chore(deps): bump actions/upload-artifact from 3 to 7

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 7. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3...v7) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Merge pull request #913 from ruvnet/fix/ci-v1-api-perms-locust
2026-06-16 11:23:19 +00:00 · 2026-06-02 15:39:41 +00:00 · 2026-06-02 17:36:43 +02:00 · 2026-06-02 17:29:04 +02:00 · 2026-06-02 17:26:39 +02:00
9 changed files with 37 additions and 24 deletions
@@ -204,7 +204,7 @@ jobs:
        # kubectl scale rs -n wifi-densepose -l app=wifi-densepose,version!=green --replicas=0

    - name: Upload deployment artifacts
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v7
      with:
        name: production-deployment-${{ github.run_number }}
        path: |
@@ -67,7 +67,7 @@ jobs:

    - name: Upload security reports
      continue-on-error: true
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v7
      if: always()
      with:
        name: security-reports
@@ -232,7 +232,7 @@ jobs:

    - name: Upload test results
      continue-on-error: true
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v7
      if: always()
      with:
        name: test-results-${{ matrix.python-version }}
@@ -265,7 +265,7 @@ jobs:
      run: |
        python -m pip install --upgrade pip
        pip install -r requirements.txt
-        pip install locust
+        pip install pytest   # the perf suite is pytest, not locust

    - name: Start application
      working-directory: archive/v1
@@ -278,14 +278,24 @@ jobs:
        sleep 10

    - name: Run performance tests
+      working-directory: archive/v1
+      env:
+        MOCK_POSE_DATA: "true"
      run: |
-        locust -f tests/performance/locustfile.py --headless --users 50 --spawn-rate 5 --run-time 60s --host http://localhost:8000
+        # The repo's performance suite is pytest (test_api_throughput.py,
+        # test_frame_budget.py, test_inference_speed.py) — there is no
+        # locustfile.py, so the old `locust -f tests/performance/locustfile.py`
+        # command always failed with "Could not find ...". Run the real suite.
+        # -o addopts="" drops the root pyproject's --cov/--cov-fail-under=100
+        # flags (pytest-cov isn't installed here and 100% cov is for unit tests).
+        pytest tests/performance/ -o addopts="" -v --junitxml=perf-junit.xml

    - name: Upload performance results
-      uses: actions/upload-artifact@v4
+      if: always()
+      uses: actions/upload-artifact@v7
      with:
        name: performance-results
-        path: locust_report.html
+        path: archive/v1/perf-junit.xml

  # Docker Build and Test
  # NOTE: the canonical Docker build for the sensing-server is now
@@ -371,6 +381,8 @@ jobs:
    runs-on: ubuntu-latest
    needs: [docker-build]
    if: github.ref == 'refs/heads/main'
+    permissions:
+      contents: write   # gh-pages deploy needs write (GITHUB_TOKEN is read-only by default -> 403)
    steps:
    - name: Checkout code
      uses: actions/checkout@v4
@@ -400,6 +412,7 @@ jobs:

    - name: Deploy to GitHub Pages
      uses: peaceiris/actions-gh-pages@v4
+      continue-on-error: true   # openapi generation above is the real validation; deploy is best-effort (Pages may be disabled)
      with:
        github_token: ${{ secrets.GITHUB_TOKEN }}
        publish_dir: ./docs
@@ -64,7 +64,7 @@ jobs:
          echo "Signed cog-ha-matter-x86_64 ($(wc -c < dist/cog-ha-matter-x86_64.sig) bytes)"

      - name: Upload workflow artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
        with:
          name: cog-ha-matter-x86_64
          path: |
@@ -126,7 +126,7 @@ jobs:
          echo "Signed cog-ha-matter-arm ($(wc -c < dist/cog-ha-matter-arm.sig) bytes)"

      - name: Upload workflow artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
        with:
          name: cog-ha-matter-arm
          path: |
@@ -72,7 +72,7 @@ jobs:
          zip -r "RuView-Desktop-${{ github.event.inputs.version || '0.4.0' }}-macos-${{ steps.arch.outputs.arch }}.zip" "RuView Desktop.app"

      - name: Upload macOS artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
        with:
          name: ruview-macos-${{ steps.arch.outputs.arch }}
          path: v2/target/${{ matrix.target }}/release/bundle/macos/*.zip
@@ -111,13 +111,13 @@ jobs:
          TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}

