[ci-coach] ci: consolidate 8 tiny integration matrix groups into 4 #17172
Description
Reduces the integration test matrix from 31 to 23 parallel jobs by merging short-duration groups that spend more time on job setup than actual testing.
Background
Analysis of recent CI artifacts (run §22222481551) showed many integration matrix groups with extremely short actual test durations (<2s), but each requiring ~2 minutes of setup overhead (checkout, setup-go, dependency download, binary build). Consolidating these saves significant runner time without affecting wall clock duration.
Changes
1. CLI MCP Connectivity (saves 1 job)
Merged: CLI MCP Playwright (~1.0s) + CLI MCP Gateway (~0.6s) → CLI MCP Connectivity
New combined pattern: TestMCPInspectPlaywright|TestMCPGateway
2. CLI Audit Logs & Firewall (saves 1 job)
Merged: CLI Audit & Inspect (~0.7s) + CLI Logs & Firewall (~0.7s) → CLI Audit Logs & Firewall
New combined pattern: TestLogs|TestFirewall|TestNoStopTime|TestLocalWorkflow|^TestAudit|^TestInspect
3. Workflow Features (saves 2 jobs)
Merged: Workflow Safe Outputs (~0.4s) + Workflow GitHub & Git (~1.0s) + Workflow Misc Part 1 (~0.5s) → Workflow Features
New combined pattern: SafeOutputs|CreatePullRequest|OutputLabel|HasSafeOutputs|GitHub|Git|PushToPullRequest|BuildFromAllowed|TestAgent|TestCopilot|TestCustom|TestEngine|TestModel|TestNetwork|TestOpenAI|TestProvider
4. Workflow Infra (saves 4 jobs)
Merged: Workflow Cache (~0.2s) + Workflow Permissions (~0.2s) + Workflow Dependabot & Security (~0.1s) + Workflow Runtime & Setup (~0.2s) + Workflow String & Sanitization (~1.7s) → Workflow Infra
New combined pattern: ^TestCache|TestCacheDependencies|TestCacheKey|TestValidateCache|TestPermissions|TestPackageExtractor|TestCollectPackagesFromWorkflow|Dependabot|Security|PII|Runtime|Setup|Install|Download|Version|Binary|String|Sanitize|Normalize|Trim|Clean|Format
Expected Impact
- Runner jobs saved: 8 per CI run (31 → 23)
- Estimated runner time saved: ~16 min/run (8 jobs × ~2 min setup each)
- Wall clock impact: None — critical path is unchanged (CLI Docker Build at ~47s dominates)
- Test coverage: Unchanged — all skip_patterns in catch-all groups remain valid
Safety Analysis
Skip-pattern verification
All merged patterns are already present in the respective catch-all skip_patterns:
CLI Completion & Other skip_pattern covers:
TestMCPInspectPlaywright,TestMCPGateway✅TestLogs|TestFirewall|TestNoStopTime|TestLocalWorkflow✅^TestAudit|^TestInspect✅
Workflow Misc Part 2 skip_pattern covers:
SafeOutputs|CreatePullRequest|OutputLabel|HasSafeOutputs✅GitHub|Git|PushToPullRequest|BuildFromAllowed✅TestAgent|TestCopilot|TestCustom|TestEngine|TestModel|TestNetwork|TestOpenAI|TestProvider✅^TestCache|TestCacheDependencies|TestCacheKey|TestValidateCache✅TestPermissions|TestPackageExtractor|TestCollectPackagesFromWorkflow✅Dependabot|Security|PII✅Runtime|Setup|Install|Download|Version|Binary✅String|Sanitize|Normalize|Trim|Clean|Format✅
No tests will be orphaned or duplicated.
