GitHub-hosted runner exceptions
GitHub-hosted runner exceptions
Section titled “GitHub-hosted runner exceptions”The repository defaults to self-hosted runners for main Rust CI (see runner contract). The following workflows intentionally use GitHub-hosted runners:
| Workflow | Runner | Reason |
|---|---|---|
docs-deploy.yml | ubuntu-latest | GitHub Pages deploy + mdBook; portable Pages API. |
docs-quality.yml | ubuntu-latest | mdBook + vox-doc-pipeline --check + link/SUMMARY gates; no self-hosted pool dependency; matches other docs-advisory jobs. |
link_checker.yml | ubuntu-latest | External link checks; no secrets to self-hosted pool. |
release-binaries.yml | windows-latest, macos-latest (×2 targets: x86_64 and aarch64 macOS jobs) | Publish tagged Windows/macOS binaries; Linux build lane remains self-hosted; publish job runs on Linux self-hosted. |
publish-ci-runner.yml | ubuntu-latest | Chicken-and-egg: builds the self-hosted runner image itself; cannot run on the fleet it produces. Publishes to GHCR so contributors can docker pull ghcr.io/<org>/vox-ci-runner:latest. |
deploy-hetzner.yml (smoke-ci) | ubuntu-latest | Thin pre-deploy check: cargo build -p vox-cli --locked only. Full fmt/clippy/tests run on self-hosted ci.yml before merge to main. |
Any new workflow using GitHub-hosted runners (ubuntu-latest, windows-latest, macos-latest) must add a row here or switch to the self-hosted tuple.
Not GitHub-hosted (self-hosted only): ci.yml and ml_data_extraction.yml use [self-hosted, linux, x64] (plus docker / CUDA lanes per runner contract). They are listed here so agents do not mistake them for missing exceptions — see workflow enumeration for step-level detail.