{
  "id": "page:qa-02-cicd",
  "_kind": "Page",
  "_file": "wiki/qa/02-cicd.md",
  "_cluster": "wiki",
  "attributes": {
    "nodeKind": "Page",
    "title": "CI/CD",
    "displayName": "CI/CD",
    "slug": "qa/02-cicd",
    "articlePath": "wiki/qa/02-cicd.md",
    "article": "# CI/CD\n\n> Phase-5 deliverable. The concrete pipeline that runs the gates from [`00-qa-architecture.md`](./00-qa-architecture.md) and the release flow from [`01-versioning-and-delivery.md`](./01-versioning-and-delivery.md).\n\n## CI gates (per PR)\n\nEvery PR against `main` runs:\n\n| # | Gate | Failure mode |\n|---|---|---|\n| 1 | **Schema validator** | Any V-rule violation → fail. |\n| 2 | **Markdown ↔ YAML parity** (V-12.5) | NodeKind file disagrees with `ontology-schema.yaml` → fail. |\n| 3 | **Generator regenerate-and-diff** | Run all 11 generators against the PR's graph; if the resulting tree diff is non-empty *and* not staged in the PR, fail. |\n| 4 | **Idempotency** | Run generators twice; second run must produce zero diff. |\n| 5 | **Integration tests** | Each generator's fixture-based snapshot test must pass. |\n| 6 | **SDK type-check** | Regenerated TypeScript types compile under `tsc --noEmit`. |\n| 7 | **Coverage delta** | Coverage (per `03-coverage.md`) must not regress from `main`. |\n| 8 | **Schema-bump consistency** | Any change under `schema/` matches the bump declared in the PR (major / minor / patch). Major without `breakingChanges` + `MigrationSpec` → fail. |\n\nGates 1–6 must pass; gate 7 may be overridden with an explicit `coverage-waiver:<reason>` label and a Gap node tracking the waiver. Gate 8 cannot be overridden.\n\n## CI gates (weekly batch)\n\nRun on a cron, post results as a `Gap`-opening webhook if anything fails:\n\n- **Freshness sweep**: every `EvidenceSource{kindLabel: web}` re-runs `reachabilityCheck`. Anything past its window or unreachable opens a Level-1 Gap.\n- **Trust audit**: every safety-critical claim re-checked against trust-level floor. Synthetic-only safety claims open a Level-1 Gap.\n- **Wiki regeneration on stale-evidence-only changes**: detects truths that shifted underneath the prose without a code-side trigger.\n\n## CD pipeline\n\nTriggered when a release tag `catalog-vX.Y.Z` lands on `main`:\n\n1. Re-run the full CI gate suite on the tagged commit.\n2. Run **adversarial review** automation: a different agent identity replays the PR list since the previous tag and confirms each closed Gap's cascade entries.\n3. Build:\n   - Schema bundle (zip of `graph/schema/`).\n   - Generated wiki (HTML site).\n   - OpenAPI artifact.\n   - SDK npm package.\n   - Per-package READMEs (PR'd back to consumer repos via bot).\n4. Publish in the order from `01-versioning-and-delivery.md` §\"Release pipeline\".\n5. Update the `CatalogVersion` node in the graph with `releasedAt` and `supportedUntil`.\n6. Post-publish smoke tests against the published artifacts (download SDK from npm, run consumer e2e).\n\n## Promotion environments\n\n| Environment | Purpose | Promotion rule |\n|---|---|---|\n| `dev` | Generator authors iterate locally | N/A — local only. |\n| `pr` | CI ephemeral environment per PR | Gates 1–8 pass. |\n| `staging` | Pre-release; consumers can preview | Auto-promoted on merge to `main`. |\n| `prod` | Public docs site, public npm package | Promoted on `catalog-vX.Y.Z` tag + adversarial review sign-off. |\n\n`staging` and `prod` are the only environments that publish externally; both are reproducible from a single commit hash plus the schema bundle.\n\n## Hooks into the debt loop\n\nCI failures automatically open `Gap` nodes via a CI bot:\n\n- **Validator failures** → Level 2 Gap, owner = schema owner.\n- **Freshness failures** → Level 1 Gap, owner = relevant graph data owner.\n- **Generator-diff failures** → Level 4 Gap, owner = generator owner.\n- **SDK type-check failures** → Level 6 Gap, owner = QA owner.\n- **Reachability failures** → Level 1 Gap, owner = evidence reviewer of the source.\n\nThis is what closes the loop: a failing test is not a transient state but a tracked obligation with a cascade target and an owner.\n",
    "documents": []
  },
  "outgoingEdges": [],
  "incomingEdges": [
    {
      "from": "page:qa",
      "to": "page:qa-02-cicd",
      "kind": "contains_page"
    }
  ]
}