Split CI: depot for unit tests, Xcode Cloud for UI tests

[lawrencecchen]

Summary

• ci.yml: Remove UI test step and Metal Toolchain download. Switch runs-on from self-hosted to depot-macos-latest. Download pre-built GhosttyKit.xcframework instead of building from source (same curl+retry pattern as ci_post_clone.sh). Unit tests only (~2-3 min).
• nightly.yml: Add push: [main] trigger so every merge builds a nightly immediately. Add top-level concurrency: { group: nightly, cancel-in-progress: true } so rapid merges cancel stale runs. Switch from self-hosted to depot-macos-latest.
• test_ci_self_hosted_guard.sh: Update awk pattern to check for depot-macos instead of self-hosted.

UI tests move to Xcode Cloud (manual setup in Xcode, ci_post_clone.sh hook already merged in PR #447).

Test plan

• Verify depot tests job runs unit tests only and passes quickly
• After Xcode Cloud setup: verify it picks up PRs and runs full test suite
• Merge to main, verify nightly triggers automatically
• Merge two PRs quickly, verify first nightly is cancelled

Summary by CodeRabbit

• Chores

  • Updated CI/CD to use optimized macOS runners and simplified concurrency.
  • Switched to downloading a pre-built framework with robust retry logic and token support.
  • Moved depot UI test execution to Xcode Cloud.

• Tests

  • Adjusted CI guard and nightly triggers to align with the new runner and scheduling.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
cmux	Ready	Preview, Comment	Feb 28, 2026 3:35am

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 36facd2 and 852310d.

📒 Files selected for processing (1)

• GhosttyTabs.xcodeproj/xcshareddata/xcschemes/cmux.xcscheme

---

📝 Walkthrough

Walkthrough

CI workflows were changed to run on depot-macos-latest, replaced a zig/Metal Toolchain GhosttyKit build with a retry-enabled download of a pre-built GhosttyKit.xcframework.tar.gz from a GitHub release, removed depot UI test step, and updated the test guard and Xcode scheme test configuration.

Changes

Cohort / File(s)	Summary
CI workflow changes .github/workflows/ci.yml, .github/workflows/nightly.yml	Switched runner to depot-macos-latest; removed self-hosted concurrency/group config; added concurrency for nightly; replaced local zig/Metal Toolchain build with download-and-extract of GhosttyKit.xcframework.tar.gz from a GitHub release using HEAD SHA; added retry (up to 30 attempts, 20s delay) and a GITHUB_TOKEN env var; removed depot UI tests step.
Test guard script tests/test_ci_self_hosted_guard.sh	Updated guard to detect depot-macos runner instead of self-hosted; adjusted condition variables, messages, and PASS/FAIL checks to reflect depot-macos guard.
Xcode scheme change GhosttyTabs.xcodeproj/xcshareddata/xcschemes/cmux.xcscheme	Changed TestAction build configuration from Release to Debug.

Sequence Diagram(s)

mermaid
sequenceDiagram
participant Workflow as GitHub Actions Workflow
participant Runner as depot-macos-latest Runner
participant Releases as GitHub Releases (artifact)
participant Extract as Local Extract/Build Env

Workflow->>Runner: start tests job
Runner->>Releases: GET /releases/tags/<HEAD_SHA> (download GhosttyKit.xcframework.tar.gz)
Releases-->>Runner: 200 + artifact (or 404)
alt download success
    Runner->>Extract: extract archive
    Extract-->>Runner: xcframework ready
    Runner->>Workflow: proceed with tests/build (no zig build)
else download failure
    Runner->>Runner: retry (up to 30 attempts, 20s delay)
    Runner-->>Workflow: fail if retries exhausted
end

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• Set up full test suite in CI and Xcode Cloud #447: Implements similar replacement of zig-based GhosttyKit build with pre-built artifact download and updates CI guards.

Poem

🐰 I hopped through workflows, swift and spry,
Swapped builds for downloads from the sky,
Thirty retries in patient cheer,
Extracted frames and tests run clear,
Depot-macos hums — the rabbit's here! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely summarizes the main change: splitting CI workloads between depot (unit tests) and Xcode Cloud (UI tests), which directly aligns with the primary objectives and changes in the PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat-xcode-cloud-ci

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

Successfully splits CI responsibilities: depot handles fast unit tests (~2-3 min) while Xcode Cloud handles UI tests. The migration from self-hosted to depot-macos-latest removes infrastructure dependencies and improves CI reliability. Key changes include:

• ci.yml: Downloads pre-built GhosttyKit.xcframework from GitHub releases instead of building from source (matches ci_post_clone.sh pattern with 30-retry logic). Removes Metal Toolchain download (only needed for UI tests). Removes UI test step entirely.
• nightly.yml: Adds push: [main] trigger for immediate builds on merge. Adds top-level concurrency control to cancel stale runs during rapid merges.
• test_ci_self_hosted_guard.sh: Correctly updates validation from self-hosted to depot-macos pattern while maintaining fork PR security guard.

