insop · insop · Mar 30, 2026
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -5,6 +5,8 @@
     types: [unlabeled, opened, synchronize, reopened]
   merge_group:
   workflow_dispatch:
+  schedule:
+    - cron: '0 2 * * *' # nightly full suite
 
 name: CI
 
@@ -38,7 +40,7 @@
     timeout-minutes: 45
     strategy:
       matrix:
-        os: [macos-latest, ubuntu-latest, windows-2025]
+        os: [macos-15, ubuntu-latest, windows-2025]
       fail-fast: false
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -109,12 +111,11 @@
   cargo_check:
     if: ${{ !contains(github.event.pull_request.labels.*.name, 'skip:ci') }}
     name: Ensure compilation on various targets
-    runs-on: ${{ matrix.os }}
+    runs-on: ubuntu-latest
     strategy:
       matrix:
-        include: 
-        - os: ubuntu-latest
-          targets:
+        include:
+        - targets:
             - aarch64-linux-android
             - i686-unknown-linux-gnu
             - i686-unknown-linux-musl
@@ -123,15 +124,10 @@
           dependencies:
             gcc-multilib: true
             musl-tools: true
-        - os: ubuntu-latest
-          targets:
+        - targets:
             - aarch64-unknown-linux-gnu
           dependencies:
             gcc-aarch64-linux-gnu: true # conflict with `gcc-multilib`
-        - os: macos-latest
-          targets:
-            - aarch64-apple-ios
-            - x86_64-apple-darwin
       fail-fast: false
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -165,14 +161,6 @@
           ndk-version: r27
           add-to-path: true
 
-      # - name: Prepare repository for redox compilation
-      #   run: bash scripts/redox/uncomment-cargo.sh
-      # - name: Check compilation for Redox
-      #   uses: coolreader18/redoxer-action@v1
-      #   with:
-      #     command: check
-      #     args: --ignore-rust-version
-
       - name: Check compilation
         run: |
           for target in ${{ join(matrix.targets, ' ') }}
@@ -186,6 +174,35 @@
           AR_aarch64_linux_android: ${{ steps.setup-ndk.outputs.ndk-path }}/toolchains/llvm/prebuilt/linux-x86_64/bin/llvm-ar
           CARGO_TARGET_AARCH64_LINUX_ANDROID_LINKER: ${{ steps.setup-ndk.outputs.ndk-path }}/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android24-clang
 
+  # macOS cross-compile checks: deferred to non-PR events (macOS runners are 10x cost).
+  cargo_check_macos:
+    if: ${{ github.event_name != 'pull_request' }}
+    name: Ensure compilation on macOS targets
+    runs-on: macos-15
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
+
+      - uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
+        with:
+          prefix-key: v0-rust-aarch64-apple-ios-x86_64-apple-darwin
+          save-if: ${{ github.ref == 'refs/heads/main' }}
+
+      - uses: dtolnay/rust-toolchain@efa25f7f19611383d5b0ccf2d1c8914531636bf9
+        with:
+          targets: aarch64-apple-ios,x86_64-apple-darwin
+          toolchain: stable
+
+      - name: Check compilation
+        run: |
+          for target in aarch64-apple-ios x86_64-apple-darwin
+          do
+            echo "::group::${target}"
+            cargo check --target $target ${{ env.CARGO_ARGS_NO_SSL }}
+            echo "::endgroup::"
+          done
+
   snippets_cpython:
     if: ${{ !contains(github.event.pull_request.labels.*.name, 'skip:ci') }}
     env:
@@ -198,136 +215,207 @@
         test_multiprocessing_fork
         test_multiprocessing_forkserver
         test_multiprocessing_spawn
+    name: Run snippets and cpython tests (Linux)
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
+
+      - uses: dtolnay/rust-toolchain@efa25f7f19611383d5b0ccf2d1c8914531636bf9
+        with:
+          toolchain: stable
+
+      - uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
+        with:
+          save-if: ${{ github.ref == 'refs/heads/main' }}
+
+      - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
+        with:
+          python-version: ${{ env.PYTHON_VERSION }}
+
+      - name: build rustpython
+        run: cargo build --release --verbose --features=threading,jit ${{ env.CARGO_ARGS }}
+
+      - name: run snippets
+        run: python -m pip install -r requirements.txt && pytest -v
+        working-directory: ./extra_tests
+
+      - name: Detect available cores
+        id: cores
+        shell: bash
+        run: |
+          cores=$(python -c 'print(__import__("os").process_cpu_count())')
+          echo "cores=${cores}" >> "$GITHUB_OUTPUT"
+
+      - name: Run CPython tests
+        run: |
+          target/release/rustpython -m test -j ${{ steps.cores.outputs.cores }} -u all --slowest --fail-env-changed --timeout 600 -v -x ${{ env.FLAKY_MP_TESTS }}
+        timeout-minutes: 60
+        env:
+          RUSTPYTHON_SKIP_ENV_POLLUTERS: true
+
+      - name: Run flaky MP CPython tests
+        run: |
+          target/release/rustpython -m test -j 1 -u all --slowest --fail-env-changed --timeout 600 -v ${{ env.FLAKY_MP_TESTS }}
+        timeout-minutes: 60
+        env:
+          RUSTPYTHON_SKIP_ENV_POLLUTERS: true
+
+      - name: check that --install-pip succeeds
+        run: |
+          mkdir site-packages
+          target/release/rustpython --install-pip ensurepip --user
+          target/release/rustpython -m pip install six
+
+      - name: Check that ensurepip succeeds.
+        run: |
+          target/release/rustpython -m ensurepip
+          target/release/rustpython -c "import pip"
+
+      - name: Check if pip inside venv is functional
+        run: |
+          target/release/rustpython -m venv testvenv
+          testvenv/bin/rustpython -m pip install wheel
+
+      - name: Check whats_left is not broken
+        shell: bash
+        run: python -I scripts/whats_left.py ${{ env.CARGO_ARGS }} --features jit
+
+  # Full cross-platform cpython tests: only on push/merge/nightly, not on PRs.
+  # macOS runners are billed at 10x Linux rate, so deferring these saves significant cost.
+  snippets_cpython_cross:
+    if: ${{ github.event_name != 'pull_request' }}
+    env:
+      RUST_BACKTRACE: full
+      FLAKY_MP_TESTS: >-
+        test_class
+        test_concurrent_futures
+        test_eintr
+        test_multiprocessing_fork
+        test_multiprocessing_forkserver
+        test_multiprocessing_spawn
     name: Run snippets and cpython tests
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
         include:
-        - os: macos-latest
+        - os: macos-15
           extra_test_args:
             - '-u all'
           env_polluting_tests: []
           skips: []
           timeout: 50
-        - os: ubuntu-latest
-          extra_test_args:
-            - '-u all'
-          env_polluting_tests: []
-          skips: []
-          timeout: 60
         - os: windows-2025
           extra_test_args: [] # TODO: Enable '-u all'
           env_polluting_tests: []
          skips:
            - test_rlcompleter
            - test_pathlib # panic by surrogate chars
            - test_posixpath # OSError: (22, 'The filename, directory name, or volume label syntax is incorrect. (os error 123)')
            - test_venv # couple of failing tests
          timeout: 50
      fail-fast: false
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