      - name: Upload Windows MSI artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
        with:
          name: ruview-windows-msi
          path: v2/target/release/bundle/msi/*.msi

      - name: Upload Windows NSIS artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
        with:
          name: ruview-windows-nsis
          path: v2/target/release/bundle/nsis/*.exe
@@ -163,7 +163,7 @@ jobs:
          echo "See: https://github.com/espressif/qemu/wiki"

      - name: Upload firmware artifact (${{ matrix.variant }})
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
        with:
          name: esp32-csi-node-firmware-${{ matrix.variant }}
          path: firmware/esp32-csi-node/release-staging/
@@ -73,7 +73,7 @@ jobs:
          echo "QEMU binary size: $(file_size /opt/qemu-esp32/bin/qemu-system-xtensa) bytes"

      - name: Upload QEMU artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
        with:
          name: qemu-esp32
          path: /opt/qemu-esp32/
@@ -201,7 +201,7 @@ jobs:

      - name: Upload test logs
        if: always()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
        with:
          name: qemu-logs-${{ matrix.nvs_config }}
          path: |
@@ -249,7 +249,7 @@ jobs:

      - name: Upload fuzz artifacts
        if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
        with:
          name: fuzz-crashes
          path: |
@@ -362,7 +362,7 @@ jobs:

      - name: Upload swarm results
        if: always()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
        with:
          name: swarm-results
          path: |
@@ -47,7 +47,7 @@ jobs:

      - name: Upload result artifact
        if: always()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
        with:
          name: fix-markers-result
          path: fix-markers-result.json
@@ -107,7 +107,7 @@ jobs:
          package-dir: python
          output-dir: wheelhouse

-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v7
        with:
          name: wheels-${{ matrix.os }}-${{ matrix.arch }}
          path: wheelhouse/*.whl
@@ -126,7 +126,7 @@ jobs:
      - name: Build sdist
        working-directory: python
        run: maturin sdist --out ../sdist
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v7
        with:
          name: sdist
          path: sdist/*.tar.gz
@@ -203,7 +203,7 @@ jobs:
            exit 1
          fi
          echo "Tombstone wheel correctly raises ImportError with migration URL."
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v7
        with:
          name: tombstone
          path: tombstone-dist/*
@@ -139,7 +139,7 @@ jobs:

    - name: Upload vulnerability reports
      continue-on-error: true
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v7
      if: always()
      with:
        name: vulnerability-reports
@@ -363,7 +363,7 @@ jobs:

    - name: Upload license report
      continue-on-error: true
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v7
      with:
        name: license-report
        path: licenses.json
@@ -451,7 +451,7 @@ jobs:

    - name: Upload security summary
      continue-on-error: true
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v7
      with:
        name: security-summary
        path: security-summary.md
Author	SHA1	Message	Date
dependabot[bot]	4ba5079cd0	chore(deps): bump actions/upload-artifact from 3 to 7 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 7. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3...v7) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2026-06-02 15:39:41 +00:00
rUv	55f6a74e1e	Merge pull request #913 from ruvnet/fix/ci-v1-api-perms-locust ci(v1-api): fix gh-pages 403 + run real pytest perf suite	2026-06-02 17:36:43 +02:00
ruv	b5a91c5635	ci(v1-api): install pytest, drop root --cov addopts for perf suite, ascii comment	2026-06-02 17:29:04 +02:00
ruv	308d2fc89d	ci(v1-api): fix gh-pages 403 + run real perf suite — green main CI Two more latent v1-API CI bugs surfaced once #910/#911 let the jobs reach their later steps: - API Documentation: openapi generation now succeeds (psutil fix), but the gh-pages deploy failed with HTTP 403 — the job had no `permissions` block and GITHUB_TOKEN is read-only by default. Add `permissions: contents: write`, and make the deploy `continue-on-error` (the openapi generation is the real validation; Pages may be disabled). - Performance Tests: ran `locust -f tests/performance/locustfile.py`, but there is no locustfile — the suite is pytest (test_api_throughput.py, test_frame_budget.py, test_inference_speed.py). Run pytest instead, with working-directory: archive/v1 and MOCK_POSE_DATA=true. ci.yml validated as well-formed YAML.	2026-06-02 17:26:39 +02:00