Skip to content

ci: Use GitHub-hosted runners and fix release workflow#297

Merged
rubberduck203 merged 9 commits into
mainfrom
ci/use-github-hosted-runners
Apr 8, 2026
Merged

ci: Use GitHub-hosted runners and fix release workflow#297
rubberduck203 merged 9 commits into
mainfrom
ci/use-github-hosted-runners

Conversation

@rubberduck203
Copy link
Copy Markdown
Contributor

@rubberduck203 rubberduck203 commented Apr 7, 2026
edited
Loading

Summary

  • Switch read-only CI jobs (tests, docs, builds) from Gusto self-hosted runners to GitHub-hosted runners (ubuntu-latest, macos-latest)
  • Keep gusto-ubuntu-default only for jobs that need write access (git push, release creation) due to org IP allow list
  • Fix release version format to use readable CalVer
  • Fix release workflow to handle existing release branch state and work with workflow_dispatch

Runner layout

The Gusto org IP allow list blocks GitHub-hosted runners from write operations, so only jobs that push or create releases use the self-hosted runner:

Job Runner Why
Prepare Release ubuntu-latest Read-only, calculates version
Push Release Branch and Tag gusto-ubuntu-default Needs git push access
Build (4 targets) ubuntu-latest / macos-latest Read-only, compiles artifacts
Create GitHub Release gusto-ubuntu-default Needs API write access

This unblocks the macOS (aarch64-apple-darwin) build which was previously impossible since this repo doesn't have access to gusto-osx-default.

Version format

Versions use CalVer: YEAR.MONTH.DAY+HHMM (e.g., 2026.4.7+1823).

The +HHMM build metadata ensures uniqueness for multiple same-day releases. Per semver, build metadata is ignored for version comparison (2026.4.7+0900 == 2026.4.7+1400), but this is fine since the package isn't published to crates.io — the version only appears in the compiled binary and git tags. Verified locally that cargo check accepts this format.

Test plan

  • Verified cargo check accepts the version format locally
  • Verified full release pipeline via workflow_dispatch — all jobs green
  • Release created successfully: https://github.com/Gusto/scope/actions/runs/24097615094
  • Verify tests workflow runs on PR branches with ubuntu-latest
  • Verify docs workflow runs on PR branches with ubuntu-latest

🤖 Generated with Claude Code

rubberduck203 and others added 9 commits April 7, 2026 13:59
@rubberduck203 @claude
ci: Switch from Gusto self-hosted runners to GitHub-hosted runners
2a06b8b 
Public repos can use GitHub-hosted runners directly. The self-hosted
runner dependency was preventing releases (macOS runner unavailable)
and adding unnecessary coupling to internal infrastructure.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@rubberduck203 @claude
ci: Fix release workflow to use origin/main ref
3321802 
When dispatched on a non-main branch, the local 'main' ref doesn't
exist. Use 'origin/main' which is always available after fetch.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@rubberduck203 @claude
ci: Fix release version stamping and merge handling
e9454a7 
- Replace any existing version in Cargo.toml, not just 0.0.0-dev
  (release branch retains the previous release version)
- Handle no-op merge when release is already up to date with main
- Use git add -A to capture all merge + version changes

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@rubberduck203 @claude
ci: Split release into separate push job on gusto-ubuntu runner
aa87596 
Only the git push step needs the self-hosted runner (due to org IP
allow list). All other jobs use GitHub-hosted runners.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@rubberduck203 @claude
ci: Fix version format to produce valid semver
6861eaa 
Cargo rejects leading zeros in version components (e.g. 2026.04.07).
Use non-padded month/day to produce valid versions like 2026.4.7.1809.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@rubberduck203 @claude
ci: Use 3-component semver version format
9bfe7c8 
Cargo requires strict semver (MAJOR.MINOR.PATCH) with no leading
zeros. Use YEAR.MONTHDAY.HOURMIN format (e.g. 2026.407.1813).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@rubberduck203 @claude
ci: Use gusto-ubuntu runner for release creation step
1a14d61 
Creating a GitHub release requires write API access, which is blocked
by the org IP allow list on GitHub-hosted runners.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@rubberduck203 @claude
ci: Use readable CalVer format YEAR.MONTH.DAY+HHMM
f354727 
Since this isn't published to crates.io, we can use build metadata
for the time component. Produces versions like 2026.4.7+1823.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@rubberduck203 @claude
ci: Document CalVer build metadata tradeoff
986ed6f 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@rubberduck203 rubberduck203 requested a review from kejadlen April 7, 2026 21:20
@rubberduck203 rubberduck203 marked this pull request as ready for review April 7, 2026 21:20
kejadlen
kejadlen approved these changes Apr 7, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@kejadlen kejadlen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, duh, that makes sense to split up which runners do what things.

@rubberduck203 rubberduck203 merged commit 59456f9 into main Apr 8, 2026
15 checks passed
@rubberduck203 rubberduck203 deleted the ci/use-github-hosted-runners branch April 8, 2026 09:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kejadlen kejadlen kejadlen approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rubberduck203 @kejadlen