























@@ -26,6 +26,114 @@ workflow checkout. Profiles cover smoke, package, product, full, and custom
2626Docker lane selections. The optional Telegram lane is published-npm only and
2727reuses the `NPM Telegram Beta E2E` workflow.
282829+## Package Acceptance
30+31+Use `Package Acceptance` when the question is "does this installable OpenClaw
32+package work as a product?" It is different from normal CI: normal CI validates
33+the source tree, while package acceptance validates a single tarball through the
34+same Docker E2E harness users exercise after install or update.
35+36+The workflow has four jobs:
37+38+1. `resolve_package` checks out `workflow_ref`, resolves one package candidate,
39+ writes `.artifacts/docker-e2e-package/openclaw-current.tgz`, writes
40+`.artifacts/docker-e2e-package/package-candidate.json`, uploads both as the
41+`package-under-test` artifact, and prints the source, workflow ref, package
42+ ref, version, SHA-256, and profile in the GitHub step summary.
43+2. `docker_acceptance` calls
44+`openclaw-live-and-e2e-checks-reusable.yml` with `ref=workflow_ref` and
45+`package_artifact_name=package-under-test`. The reusable workflow downloads
46+ that artifact, validates the tarball inventory, prepares package-digest
47+ Docker images when needed, and runs the selected Docker lanes against that
48+ package instead of packing the workflow checkout.
49+3. `npm_telegram` optionally calls `NPM Telegram Beta E2E`. It runs only when
50+`telegram_mode` is not `none`, and only for `source=npm`, because that lane
51+ installs a published package spec.
52+4. `summary` fails the workflow if package resolution, Docker acceptance, or
53+ the optional Telegram lane failed.
54+55+Candidate sources:
56+57+- `source=npm`: accepts only `openclaw@beta`, `openclaw@latest`, or an exact
58+ OpenClaw release version such as `openclaw@2026.4.27-beta.2`. Use this for
59+ published beta/stable acceptance.
60+- `source=ref`: packs a trusted `package_ref` branch, tag, or full commit SHA.
61+ The resolver fetches OpenClaw branches/tags, verifies the selected commit is
62+ reachable from repository branch history or a release tag, installs deps in a
63+ detached worktree, and packs it with `scripts/package-openclaw-for-docker.mjs`.
64+- `source=url`: downloads an HTTPS `.tgz`; `package_sha256` is required.
65+- `source=artifact`: downloads one `.tgz` from `artifact_run_id` and
66+`artifact_name`; `package_sha256` is optional but should be supplied for
67+ externally shared artifacts.
68+69+Keep `workflow_ref` and `package_ref` separate. `workflow_ref` is the trusted
70+workflow/harness code that runs the test. `package_ref` is the source commit
71+that gets packed when `source=ref`. This lets the current test harness validate
72+older trusted source commits without running old workflow logic.
73+74+Profiles map to Docker coverage:
75+76+- `smoke`: `npm-onboard-channel-agent`, `gateway-network`, `config-reload`
77+- `package`: `install-e2e`, `npm-onboard-channel-agent`, `doctor-switch`,
78+`update-channel-switch`, `bundled-channel-deps`, `plugins`, `plugin-update`
79+- `product`: `package` plus `mcp-channels`, `cron-mcp-cleanup`,
80+`openai-web-search-minimal`, `openwebui`
81+- `full`: full Docker release-path chunks with OpenWebUI
82+- `custom`: exact `docker_lanes`; required when `suite_profile=custom`
83+84+Release checks call Package Acceptance with `source=ref`,
85+`package_ref=<release-ref>`, `workflow_ref=<release workflow ref>`, and
86+`suite_profile=package`. That profile is the GitHub-native replacement for most
87+Parallels package/update validation. Cross-OS release checks still cover
88+OS-specific onboarding, installer, and platform behavior; package/update
89+product validation should start with Package Acceptance.
90+91+Examples:
92+93+```bash
94+# Validate the current beta package with product-level coverage.
95+gh workflow run package-acceptance.yml \
96+ --ref main \
97+ -f workflow_ref=main \
98+ -f source=npm \
99+ -f package_spec=openclaw@beta \
100+ -f suite_profile=product
101+102+# Pack and validate a release branch with the current harness.
103+gh workflow run package-acceptance.yml \
104+ --ref main \
105+ -f workflow_ref=main \
106+ -f source=ref \
107+ -f package_ref=release/YYYY.M.D \
108+ -f suite_profile=package
109+110+# Validate a tarball URL. SHA-256 is mandatory for source=url.
111+gh workflow run package-acceptance.yml \
112+ --ref main \
113+ -f workflow_ref=main \
114+ -f source=url \
115+ -f package_url=https://example.com/openclaw-current.tgz \
116+ -f package_sha256=<64-char-sha256> \
117+ -f suite_profile=smoke
118+119+# Reuse a tarball uploaded by another Actions run.
120+gh workflow run package-acceptance.yml \
121+ --ref main \
122+ -f workflow_ref=main \
123+ -f source=artifact \
124+ -f artifact_run_id=<run-id> \
125+ -f artifact_name=package-under-test \
126+ -f suite_profile=custom \
127+ -f docker_lanes='install-e2e plugin-update'
128+```
129+130+When debugging a failed package acceptance run, start at the `resolve_package`
131+summary to confirm the package source, version, and SHA-256. Then inspect the
132+`docker_acceptance` child run and its Docker artifacts:
133+`.artifacts/docker-tests/**/summary.json`, `failures.json`, lane logs, phase
134+timings, and rerun commands. Prefer rerunning the failed package profile or
135+exact Docker lanes instead of rerunning full release validation.
136+29137QA Lab has dedicated CI lanes outside the main smart-scoped workflow. The
30138`Parity gate` workflow runs on matching PR changes and manual dispatch; it
31139builds the private QA runtime and compares the mock GPT-5.5 and Opus 4.6
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。