Summary

#121

Adds ignoreFiles to Lifecycle YAML so push webhooks can skip unnecessary redeploys when every changed file is explicitly ignored by every active affected service.

This is intentionally conservative: Lifecycle only skips when it can prove the push is safe to skip. Missing config, unavailable diffs, failed deploys, static environment pushes, and lifecycle config changes all redeploy.

Feature Spec

YAML schema

• Adds environment.ignoreFiles?: string[].
• Adds services[].ignoreFiles?: string[].
• Effective service policy is environment.ignoreFiles + service.ignoreFiles, de-duped in order.
• Schema/docs are regenerated for the JSON schema, YAML docs, and generated TypeScript schema.

Matching rules

• Paths are normalized as repo-relative GitHub paths using / separators.
• Matching is case-sensitive, matching GitHub path behavior.
• Glob matching uses picomatch with dotfile support.
• Broad globs such as **/* are allowed.
• Invalid policies fail open to redeploy:
  • non-array ignoreFiles
  • non-string or empty patterns
  • absolute paths
  • .. traversal
  • too many patterns
  • overly long patterns

Push workflow

1. Push webhook resolves active deploys for the pushed repo and branch.
2. Existing push scoping is preserved:
   • active deploys only
   • non-torn-down deploys only
   • dev-mode deploys are skipped
   • PR must be open
   • deployOnUpdate must be true
   • trackDefaultBranches behavior is unchanged
3. Changed files are read from the push payload when safe.
4. If the push payload is incomplete or contains removed files, Lifecycle does one cached GitHub compare request for before...after.
5. Lifecycle fetches the defining repo config once per repo + branch for the push and memoizes it for all affected services.
6. A build is skipped only when every changed file matches every active affected service policy.
7. Skipped pushes do not change build status.
8. Skipped pushes queue webhooks only for current build statuses supported by webhooks: deployed, error, and torn_down.

Feature flag

• Uses features.ignoreFiles from global config.
• true: enable skip behavior.
• false or missing: dry-run mode. Lifecycle logs when it would skip, then redeploys normally.
• If feature flag lookup fails, Lifecycle falls back to dry-run mode.

v1 Decisions

• Static environment pushes always redeploy. Static env service graphs can change from the config repo itself, so diff-based skipping is intentionally bypassed for v1.
• Lifecycle config changes always redeploy when lifecycle.yaml, lifecycle.yml, .lifecycle.yaml, or .lifecycle.yml changes.
• Failed deploys always redeploy and do not use diff-based skipping.
• Compare failures fail open to redeploy.
• Large or potentially incomplete compare responses fail open to redeploy instead of making additional fallback requests.
• Renamed files match only the new GitHub filename from the compare response.
• No database migration is included. Policies are read from YAML at push time.
• The effective policy is not persisted on builds or deploys in v1. Push-time lookup keeps remote service config fresh and reuses existing cached GitHub YAML fetch behavior.

Rate Limit Notes

• No /rate_limit calls are added to the push path.
• At most one compare call is made per push event, only when the push payload cannot safely provide changed files.
• Config fetches are memoized per push by repo + branch.
• GitHub request logging now includes cache-hit state and rate-limit headers when available.

Test Coverage

• Schema accepts env-level and service-level ignoreFiles.
• Pure helper tests cover:
  • inheritance and de-duping
  • service-only policy
  • missing policy fail-open
  • mixed ignored/non-ignored files
  • broad globs
  • dotfiles
  • case sensitivity
  • lifecycle config bypass
  • validation failures
• GitHub helper tests cover:
  • push-payload file extraction
  • incomplete payload fallback
  • removed-file fallback
  • renamed-file new-path behavior
  • large compare fail-open
  • missing filename fail-open
• Push webhook tests cover:
  • skipped deploys
  • dry-run mode
  • missing feature flag dry-run mode
  • latest commit updates
  • compare fallback
  • config-fetch failure redeploy
  • missing service policy redeploy
  • failed-deploy override
  • static environment redeploy bypass
  • skipped-push webhook queueing for supported statuses only

Validation

• git diff --check
• pnpm run lint
• pnpm exec tsc --project tsconfig.server.json --pretty false
• pnpm exec jest src/server/lib/__tests__/pushIgnoreFiles.test.ts src/server/lib/github/__tests__/index.test.ts src/server/services/__tests__/github.test.ts --runInBand
• pnpm run test

pnpm run ts-check still fails on existing repo-wide strictness issues outside this change set.