PF-Core production kernel: claim classes, Lean research, CI fixes #80
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main, master] | |
| pull_request: | |
| jobs: | |
| python: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Install and test Python | |
| run: | | |
| cd python | |
| pip install -e ".[dev]" | |
| pytest -q tests/test_pf_core_tier1.py tests/test_pf_core_cross_language.py | |
| pytest -q tests/test_pf_core_stage1.py tests/test_pf_core_stage2.py tests/test_pf_core_stage3.py | |
| pytest -q tests/test_pf_core_phase_f.py | |
| pytest -q | |
| pytest -q tests/test_protocol_conformance.py | |
| pcs schema check | |
| pcs pf-core audit-claims | |
| pcs pf-core audit-boundary | |
| pcs pf-core audit-lean-catalog | |
| pcs pf-core audit-lean-no-sorry | |
| pcs examples check | |
| pcs validate-release-chain ../examples/labtrust-release/ | |
| pcs validate-release-chain ../examples/labtrust-release/ --json > /dev/null | |
| pcs validate-release-chain ../examples/labtrust-release/ --out ../examples/labtrust-release/.ci_validation_result.json | |
| pcs validate ../examples/labtrust-release/.ci_validation_result.json | |
| test -f ../examples/labtrust-release/release_manifest.v0.json | |
| pcs validate ../examples/labtrust-release/release_manifest.v0.json | |
| python -m pcs_core.hash_vectors --verify | |
| pcs shared-hash-vectors verify | |
| pcs conformance run --suite all | |
| pcs conformance run --suite multidomain | |
| pcs conformance run --suite all --json > /tmp/conformance_report.json | |
| pcs validate /tmp/conformance_report.json | |
| pcs registry validate ../examples/artifact_registry.valid.json | |
| pcs registry audit | |
| test -f ../examples/tool-use-release/tool_use_trace.valid.json | |
| test -f ../examples/tool-use-release/tool_use_certificate.valid.json | |
| test -f ../examples/tool-use-release/RELEASE_FIXTURE_MANIFEST.json | |
| pcs validate ../examples/workflow_profiles/labtrust_qc_release.valid.json | |
| pcs validate ../examples/workflow_profiles/agent_tool_use_safety.valid.json | |
| pcs validate ../examples/workflow_profiles/scientific_computation_reproducibility.valid.json | |
| pcs validate-release-chain ../examples/tool-use-release/ | |
| test -f ../examples/computation-release/computation_witness.json | |
| test -f ../examples/computation-release/RELEASE_FIXTURE_MANIFEST.json | |
| pcs validate-release-chain ../examples/computation-release/ | |
| pcs conformance run --suite computation | |
| pcs benchmark validate | |
| pcs conformance run --suite benchmark | |
| pcs conformance run --suite benchmark-ingest | |
| pcs conformance run --suite benchmark-report | |
| pcs benchmark run --suite labtrust-qc-release-v0 | |
| pcs benchmark run --suite tool-use-safety-v0 | |
| pcs benchmark run --suite computation-reproducibility-v0 | |
| pcs benchmark run --suite scientific-memory-rendering-v0 | |
| pcs benchmark run --suite formal-trust-kernel-v0 | |
| pcs benchmark run --suite cross-domain-release-chain-v0 | |
| python scripts/materialize_benchmark_examples.py | |
| python scripts/materialize_benchmark_producer_examples.py | |
| python ../scripts/validate_benchmark_ingest_examples.py --release-grade | |
| pcs benchmark validate-ingest --release-grade | |
| pcs validate ../examples/benchmark_registry.valid.json | |
| pcs validate ../examples/benchmark_metric_registry.valid.json | |
| for f in ../examples/benchmark/pcs_bench_report.valid.json ../examples/benchmark/labtrust_benchmark_case.valid.json; do pcs validate "$f"; done | |
| for f in ../examples/benchmark_ingest/*.pcs_bench_ingest.valid.json; do pcs validate "$f"; done | |
| pcs validate ../examples/tool_use_trace.valid.json | |
| pcs validate ../examples/tool_use_certificate.valid.json | |
| pytest -q tests/test_multidomain_workflows.py | |
| ruff check pcs_core tests | |
| ruff format --check pcs_core tests | |
| - name: PF-Core fixture validation | |
| run: | | |
| cd python | |
| pip install -e . | |
| pcs validate ../examples/pf-core-valid/tool_use_trace_compiled/pfcore_trace.json | |
| pcs pf-core validate-trace ../examples/pf-core-valid/tool_use_trace_compiled/pfcore_trace.json | |
