commit f0121ffe789a07fa699c30d17f872866b992f0cc
parent 7766cefd12ce18e5f3b9e47bb283d47d414d6fdc
Author: triesap <tyson@radroots.org>
Date: Sun, 14 Jun 2026 14:43:55 -0700
repo: inline validation app surface
- Remove the scripts and ci scaffolding directories.
- Inline check, test, coverage, ci, and release-acceptance commands in flake apps.
- Update validation guards to assert the flake command surface directly.
- Keep the release acceptance and benchmark proof gates available without shell wrappers.
Diffstat:
10 files changed, 92 insertions(+), 124 deletions(-)
diff --git a/crates/tangle/tests/coverage_gate.rs b/crates/tangle/tests/coverage_gate.rs
@@ -4,39 +4,51 @@ use std::fs;
use std::path::{Path, PathBuf};
#[test]
-fn coverage_script_requires_workspace_full_line_coverage() {
- let script = read("scripts/coverage.sh");
-
- assert!(script.contains("cargo llvm-cov --version"));
- assert!(script.contains("LLVM_COV=\"$(command -v llvm-cov)\""));
- assert!(script.contains("LLVM_PROFDATA=\"$(command -v llvm-profdata)\""));
- assert!(script.contains("cargo llvm-cov clean --workspace"));
- assert!(script.contains("cargo llvm-cov --workspace --all-targets"));
- assert!(script.contains("--show-missing-lines"));
- assert!(script.contains("--fail-under-lines 100"));
- assert!(script.contains("--fail-uncovered-lines 0"));
+fn flake_coverage_app_requires_workspace_full_line_coverage() {
+ let flake = read("flake.nix");
+
+ assert!(flake.contains("pkgs.cargo-llvm-cov"));
+ assert!(flake.contains("pkgs.llvmPackages.llvm"));
+ assert!(flake.contains("cargo llvm-cov --version"));
+ assert!(flake.contains("LLVM_COV=\"$(command -v llvm-cov)\""));
+ assert!(flake.contains("LLVM_PROFDATA=\"$(command -v llvm-profdata)\""));
+ assert!(flake.contains("coverage = mkScript"));
+ assert!(flake.contains("cargo llvm-cov clean --workspace"));
+ assert!(flake.contains("cargo llvm-cov --workspace --all-targets"));
+ assert!(flake.contains("--show-missing-lines"));
+ assert!(flake.contains("--fail-under-lines 100"));
+ assert!(flake.contains("--fail-uncovered-lines 0"));
}
#[test]
-fn release_and_ci_keep_coverage_diagnostic_outside_required_gates() {
- let release = read("scripts/release_acceptance.sh");
- let ci = read("scripts/ci.sh");
- let validation = read("ci/workspace-validation.toml");
- assert!(!release.contains("scripts/coverage.sh"));
- assert!(!ci.contains("scripts/coverage.sh"));
- assert!(!validation.contains("id = \"coverage\""));
+fn flake_validation_surface_does_not_depend_on_removed_dirs() {
+ let root = workspace_root();
+ let flake = read("flake.nix");
+
+ assert!(!root.join("scripts").exists());
+ assert!(!root.join("ci").exists());
+ assert!(!flake.contains("scripts/"));
+ assert!(!flake.contains("ci/"));
+ assert!(!flake.contains("ops/"));
}
#[test]
-fn nix_coverage_app_provisions_coverage_tools_and_environment() {
+fn release_and_ci_keep_coverage_diagnostic_outside_required_gates() {
let flake = read("flake.nix");
- assert!(flake.contains("pkgs.cargo-llvm-cov"));
- assert!(flake.contains("pkgs.llvmPackages.llvm"));
- assert!(flake.contains("LLVM_COV=\"$(command -v llvm-cov)\""));
- assert!(flake.contains("LLVM_PROFDATA=\"$(command -v llvm-profdata)\""));
- assert!(flake.contains("coverage = mkScript"));
- assert!(flake.contains("scripts/coverage.sh"));
+ let ci_start = flake.find("ci = mkScript").expect("ci app");
+ let release_start = flake
+ .find("releaseAcceptance = mkScript")
+ .expect("release app");
+ let apps_start = release_start
+ + flake[release_start..]
