/workflows/scripts/test_benchmarks_pr_comment.js
@ -0,0 +1,57 @@
+// Extracted from test-benchmarks.yml step: Post benchmark summary on PR
+
+module.exports = async ({ github, context, core }) => {
+    const fs = require('fs');
+    const output = fs.readFileSync('benchmark_output.txt', 'utf8');
+
+    // Extract Criterion result lines
+    const lines = output.split('\n').filter(l =>
+      l.includes('time:') || l.includes('change:') || l.includes('Performance')
+    );
+
+    if (lines.length === 0) {
+      core.info('No benchmark results to post.');
+      return;
+    }
+
+    const body = [
+      '## 📊 Benchmark Results',
+      '',
+      '```',
+      lines.join('\n'),
+      '```',
+      '',
+      '<details><summary>Full output</summary>',
+      '',
+      '```',
+      output.substring(0, 60000),
+      '```',
+      '</details>',
+    ].join('\n');
+
+    // Find and update or create comment
+    const { data: comments } = await github.rest.issues.listComments({
+      owner: context.repo.owner,
+      repo: context.repo.repo,
+      issue_number: context.payload.pull_request.number,
+    });
+
+    const marker = '## 📊 Benchmark Results';
+    const existing = comments.find(c => c.body && c.body.startsWith(marker));
+
+    if (existing) {
+      await github.rest.issues.updateComment({
+        owner: context.repo.owner,
+        repo: context.repo.repo,
+        comment_id: existing.id,
+        body,
+      });
+    } else {
+      await github.rest.issues.createComment({
+        owner: context.repo.owner,
+        repo: context.repo.repo,
+        issue_number: context.payload.pull_request.number,
+        body,
+      });
+    }
+};