ci: parallelize rust tests, dedupe typecheck/clippy/sentry across workflows

[senamakel]

Summary

Clean up CI so dedicated workflows own each concern and PR/main builds stop doing duplicated work.

• test.yml — split the Rust job into two parallel jobs: rust-core-tests (fmt + cargo test -p openhuman) and rust-tauri-tests (sidecar build + stage + cargo test on app/src-tauri). Separate Swatinem cache keys; CEF cache only on the Tauri job. Clippy removed from both — typecheck.yml's rust-quality job already runs it.
• build.yml — drop the inline Sentry debug-symbol upload. Release workflows now own symbol uploads, and this job stripped debug info anyway. Dropped the now-unused actions: read permission. Also skip tsc inside cargo tauri build by overriding beforeBuildCommand via TAURI_CONFIG_OVERRIDE — typechecking stays in typecheck.yml. package.json unchanged, so local dev and release.yml keep running tsc.
• release.yml — wire scripts/upload_sentry_symbols.sh in after the Tauri build so production Rust stack traces (core sidecar + Tauri shell) symbolicate in Sentry. Gated on release_enabled and SENTRY_AUTH_TOKEN.
• app/package.json + yarn.lock — add @radix-ui/react-dialog, cmdk, @testing-library/user-event. These were imported under src/components/commands/ but never actually installed, so tsc fails on a clean checkout.

Test plan

• PR CI: confirm rust-core-tests and rust-tauri-tests run in parallel and both green.
• PR CI: confirm build.yml succeeds without tsc and without the Sentry step.
• PR CI: confirm typecheck.yml still runs fmt + clippy + tsc.
• Release dry-run (staging): confirm Rust symbols appear in Sentry keyed by debug-ID for a openhuman@<version> release.
• Local: yarn dev, yarn build, cargo tauri build still work (unchanged package.json scripts).

Summary by CodeRabbit

• Chores

  • Updated UI dialog and command-palette libraries to newer versions.
  • Migrated CI tooling to pnpm and streamlined build/release pipelines, including improved symbol upload for native releases.

• Bug Fixes

  • Adjusted build workflow steps for more consistent staging and build execution.

• Tests

  • Fixed an end-to-end health-check test and removed an unused test helper for more reliable CI test runs.

[coderabbitai]

📝 Walkthrough

Walkthrough

CI workflows updated: TypeScript and test jobs switch to pnpm; Rust tests split into core and Tauri jobs with separate caches; Tauri build now injects Node build and staging commands via beforeBuildCommand; Sentry Rust symbol upload moved to the release workflow. Frontend deps bumped; an e2e test spec minor fix.

Changes

Cohort / File(s)	Summary
GitHub Actions — Build & Test .github/workflows/build.yml, .github/workflows/test.yml, .github/workflows/typecheck.yml	Removed actions: read from build workflow; Tauri TAURI_CONFIG_OVERRIDE now injects build.beforeBuildCommand to run npx vite build and pnpm run core:stage before cargo tauri build. Test workflows switch Yarn→pnpm, add pnpm caching, and split Rust CI into rust-core-tests and rust-tauri-tests with separate cache keys and adjusted steps.
GitHub Actions — Release .github/workflows/release.yml	Added matrix-scoped step to upload Rust debug symbols to Sentry during production releases, gated on release_enabled and SENTRY_AUTH_TOKEN, iterating per-target release/deps directories and invoking scripts/upload_sentry_symbols.sh.
Frontend package app/package.json	Bumped runtime deps: @radix-ui/react-dialog → ^1.1.15, cmdk → ^1.1.1; @sentry/vite-plugin reordered in devDependencies (version unchanged).
E2E test spec app/test/e2e/specs/linux-cef-deb-runtime.spec.ts	Removed unused import, minor regex character-class change, and fixed test indentation/scope so health-check aggregation/assertion lives inside the it block.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  rect rgba(135,206,250,0.5)
    actor GitHubActions as "GitHub Actions (release job)"
  end
  rect rgba(152,251,152,0.5)
    participant FS as "Repository FS (target/.../release/deps)"
  end
  rect rgba(255,182,193,0.5)
    participant Script as "scripts/upload_sentry_symbols.sh"
  end
  rect rgba(255,228,181,0.5)
    participant Sentry as "Sentry (org/project)"
  end

  GitHubActions->>FS: for each target deps dir (if exists)
  FS-->>GitHubActions: directory present
  GitHubActions->>Script: invoke upload script (env: SENTRY_* + VERSION + MATRIX_TARGET)
  Script->>Sentry: upload debug symbols
  Sentry-->>Script: ack
  Script-->>GitHubActions: exit status

Loading

Estimated Code Review Effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly Related PRs

• fix(devops): upload Rust debug symbols to Sentry during Tauri build #890: Adds/removes Sentry Rust debug-symbol upload and touches the same upload script/workflow.
• ci(release): drop duplicate vite build and raise node heap to 8GB #865: Moves the Node/Vite frontend build into Tauri's beforeBuildCommand (same behavioral change).
• chore: migrate from yarn to pnpm #886: CI changes to adopt pnpm across workflows and package/script adjustments.