+ .find("in\n {")
+ .expect("apps body");
+ let ci = &flake[ci_start..release_start];
+ let release = &flake[release_start..apps_start];
+
+ assert!(!ci.contains("cargo llvm-cov"));
+ assert!(!release.contains("cargo llvm-cov"));
}
fn read(path: &str) -> String {
diff --git a/crates/tangle/tests/release_acceptance.rs b/crates/tangle/tests/release_acceptance.rs
@@ -4,35 +4,42 @@ use std::fs;
use std::path::{Path, PathBuf};
#[test]
-fn release_acceptance_script_covers_release_candidate_validation_ladder() {
- let script_path = workspace_root().join("scripts/release_acceptance.sh");
- let script = fs::read_to_string(&script_path).expect("release acceptance script");
+fn release_acceptance_app_covers_release_candidate_validation_ladder() {
+ let flake = read("flake.nix");
+ let release_start = flake
+ .find("releaseAcceptance = mkScript")
+ .expect("release app");
+ let apps_start = release_start
+ + flake[release_start..]
+ .find("in\n {")
+ .expect("apps body");
+ let release = &flake[release_start..apps_start];
for required in [
- "#!/usr/bin/env bash",
- "set -euo pipefail",
- "scripts/check.sh",
- "scripts/test.sh",
+ "cargo fmt --all -- --check",
+ "cargo test -p tangle --test source_comments",
+ "cargo test -p tangle --test unsafe_code",
+ "cargo check --workspace --all-targets",
+ "cargo clippy --workspace --all-targets -- -D warnings",
+ "cargo test --workspace",
"cargo test -p tangle_runtime --test base_relay_v2",
"cargo test -p tangle_groups",
"cargo test -p tangle_store_pocket",
"cargo test -p tangle_bench",
- "scripts/benchmark_report.sh",
- "cargo test -p tangle --test source_comments",
- "cargo test -p tangle --test unsafe_code",
+ "cargo run -p tangle_bench --bin tangle-benchmark-report",
] {
assert!(
- script.contains(required),
- "release acceptance script is missing `{required}`"
+ release.contains(required),
+ "release acceptance app is missing `{required}`"
);
}
assert!(
- !script.contains("scripts/coverage.sh"),
+ !release.contains("cargo llvm-cov"),
"release acceptance must not depend on strict line coverage"
);
assert!(
- !script.contains("cargo nextest run --workspace"),
+ !release.contains("cargo nextest run --workspace"),
"release acceptance must not require a host-local nextest install"
);
for removed in [
@@ -46,25 +53,10 @@ fn release_acceptance_script_covers_release_candidate_validation_ladder() {
"runtime_restore_command_imports_backup_and_rebuilds_projection_state",
] {
assert!(
- !script.contains(removed),
+ !release.contains(removed),
"release acceptance still references `{removed}`"
);
}
-
- #[cfg(unix)]
- {
- use std::os::unix::fs::PermissionsExt;
-
- let mode = fs::metadata(&script_path)
- .expect("script metadata")
- .permissions()
- .mode();
- assert_ne!(
- mode & 0o111,
- 0,
- "release acceptance script must be executable"
- );
- }
}
#[test]
@@ -73,7 +65,6 @@ fn nix_exposes_release_acceptance_entrypoint() {
for required in [
"releaseAcceptance = mkScript pkgs \"tangle-release-acceptance\"",
- "scripts/release_acceptance.sh",
"\"release-acceptance\"",
"program = \"${releaseAcceptance}/bin/tangle-release-acceptance\"",
] {
diff --git a/flake.nix b/flake.nix
@@ -16,12 +16,6 @@
];
forAllSystems = nixpkgs.lib.genAttrs systems;
mkPkgs = system: import nixpkgs { inherit system; };
- coverageEnvironment = ''
- LLVM_COV="$(command -v llvm-cov)"
- LLVM_PROFDATA="$(command -v llvm-profdata)"
- export LLVM_COV
- export LLVM_PROFDATA
- '';
mkScript =
pkgs: name: text:
pkgs.writeShellApplication {
@@ -55,22 +49,48 @@
let
pkgs = mkPkgs system;
check = mkScript pkgs "tangle-check" ''
- scripts/check.sh
+ cargo fmt --all -- --check
