Scorer spans use the scorer name (not "score") #369
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| # Security: Set minimal permissions by default | |
| permissions: | |
| contents: read | |
| jobs: | |
| test: | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [ubuntu-latest, macos-latest] | |
| ruby-version: ['3.2', '3.3', '3.4'] | |
| steps: | |
| # Security: Pin to commit SHA instead of tag to prevent tag hijacking | |
| # actions/checkout@v4.3.1 | |
| - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 | |
| - name: Set up Ruby | |
| # Security: Pin to commit SHA instead of tag | |
| # ruby/setup-ruby@v1.270.0 | |
| uses: ruby/setup-ruby@ac793fdd38cc468a4dd57246fa9d0e868aba9085 | |
| with: | |
| ruby-version: ${{ matrix.ruby-version }} | |
| bundler-cache: true | |
| # Security: Provide secrets only to the step that needs them, not all steps | |
| - name: Run CI verification | |
| run: bundle exec rake ci | |
| env: | |
| BRAINTRUST_API_KEY: ${{ secrets.BRAINTRUST_API_KEY }} | |
| OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} | |
| ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} | |
| # Summary job that requires all matrix tests to pass | |
| # This is what branch protection will check | |
| ci-success: | |
| name: CI Success | |
| needs: test | |
| runs-on: ubuntu-latest | |
| if: always() | |
| steps: | |
| - name: Check test matrix success | |
| run: | | |
| if [ "${{ needs.test.result }}" != "success" ]; then | |
| echo "Test matrix failed" | |
| exit 1 | |
| fi | |
| echo "All tests passed!" |