chore(ci): add fmt job to ci.yml and document enforcement

inureyes · inureyes · commit 8f5fd60a7613 · 2026-05-18T17:24:56.000+09:00
Add a cargo-fmt job to `.github/workflows/ci.yml` that runs `cargo fmt --all -- --check` on every touched-Rust PR. The job follows the same pattern as the existing deny job: `needs: changes`, `if: needs.changes.outputs.rust == 'true'`, `ubuntu-latest`, least-privilege `contents: read`, `actions/checkout@v6` with `persist-credentials: false`, and `dtolnay/rust-toolchain@stable` with the `rustfmt` component.

Update `CONTRIBUTING.md` and `.github/PULL_REQUEST_TEMPLATE.md` to replace the bare `cargo fmt --check` mention with the exact CI command (`cargo fmt --all -- --check`) and note that violations block merge.
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
@@ -33,7 +33,7 @@ What did you run to convince yourself this works? Be specific.
 For inference changes, real-checkpoint validation is required — synthetic-only is not enough.
 -->
 
-- [ ] `cargo fmt --check`
+- [ ] `cargo fmt --all -- --check` (enforced by CI — violations block merge)
 - [ ] `cargo clippy --all-targets -- -D warnings`
 - [ ] `cargo test --release`
 - [ ] `cargo deny check`
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -1,8 +1,8 @@
-# PR / push CI for security audit. Builds and tests are covered by
+# PR / push CI for lightweight quality gates. Builds and tests are covered by
 # release.yml (signed artifacts) and pipeline-parallel-ci.yml (distributed
-# runs); this workflow runs the lightweight cargo-deny gate on every
-# touched-Rust change so license drift and new advisories are caught at
-# PR time.
+# runs); this workflow runs cargo-deny (license / advisory) and cargo-fmt
+# checks on every touched-Rust change so formatting drift and license issues
+# are caught at PR time.
 
 name: CI
 
@@ -54,3 +54,19 @@ jobs:
         with:
           command: check
           log-level: warn
+
+  fmt:
+    name: cargo-fmt
+    needs: changes
+    if: needs.changes.outputs.rust == 'true'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - uses: actions/checkout@v6
+        with:
+          persist-credentials: false
+      - uses: dtolnay/rust-toolchain@stable
+        with:
+          components: rustfmt
+      - run: cargo fmt --all -- --check
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -41,9 +41,9 @@ Thank you for your interest in contributing to mlxcel! This document covers the
    ```
 4. Run the local quality gates:
    ```bash
-   cargo fmt --check
+   cargo fmt --all -- --check   # enforced by CI; fmt violations block merge
    cargo clippy --all-targets -- -D warnings
-   cargo deny check        # advisories + licenses + sources
+   cargo deny check             # advisories + licenses + sources
    ```
 5. For inference changes, validate against a real checkpoint — synthetic or build-only validation is not enough (see [`AGENTS.md`](AGENTS.md) for why).
 6. Commit with a conventional prefix (see below) and a clear message.
