ci: run @cipherstash/bench smoke tests on changes

[auxesis]

Benchmark suite was added in #424.

This PR adds a CI workflow to run smoke tests on changes to the benchmark suite.

This should only run on changes to:

• @cipherstash/bench
• local/
• the workflow

The smoke suite is intentionally credential-free: bench falls back to the docker-compose default DATABASE_URL, so no secrets are wired in.

Note: the smoke tests are failing due to two known issues. Once fixes are landed in other PRs, this PR will be rebased.

The smoke tests were previously failing because of two known issues, however it looks like the tests weren't being filtered, and were being run incorrectly.

Summary by CodeRabbit

• Chores
  • Strengthened continuous integration infrastructure with automated performance benchmarking and comprehensive testing workflows. These enhancements ensure application reliability and performance standards are continuously validated across pull requests and deployments, helping maintain consistent quality throughout the development lifecycle.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 7275ed9

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

📝 Walkthrough

Walkthrough

A new GitHub Actions workflow is introduced that automatically runs benchmark tests on pushes to main and pull requests affecting the bench/ and local/ directories. The workflow sets up Node.js and pnpm, builds the @cipherstash/stack package, starts a PostgreSQL environment via Docker Compose, and executes bench smoke tests.

Changes

Benchmark Testing Workflow

Layer / File(s)	Summary
Workflow Trigger & Job Setup .github/workflows/tests-bench.yml (lines 1–23)	Defines workflow name "Test JS", triggers on pushes and pull requests with path filters for packages/bench, local, and workflow file changes. Declares "tests-bench" job with runner configuration.
Environment Preparation .github/workflows/tests-bench.yml (lines 24–44)	Checks out repository, installs pnpm, sets up Node.js 22 with pnpm caching, and explicitly installs node-gyp for binary rebuild support.
Dependency Installation & Package Build .github/workflows/tests-bench.yml (lines 45–54)	Installs project dependencies using pnpm with frozen lockfile, then builds @cipherstash/stack package via turbo with appropriate filtering.
Service Startup & Test Execution .github/workflows/tests-bench.yml (lines 55–60)	Starts local PostgreSQL (EQL) environment via Docker Compose, then runs bench smoke tests targeting the db-only scenario.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related issues

• ci: run @cipherstash/bench EXPLAIN-shape tests in CI to catch index-engagement regressions #429: This PR implements the CI bench-regression job by creating a workflow that builds @cipherstash/stack, provisions a PostgreSQL+EQL environment via Docker Compose, and executes benchmark smoke tests—directly addressing the CI infrastructure for benchmark regression testing.

Poem

🐰 Hoppy hop, the benchmarks now run fast,
With PostgreSQL in Docker, built to last,
Each push triggers tests through GitHub's might,
Performance tracked day and night! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically describes the main change: introducing a CI workflow to run smoke tests for the @cipherstash/bench package on relevant changes.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch ci/smoke-test-bench-package

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/tests-bench.yml:
- Around line 63-65: The "Run bench smoke tests" workflow step is currently
blocking despite known failures; update that step (the job step named "Run bench
smoke tests") to be temporarily non-blocking by adding continue-on-error: true
under that step and include a TODO note referencing an issue or a remove-by date
(e.g., TODO: remove when upstream fix XYZ-123 is merged) so it is explicit and
reversible; revert this change once the upstream fixes land.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 1e024ce3-5305-4802-9a6a-265c6e647ad0

📥 Commits

Reviewing files that changed from the base of the PR and between e57b53f and 0e2f46d.

📒 Files selected for processing (1)

• .github/workflows/tests-bench.yml

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Known failing smoke tests should be temporarily non-blocking.

Per the PR objective, this step is expected to fail right now. Leaving it blocking will keep relevant PRs red and can stall merges. Make this temporary and explicit (for example, continue-on-error: true with a TODO/remove-by reference), then revert once the upstream fixes land.

Suggested temporary change

       - name: Run bench smoke tests
         working-directory: packages/bench
+        continue-on-error: true # temporary until known smoke failures are fixed
         run: pnpm test:local -- db-only

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/tests-bench.yml around lines 63 - 65, The "Run bench smoke
tests" workflow step is currently blocking despite known failures; update that
step (the job step named "Run bench smoke tests") to be temporarily non-blocking
by adding continue-on-error: true under that step and include a TODO note
referencing an issue or a remove-by date (e.g., TODO: remove when upstream fix
XYZ-123 is merged) so it is explicit and reversible; revert this change once the
upstream fixes land.

[auxesis]

No, I said what I said:

Note: the smoke tests are failing due to two known issues. Once fixes are landed in other PRs, this PR will be rebased.

[coderabbitai]

@auxesis Understood, thanks for the clarification. Acknowledged — the PR will stay as-is and be rebased once the upstream fixes land.

[auxesis]

Never mind that if I'd followed this recommendation, that would have hidden the true cause of the test failure 7275ed9

[coderabbitai]

@auxesis, that's a fair and important point — keeping the step blocking is exactly what surfaced the root cause, whereas continue-on-error: true would have swallowed the signal entirely. My recommendation was wrong here. Thanks for the correction.

(╥_╥)

---

✏️ Learnings added

Learnt from: auxesis
Repo: cipherstash/stack PR: 431
File: .github/workflows/tests-bench.yml:0-0
Timestamp: 2026-05-06T11:35:47.341Z
Learning: In GitHub Actions workflows, do not recommend `continue-on-error: true` as a workaround for "known failing" test steps. Masking failures with `continue-on-error: true` hides the true cause of test failures and makes root cause analysis harder. It is better to leave steps blocking so that genuine failures surface clearly and can be diagnosed and fixed. This applies even when failures are described as "known" or "expected" in a PR description.

Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.