Add public documentation guides #349
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| pull_request: | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| contents: read | |
| jobs: | |
| repository-hygiene: | |
| name: Repository hygiene | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "24" | |
| - name: Check required bootstrap paths | |
| shell: bash | |
| run: | | |
| required_paths=( | |
| "AGENTS.md" | |
| "README.md" | |
| "docs/FLOWMEMORY_HQ_CONTEXT.md" | |
| "docs/START_HERE.md" | |
| "docs/PROJECT_CHARTER.md" | |
| "docs/CURRENT_STATE.md" | |
| "docs/ROADMAP.md" | |
| "docs/ARCHITECTURE.md" | |
| "docs/SECURITY_MODEL.md" | |
| "docs/AGENT_ROLES.md" | |
| "docs/DECISIONS" | |
| "contracts/FLOWPULSE_SCHEMA.md" | |
| "contracts/FlowPulse.sol" | |
| "contracts/RootfieldRegistry.sol" | |
| "tests/README.md" | |
| "tests/RootfieldRegistry.t.sol" | |
| "contracts" | |
| "services" | |
| "services/flowmemory" | |
| "schemas/flowmemory" | |
| "fixtures/launch-core" | |
| "apps" | |
| "hardware" | |
| "research" | |
| "crypto" | |
| "infra/scripts" | |
| "infra/scripts/setup-worktrees.ps1" | |
| "inbox/claude-code" | |
| "inbox/old-prompts" | |
| "inbox/unsorted" | |
| ".github/pull_request_template.md" | |
| ".github/ISSUE_TEMPLATE/feature.yml" | |
| ".github/ISSUE_TEMPLATE/research.yml" | |
| ".github/ISSUE_TEMPLATE/hardware.yml" | |
| ".github/ISSUE_TEMPLATE/security.yml" | |
| ".github/ISSUE_TEMPLATE/bug.yml" | |
| ) | |
| missing=0 | |
| for path in "${required_paths[@]}"; do | |
| if [[ ! -e "$path" ]]; then | |
| echo "::error::Missing required path: $path" | |
| missing=1 | |
| fi | |
| done | |
| exit "$missing" | |
| - name: Check for obvious committed secrets | |
| shell: bash | |
| run: | | |
| patterns=( | |
| 'BEGIN (RSA|OPENSSH|PRIVATE) K[E]Y' | |
| 'AWS_SECRET_ACCESS_K[E]Y' | |
| 'PRIVATE_K[E]Y=' | |
| 'SECRET_K[E]Y=' | |
| 'gho_[A-Za-z0-9_]+' | |
| ) | |
| for pattern in "${patterns[@]}"; do | |
| if grep -RInE "$pattern" . --exclude-dir=.git; then | |
| echo "::error::Potential secret detected. Remove it or document why this is a false positive." | |
| exit 1 | |
| fi | |
| done | |
| - name: Check launch claim guardrails | |
| run: node infra/scripts/check-unsafe-claims.mjs | |
| contracts: | |
| name: Contracts | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| - name: Run contract hardening baseline | |
| run: bash infra/scripts/contracts-static-analysis.sh | |
| services: | |
| name: Services and launch core | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "24" | |
| cache: npm | |
| - name: Install services dependencies | |
| run: npm ci | |
| - name: Run service tests | |
| run: npm test | |
| - name: Run service e2e | |
| run: npm run e2e | |
| - name: Validate launch schemas | |
| run: npm run validate:launch | |
| - name: Check generated fixture drift | |
| run: npm run fixtures:check | |
| launch-core: | |
| name: Launch-core acceptance command | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "24" | |
| cache: npm | |
| - name: Set up Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Install services dependencies | |
| run: npm ci | |
| - name: Run launch V0 command | |
| run: npm run launch:v0 | |
| - name: Validate launch schemas | |
| run: npm run validate:launch | |
| agent-bonds: | |
| name: Agent Bonds readiness | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "24" | |
| cache: npm | |
| - name: Install Foundry | |
| uses: foundry-rs/foundry-toolchain@v1 | |
| - name: Set up Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Install services dependencies | |
| run: npm ci | |
| - name: Install dashboard dependencies | |
| run: npm ci --prefix apps/dashboard | |
| - name: Run Agent Bonds readiness pack | |
| run: npm run flowmemory:agent-bonds:readiness | |
| - name: Confirm only external public-launch blockers remain | |
| run: npm run flowmemory:agent-bonds:public-launch:blockers | |
| crypto: | |
| name: Crypto | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: crypto | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "24" | |
| cache: npm | |
| cache-dependency-path: crypto/package-lock.json | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Install crypto dependencies | |
| run: npm ci | |
| - name: Install Python crypto dependencies | |
| run: python -m pip install pycryptodome | |
| - name: Run crypto tests | |
| run: npm test | |
| - name: Validate crypto vectors | |
| run: npm run validate:vectors | |
| - name: Recompute Python FlowPulse vector | |
| run: python validate_test_vectors.py | |
| dashboard: | |
| name: Dashboard | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: apps/dashboard | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: "24" | |
| cache: npm | |
| cache-dependency-path: apps/dashboard/package-lock.json | |
| - name: Install dashboard dependencies | |
| run: npm ci | |
| - name: Run dashboard tests | |
| run: npm test | |
| - name: Build dashboard | |
| run: npm run build | |
| devnet: | |
| name: Local devnet | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Run devnet tests | |
| run: cargo test --manifest-path crates/flowmemory-devnet/Cargo.toml | |
| hardware: | |
| name: Hardware POC | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Validate FlowRouter simulator fixture | |
| run: python hardware/simulator/flowrouter_sim.py --validate-file hardware/fixtures/flowrouter_sample_seed42.json |