Poem

🐰 I hopped through workflows, neat and spry,
Split tests like twigs beneath the sky.
Symbols sent, builds now sing in tune,
Dependencies nudged—✨ a tiny boon.
Pipe-lined, staged, I hop, then rune.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main changes: parallelizing rust tests and deduplicating work across CI workflows.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

.github/workflows/test.yml (1)

106-161: ⚠️ Potential issue | 🟡 Minor

LGTM! Tauri tests properly parallelized with CEF caching.

The rust-tauri-tests job correctly:

• Maintains both workspace caches with distinct tauri key
• Includes CEF binary cache to avoid ~400MB downloads per run
• Uses inline sidecar staging appropriate for the test context
• Tests the Tauri shell independently from core

One note: The sidecar staging (lines 154–158) uses inline shell commands rather than npm run core:stage. This is intentional and correct since the test environment doesn't require the full Node/npm setup, and the inline approach is simpler for CI.

Note on Rust quality checks: The typecheck.yml workflow includes cargo fmt --all -- --check for all workspaces and cargo clippy for the core crate. However, app/src-tauri/Cargo.toml is not explicitly checked with clippy (the -p openhuman flag scopes the check to core only). Consider expanding clippy to include the Tauri shell as well.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/test.yml around lines 106 - 161, The workflow's Rust lint
step currently runs "cargo clippy" scoped to the core crate via the "-p
openhuman" flag, so the Tauri shell crate (app/src-tauri) is not linted; update
the typecheck workflow's clippy invocation to include the Tauri crate as
well—either run clippy for the whole workspace (cargo clippy --workspace) or add
the Tauri package to the flags (e.g., cargo clippy -p openhuman -p
<tauri-crate-name>) or run cargo clippy with --manifest-path
app/src-tauri/Cargo.toml to ensure the shell crate is checked.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In @.github/workflows/test.yml:
- Around line 106-161: The workflow's Rust lint step currently runs "cargo
clippy" scoped to the core crate via the "-p openhuman" flag, so the Tauri shell
crate (app/src-tauri) is not linted; update the typecheck workflow's clippy
invocation to include the Tauri crate as well—either run clippy for the whole
workspace (cargo clippy --workspace) or add the Tauri package to the flags
(e.g., cargo clippy -p openhuman -p <tauri-crate-name>) or run cargo clippy with
--manifest-path app/src-tauri/Cargo.toml to ensure the shell crate is checked.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 1f4a3a28-16de-4bf0-92b0-5569df69cdd8

📥 Commits

Reviewing files that changed from the base of the PR and between 3862b1b and a8321bb.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (4)

• .github/workflows/build.yml
• .github/workflows/release.yml
• .github/workflows/test.yml
• app/package.json

[coderabbitai]

🧹 Nitpick comments (1)

.github/workflows/typecheck.yml (1)

64-67: Extend clippy coverage to Tauri shell crate.

Currently clippy only runs on the core crate (-p openhuman). Based on learnings emphasizing Rust checks on both repo root and app/src-tauri/Cargo.toml, consider adding clippy for the Tauri shell:

Suggested change

 - name: Run clippy (core crate)
   run: cargo clippy -p openhuman
+- name: Run clippy (Tauri shell)
+  run: cargo clippy --manifest-path app/src-tauri/Cargo.toml

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/typecheck.yml around lines 64 - 67, Currently the workflow
only runs clippy for the core crate ("Run clippy (core crate)"); add a new step
(e.g., "Run clippy (tauri crate)") that invokes cargo clippy against the Tauri
shell's manifest (use --manifest-path pointing at app/src-tauri/Cargo.toml) so
the Tauri crate is linted as well; insert this step alongside the existing cargo
fmt and core clippy steps to ensure both crates are checked.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In @.github/workflows/typecheck.yml:
- Around line 64-67: Currently the workflow only runs clippy for the core crate
("Run clippy (core crate)"); add a new step (e.g., "Run clippy (tauri crate)")
that invokes cargo clippy against the Tauri shell's manifest (use
--manifest-path pointing at app/src-tauri/Cargo.toml) so the Tauri crate is
linted as well; insert this step alongside the existing cargo fmt and core
clippy steps to ensure both crates are checked.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: fb78d4b9-9316-4df3-806c-2ef20dda7acd

📥 Commits

Reviewing files that changed from the base of the PR and between a8321bb and e277362.

⛔ Files ignored due to path filters (3)

• app/yarn.lock is excluded by !**/yarn.lock, !**/*.lock
• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (6)

• .github/workflows/build.yml
• .github/workflows/release.yml
• .github/workflows/test.yml
• .github/workflows/typecheck.yml
• app/package.json
• app/test/e2e/specs/linux-cef-deb-runtime.spec.ts

✅ Files skipped from review due to trivial changes (2)

• app/package.json
• .github/workflows/build.yml