| - name: PF-Core CertifyEdge check (live or mock) | |
| run: | | |
| cd python | |
| pip install -e . | |
| if command -v certifyedge >/dev/null 2>&1; then | |
| pcs pf-core certifyedge-check \ | |
| --trace ../examples/pf-core-valid/labtrust_replay/trace.json \ | |
| --property qc_release.temporal.safety \ | |
| --out /tmp/PFCoreCertificate.certifyedge.json || \ | |
| PCS_CERTIFYEDGE_MOCK=1 pcs pf-core certifyedge-check \ | |
| --trace ../examples/pf-core-valid/labtrust_replay/trace.json \ | |
| --property qc_release.temporal.safety \ | |
| --out /tmp/PFCoreCertificate.certifyedge.json | |
| else | |
| PCS_CERTIFYEDGE_MOCK=1 pcs pf-core certifyedge-check \ | |
| --trace ../examples/pf-core-valid/labtrust_replay/trace.json \ | |
| --property qc_release.temporal.safety \ | |
| --out /tmp/PFCoreCertificate.certifyedge.json | |
| fi | |
| - name: PF-Core Tier 1 tests | |
| run: | | |
| cd python | |
| pytest -q tests/test_pf_core_tier1.py tests/test_pf_core_cross_language.py | |
| - name: Schema drift check (reference) | |
| run: bash scripts/pcs-schema-diff.sh schemas | |
| - name: PF-Core adapter parity (provability-fabric-core pin) | |
| run: bash scripts/run-pf-core-adapter-ci.sh | |
| - name: LabTrust release fixtures | |
| run: | | |
| cd python | |
| pcs validate-release-chain ../examples/labtrust-release/ | |
| lean: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Install elan | |
| run: curl -sSfL https://github.com/leanprover/elan/releases/download/v4.0.0/elan-x86_64-unknown-linux-gnu.tar.gz | tar xz && ./elan-init -y --default-toolchain none | |
| - name: Build Lean libraries and PF-Core lean-check | |
| run: | | |
| export PATH="$HOME/.elan/bin:$PATH" | |
| cd lean | |
| elan default leanprover/lean4:v4.14.0 | |
| lake build PCS | |
| lake build PFCore | |
| cd ../python | |
| pip install -e . | |
| pcs pf-core lean-check --trace ../examples/pf-core-valid/tool_use_trace_compiled/pfcore_trace.json --out /tmp/pfcore-ci-cert.json | |
| pcs pf-core verify-proof-binding \ | |
| --certificate /tmp/pfcore-ci-cert.json \ | |
| --trace ../examples/pf-core-valid/tool_use_trace_compiled/pfcore_trace.json | |
| pcs pf-core validate-contracts \ | |
| ../examples/pf-core-valid/contract_checked/trace.json \ | |
| --contracts-dir ../examples/pf-core-valid/contract_checked | |
| pf-core-adapter: | |
| runs-on: ubuntu-latest | |
| continue-on-error: true | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: PF-Core provability-fabric-core adapter parity | |
| run: bash scripts/run-pf-core-adapter-ci.sh | |
| rust: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: dtolnay/rust-toolchain@stable | |
| with: | |
| components: rustfmt, clippy | |
| - name: Test Rust | |
| run: | | |
| cd rust | |
| cargo fmt --check | |
| cargo clippy --all-targets -- -D warnings | |
| cargo test | |
| cargo test hash_vectors | |
| typescript: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: "22" | |
| - name: Test TypeScript | |
| run: | | |
| cd typescript | |
| npm install | |
| npm test | |
| npm run test:hash-vectors -w @pcs/core | |
| npm run lint | |
| validate-cli-contract: | |
| runs-on: ubuntu-latest | |
| needs: python | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Required CLI commands | |
| run: | | |
| cd python | |
| pip install -e . | |
| pcs validate ../examples/science_claim_bundle.certified.valid.json | |
| pcs validate ../examples/signed_science_claim_bundle.valid.json | |
| pcs validate ../examples/labtrust/signed_science_claim_bundle.valid.json | |
| pcs validate ../examples/tool_use_trace.valid.json | |
| pcs validate ../examples/tool_use_certificate.valid.json | |
| pcs hash ../examples/science_claim_bundle.certified.valid.json | |
| pcs examples check | |
| pcs validate-release-chain ../examples/labtrust-release/ | |
| pcs validate-release-chain ../examples/tool-use-release/ | |
| pcs validate-release-chain ../examples/computation-release/ | |
| pcs conformance run --suite workflow-profile | |
| pcs conformance run --suite tool-use | |
| pcs conformance run --suite computation | |
| pcs conformance run --suite multidomain |