+ cargo test -p tangle --test source_comments
+ cargo test -p tangle --test unsafe_code
+ cargo check --workspace --all-targets
+ cargo clippy --workspace --all-targets -- -D warnings
'';
test = mkScript pkgs "tangle-test" ''
- scripts/test.sh
+ cargo test --workspace
cargo nextest run --workspace
'';
coverage = mkScript pkgs "tangle-coverage" ''
- ${coverageEnvironment}
- scripts/coverage.sh
+ if ! cargo llvm-cov --version >/dev/null 2>&1; then
+ printf '%s\n' 'cargo llvm-cov is required'
+ exit 1
+ fi
+ LLVM_COV="$(command -v llvm-cov)"
+ LLVM_PROFDATA="$(command -v llvm-profdata)"
+ export LLVM_COV
+ export LLVM_PROFDATA
+ cargo llvm-cov clean --workspace
+ cargo llvm-cov --workspace --all-targets --show-missing-lines --fail-under-lines 100 --fail-uncovered-lines 0
'';
ci = mkScript pkgs "tangle-ci" ''
- ${coverageEnvironment}
- scripts/ci.sh
+ cargo fmt --all -- --check
+ cargo test -p tangle --test source_comments
+ cargo test -p tangle --test unsafe_code
+ cargo check --workspace --all-targets
+ cargo clippy --workspace --all-targets -- -D warnings
+ cargo test --workspace
'';
releaseAcceptance = mkScript pkgs "tangle-release-acceptance" ''
- scripts/release_acceptance.sh
+ cargo fmt --all -- --check
+ cargo test -p tangle --test source_comments
+ cargo test -p tangle --test unsafe_code
+ cargo check --workspace --all-targets
+ cargo clippy --workspace --all-targets -- -D warnings
+ cargo test --workspace
+ cargo test -p tangle_runtime --test base_relay_v2
+ cargo test -p tangle_groups
+ cargo test -p tangle_store_pocket
+ cargo test -p tangle_bench
+ cargo run -p tangle_bench --bin tangle-benchmark-report
'';
in
{
diff --git a/scripts/benchmark_report.sh b/scripts/benchmark_report.sh
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-cargo run -p tangle_bench --bin tangle-benchmark-report -- "$@"
diff --git a/scripts/check.sh b/scripts/check.sh
@@ -1,9 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-cargo fmt --all -- --check
-cargo test -p tangle --test coverage_gate
-cargo test -p tangle --test source_comments
-cargo test -p tangle --test unsafe_code
-cargo check --workspace --all-targets
-cargo clippy --workspace --all-targets -- -D warnings
diff --git a/scripts/ci.sh b/scripts/ci.sh
@@ -1,5 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-scripts/check.sh
-scripts/test.sh
diff --git a/scripts/coverage.sh b/scripts/coverage.sh
@@ -1,17 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-if ! cargo llvm-cov --version >/dev/null 2>&1; then
- printf '%s\n' 'cargo llvm-cov is required'
- exit 1
-fi
-
-if command -v llvm-cov >/dev/null 2>&1 && command -v llvm-profdata >/dev/null 2>&1; then
- LLVM_COV="$(command -v llvm-cov)"
- LLVM_PROFDATA="$(command -v llvm-profdata)"
- export LLVM_COV
- export LLVM_PROFDATA
-fi
-
-cargo llvm-cov clean --workspace
-cargo llvm-cov --workspace --all-targets --show-missing-lines --fail-under-lines 100 --fail-uncovered-lines 0
diff --git a/scripts/format.sh b/scripts/format.sh
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-cargo fmt --all -- --check
diff --git a/scripts/release_acceptance.sh b/scripts/release_acceptance.sh
@@ -1,12 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-scripts/check.sh
-scripts/test.sh
-cargo test -p tangle_runtime --test base_relay_v2
-cargo test -p tangle_groups
-cargo test -p tangle_store_pocket
-cargo test -p tangle_bench
-scripts/benchmark_report.sh
-cargo test -p tangle --test source_comments
-cargo test -p tangle --test unsafe_code
diff --git a/scripts/test.sh b/scripts/test.sh
@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-cargo test --workspace