      - uses: dtolnay/rust-toolchain@efa25f7f19611383d5b0ccf2d1c8914531636bf9
        with:
          toolchain: stable

      - uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2.9.1
        with:
          save-if: ${{ github.ref == 'refs/heads/main' }}

      - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
        with:
          python-version: ${{ env.PYTHON_VERSION }}

      - name: Install macOS dependencies
        uses: ./.github/actions/install-macos-deps
        with:
          openssl: true

      - name: build rustpython
        run: cargo build --release --verbose --features=threading,jit ${{ env.CARGO_ARGS }}

      - name: run snippets
        run: python -m pip install -r requirements.txt && pytest -v
        working-directory: ./extra_tests

      - name: Detect available cores
        id: cores
        shell: bash
        run: |
          cores=$(python -c 'print(__import__("os").process_cpu_count())')
          echo "cores=${cores}" >> "$GITHUB_OUTPUT"

      - name: Run CPython tests
        run: |
          target/release/rustpython -m test -j ${{ steps.cores.outputs.cores }} ${{ join(matrix.extra_test_args, ' ') }} --slowest --fail-env-changed --timeout 600 -v -x ${{ env.FLAKY_MP_TESTS }} ${{ join(matrix.skips, ' ') }}
        timeout-minutes: ${{ matrix.timeout }}
        env:
          RUSTPYTHON_SKIP_ENV_POLLUTERS: true

      - name: Run flaky MP CPython tests
        run: |
          target/release/rustpython -m test -j 1 ${{ join(matrix.extra_test_args, ' ') }} --slowest --fail-env-changed --timeout 600 -v ${{ env.FLAKY_MP_TESTS }}
        timeout-minutes: ${{ matrix.timeout }}
        env:
          RUSTPYTHON_SKIP_ENV_POLLUTERS: true

      - name: run cpython tests to check if env polluters have stopped polluting
        shell: bash
        run: |
          IFS=' ' read -r -a target_array <<< "$TARGETS"

          for thing in "${target_array[@]}"; do
            for i in $(seq 1 10); do
              set +e
              target/release/rustpython -m test -j 1 --slowest --fail-env-changed --timeout 600 -v "${thing}"
              exit_code=$?
              set -e
              if [ "${exit_code}" -eq 3 ]; then
                echo "Test ${thing} polluted the environment on attempt ${i}."
                break
              fi
            done
            if [ "${exit_code}" -ne 3 ]; then
              echo "Test ${thing} is no longer polluting the environment after ${i} attempts!"
              echo "Please remove ${thing} from matrix.env_polluting_tests in '.github/workflows/ci.yaml'."
              echo "Please also remove the skip decorators that include the word 'POLLUTERS' in ${thing}."
              if [ "${exit_code}" -ne 0 ]; then
                echo "Test ${thing} failed with exit code ${exit_code}."
                echo "Please investigate which test item in ${thing} is failing and either mark it as an expected failure or a skip."
              fi
              exit 1
            fi
          done
        env:
          TARGETS: ${{ join(matrix.env_polluting_tests, ' ') }}
        timeout-minutes: 15

      - if: runner.os != 'Windows'
        name: check that --install-pip succeeds
        run: |
          mkdir site-packages
          target/release/rustpython --install-pip ensurepip --user
          target/release/rustpython -m pip install six

      - name: Check that ensurepip succeeds.
        run: |
          target/release/rustpython -m ensurepip
          target/release/rustpython -c "import pip"

      - if: runner.os != 'Windows'
        name: Check if pip inside venv is functional
        run: |
           target/release/rustpython -m venv testvenv
           testvenv/bin/rustpython -m pip install wheel
 
-      - name: Check whats_left is not broken
-        shell: bash
-        run: python -I scripts/whats_left.py ${{ env.CARGO_ARGS }} --features jit
-
   lint:
     name: Lint
     runs-on: ubuntu-latest