Skip to main content
[ DOCS · CI HANDOFF ]

CI Handoff

Run Riptide in CI so reviewers can inspect the workflow URL and the attached evidence pack.

Why Run Riptide In CI?

A Riptide run on your laptop is only as trustworthy as your laptop. "Works on my machine" is a weak signal when you're asking someone to take a risk claim seriously. CI makes the same run reproducible from a clean checkout on a neutral runner — no side effects from your local toolchain, no build artifacts you forgot to commit.

The flow is: your CI workflow checks out the repo, runs a replay against committed inputs, and asserts that the output matches the canonical hash you pinned. If the hash matches, the behavior is reproducible. If it drifts, CI fails and you investigate the change before accepting a new pin. The uploaded pack is then available as a workflow artifact for reviewers.

What the reviewer gets

  • A green workflow URL they can click.
  • The attached evidence pack with summary.md, trace.md, and rerun.sh.
  • A canonical hash assertion proving the run reproduced on a clean runner.
1. COMMIT2. SCENARIO SUITE3. RISK GATEMERGE BLOCKEDEconomic risk threshold exceeded.FAILED INVARIANTCollateralHealth < 1.0RISK SCORE1.27threshold 1.00

Workflow

Riptide's in-repo workflow reruns the LST to lending contagion proof from a clean checkout, emits a pack, asserts the committed canonical hash, and uploads the pack as a workflow artifact.

  • Check out the repo on a fresh runner.
  • Install the pinned toolchain and build the programs the replay needs.
  • Run riptide replay against committed inputs.
  • Assert the emitted pack's manifest.json canonical hash.
  • Upload the pack so reviewers can inspect the exact bytes CI produced.

Pin Your Hash

Downstream teams own their own replay fixture, run id, and canonical hash. Run once locally, copy the run id and hash from the emitted pack, then pin those values in CI. Do not pin a hash from a Riptide fixture unless your workflow is intentionally rerunning that exact fixture.

riptide replay path/to/your-replay/config.json --allow-invariant-violations

Downstream Template

The repo ships a copy-friendly workflow template and hash assertion script. Fill every placeholder, commit your replay fixture, and fail closed if any TODO sentinel remains.

What To Forward

  • The green workflow run URL.
  • The uploaded pack artifact.
  • The canonical hash assertion step output, when useful.

Supply-Chain Posture

The handoff path avoids runtime IDL fetches, LLM runtime dependencies, and secrets beyond the default GitHub token. Workflow actions are pinned, the Solana toolchain is checksum-verified, and every input is committed.

Honest Scope

A green CI run is a reproducibility check, not a broad review result. If the canonical hash drifts, investigate adapter, program, run-config, or toolchain changes before updating the pin.

Full CI handoff docs Evidence pack docs