Reference: CI Governance
Generated from configs/governance/ci-governance.yaml. Do not edit this file manually.
This page is the render-only reference for current CI topology, required
aggregate policy, disabled governance features, and generated threshold
summary.
Rendered from multiple tracked sources:
- Primary topology source:
configs/governance/ci-governance.yaml
- Threshold sources:
configs/profiles/pr.yaml, configs/profiles/nightly.yaml
- This page is a generated reference, not the canonical place to hand-edit CI facts.
- Nightly required rows describe deterministic core only; live external, mutation, AI review, and other privileged observability checks stay in manual-only sections below.
Aggregate Checks
| Scope |
Workflow |
Aggregate Job |
Required Job Count |
Required Jobs |
| ci |
.github/workflows/ci.yml |
required_ci_gate |
1 |
ci-quick-gate |
| pr |
.github/workflows/pr.yml |
pr_required_gate |
1 |
pr-quick-gate |
| nightly |
.github/workflows/nightly.yml |
single required job |
1 |
nightly-gate |
Optional Jobs
| Scope |
Workflow |
Observational / Non-required Jobs |
| ci |
.github/workflows/ci.yml |
none |
| pr |
.github/workflows/pr.yml |
none |
| nightly |
.github/workflows/nightly.yml |
none |
Manual Dispatch Jobs
| Scope |
Workflow |
workflow_dispatch-only Jobs |
| nightly |
.github/workflows/nightly.yml |
nightly-manual-observability |
Branch Protection Policy
- Default branch:
main
- Allowed required aggregate checks:
pr_required_gate
- Dedicated audit workflow:
.github/workflows/branch-protection-audit.yml
- Repo-side script exists at
scripts/ci/check-branch-protection.sh; remote
enforcement must be validated in a privileged audit context.
Feature Flags
| Feature |
Status |
Workflow |
Job |
chromatic_web |
disabled |
.github/workflows/ci.yml |
chromatic_web |
hygiene_job |
disabled |
.github/workflows/ci.yml |
hygiene |
Required Job Mode
- ci:
hard_fail
- pr:
hard_fail
- nightly:
hard_fail
| Workflow |
Job |
Step Names |
| none |
none |
none |
Deterministic Core Entry Points
| Scope |
Script Entry Point |
| nightly |
scripts/ci/run-nightly-deterministic-core.sh |
Threshold Summary
| Threshold Key |
pr |
nightly |
consoleErrorMax |
0 |
0 |
pageErrorMax |
0 |
0 |
http5xxMax |
0 |
0 |
contractStatus |
passed |
passed |
dangerousActionHitsMax |
n/a |
n/a |
securityHighVulnMax |
n/a |
0 |
a11ySeriousMax |
0 |
0 |
perfLcpMsMax |
4000 |
5000 |
perfFcpMsMax |
2500 |
3000 |
visualDiffPixelsMax |
300 |
0 |
loadFailedRequestsMax |
n/a |
0 |
loadP95MsMax |
n/a |
250 |
loadRpsMin |
n/a |
10 |