Confidence Score: 5/5

• This PR is safe to merge with minimal risk
• All changes are configuration-only with no logic bugs. The xcframework download pattern matches existing ci_post_clone.sh implementation. Test guard script correctly validates new runner type. No security concerns - fork PR guard maintained.
• No files require special attention

Important Files Changed

Filename	Overview
.github/workflows/ci.yml	Switches to depot-macos-latest runner, removes UI tests, downloads pre-built xcframework with retry logic matching ci_post_clone.sh pattern
.github/workflows/nightly.yml	Adds push trigger for immediate builds on merge, adds concurrency control to cancel stale runs, switches to depot runner
tests/test_ci_self_hosted_guard.sh	Updates validation pattern from self-hosted to depot-macos while maintaining fork PR guard check

_{Last reviewed commit: 36facd2}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 36facd2846

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Limit cancel-in-progress to avoid hourly self-cancellation

With schedule still enabled hourly and workflow-level concurrency.cancel-in-progress: true, any nightly run that lasts past the next :30 tick will be canceled by the new scheduled invocation before it can finish tagging/releasing. This creates a starvation loop in slow/notarization-heavy runs where nightlies can keep restarting and never complete, so the cancellation policy should be scoped (for example, only for push runs) rather than applied globally.

Useful? React with 👍 / 👎.

[coderabbitai]

🧹 Nitpick comments (2)

.github/workflows/ci.yml (1)

92-94: Consider verifying archive integrity.

The download and extraction work correctly, but for a build dependency, you might want to verify the archive's integrity with a checksum before extraction—especially since this artifact directly affects the build output.

♻️ Optional: Add checksum verification

          tar xzf GhosttyKit.xcframework.tar.gz
          rm GhosttyKit.xcframework.tar.gz
          test -d GhosttyKit.xcframework
+         # Optional: verify expected contents exist
+         test -d GhosttyKit.xcframework/macos-arm64_x86_64

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/ci.yml around lines 92 - 94, Add a checksum verification
step before extracting GhosttyKit.xcframework.tar.gz: compute or obtain the
expected SHA256 (e.g. from an env var or accompanying .sha256 file) and validate
the archive (instead of directly running "tar xzf
GhosttyKit.xcframework.tar.gz"), failing the job if the checksum does not match;
keep the subsequent "tar xzf GhosttyKit.xcframework.tar.gz", "rm
GhosttyKit.xcframework.tar.gz", and "test -d GhosttyKit.xcframework" lines, but
precede them with the checksum check so the workflow aborts on integrity
failure.

.github/workflows/nightly.yml (1)

90-90: Depot runner label is valid for third-party CI.

The actionlint warning about depot-macos-latest being an unknown label is a false positive. Depot is a third-party CI provider that offers custom macOS runners. To silence this warning locally, you can add the label to an actionlint.yaml config file:

self-hosted-runner:
  labels:
    - depot-macos-latest

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/nightly.yml at line 90, The actionlint warning is a false
positive for the custom runner label used in the workflow; add an actionlint
config to whitelist that label by creating an actionlint.yaml containing a
self-hosted-runner > labels entry that includes the string "depot-macos-latest"
so actionlint recognizes the runs-on: depot-macos-latest value in the
nightly.yml workflow.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In @.github/workflows/ci.yml:
- Around line 92-94: Add a checksum verification step before extracting
GhosttyKit.xcframework.tar.gz: compute or obtain the expected SHA256 (e.g. from
an env var or accompanying .sha256 file) and validate the archive (instead of
directly running "tar xzf GhosttyKit.xcframework.tar.gz"), failing the job if
the checksum does not match; keep the subsequent "tar xzf
GhosttyKit.xcframework.tar.gz", "rm GhosttyKit.xcframework.tar.gz", and "test -d
GhosttyKit.xcframework" lines, but precede them with the checksum check so the
workflow aborts on integrity failure.

In @.github/workflows/nightly.yml:
- Line 90: The actionlint warning is a false positive for the custom runner
label used in the workflow; add an actionlint config to whitelist that label by
creating an actionlint.yaml containing a self-hosted-runner > labels entry that
includes the string "depot-macos-latest" so actionlint recognizes the runs-on:
depot-macos-latest value in the nightly.yml workflow.

---

ℹ️ Review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5c065bc and 36facd2.

📒 Files selected for processing (3)

• .github/workflows/ci.yml
• .github/workflows/nightly.yml
• tests/test_ci_self_hosted_guard.sh