Test duration baseline (from CI run §22222481551)
| Group | Duration | Disposition |
|---|---|---|
| CLI Docker Build | 47.3s | Kept isolated (slow) |
| CLI Progress Flag | 31.0s | Kept isolated (slow) |
| CLI HTTP MCP Connect | 20.7s | Kept isolated (slow) |
| CLI MCP Other | 11.6s | Kept isolated |
| CLI Completion & Other | 9.5s | Kept (catch-all) |
| CLI Compile & Poutine | 9.5s | Kept |
| CLI MCP Playwright | 1.0s | → Merged |
| CLI MCP Gateway | 0.6s | → Merged |
| CLI Logs & Firewall | 0.7s | → Merged |
| CLI Audit & Inspect | 0.7s | → Merged |
| Workflow Safe Outputs | 0.4s | → Merged |
| Workflow GitHub & Git | 1.0s | → Merged |
| Workflow Misc Part 1 | 0.5s | → Merged |
| Workflow String & Sanitization | 1.7s | → Merged |
| Workflow Cache | 0.2s | → Merged |
| Workflow Permissions | 0.2s | → Merged |
| Workflow Dependabot & Security | 0.1s | → Merged |
| Workflow Runtime & Setup | 0.2s | → Merged |
References: §22222481551
Generated by CI Optimization Coach
- expires on Feb 22, 2026, 1:45 PM UTC
Note
This was originally intended as a pull request, but the git push operation failed.
Workflow Run: View run details and download patch artifact
The patch file is available in the agent-artifacts artifact in the workflow run linked above.
To apply the patch locally:
# Download the artifact from the workflow run https://github.com/github/gh-aw/actions/runs/22225856161
# (Use GitHub MCP tools if gh CLI is not available)
gh run download 22225856161 -n agent-artifacts
# The patch file will be at agent-artifacts/tmp/gh-aw/aw.patch after download
# Apply the patch
git am agent-artifacts/tmp/gh-aw/aw.patchShow patch preview (115 of 115 lines)
From 8301da0b451d9bc00ea35cd4762d90a0fecc04b6 Mon Sep 17 00:00:00 2001
From: GitHub Copilot <copilot@github.com>
Date: Fri, 20 Feb 2026 13:39:02 +0000
Subject: [PATCH] ci: consolidate 8 tiny integration matrix groups into 4
Reduces integration matrix from 31 to 23 parallel jobs by merging
short-duration groups (each <1.5s test time) that share overhead
costs (checkout, setup-go, dependency download, binary build).
Groups merged:
- CLI MCP Playwright (~1s) + CLI MCP Gateway (~0.6s) -> CLI MCP Connectivity
- CLI Audit & Inspect (~0.7s) + CLI Logs & Firewall (~0.7s) -> CLI Audit Logs & Firewall
- Workflow Safe Outputs + GitHub & Git + Misc Part 1 (~1.9s total) -> Workflow Features
- Workflow Cache + Permissions + Dependabot & Security + Runtime & Setup + String & Sanitization (~2.4s total) -> Workflow Infra
Impact:
- 8 fewer parallel jobs per CI run
- Estimated ~16 min/run runner time saved (each job has ~2min setup overhead)
- No change to critical path (Docker Build at ~47s still dominates)
- All skip_patterns in catch-all groups remain valid (verified)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---
.github/workflows/ci.yml | 40 ++++++++--------------------------------
1 file changed, 8 insertions(+), 32 deletions(-)
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index caad14c..0ded854 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -170,18 +170,15 @@ jobs:
- name: "CLI Compile & Poutine"
packages: "./pkg/cli"
pattern: "^TestCompile[^W]|TestPoutine" # Exclude TestCompileWorkflows to avoid duplicates
- - name: "CLI MCP Playwright"
+ - name: "CLI MCP Connectivity" # Merged: Playwright + Gateway (each ~1s, saves 1 job)
packages: "./pkg/cli"
- pattern: "TestMCPInspectPlaywright"
- - name: "CLI MCP Gateway"
- packages: "./pkg/cli"
- pattern: "TestMCPGateway"
+ pattern: "TestMCP
... (truncated)