# CI/CD Pipeline

## Pipeline Stages

| Stage | Runs On | Gate |
|-------|---------|------|
| Format/lint | PR | Block merge |
| Unit tests | PR | Block merge |
| Replay black-box smoke | PR | Block merge |
| Cache/security fixture tests | PR | Block merge |
| Plane SITL spoof/failsafe tests | Release candidate / nightly | Block release |
| Public dataset replay | Nightly / release candidate | Block release |
| Jetson latency/resource tests | Release candidate | Block release |
| Thermal/FDR endurance | Release candidate / hardware qualification | Block release |

## Artifact Outputs

- Test CSV reports.
- FDR validation summaries.
- Cache integrity reports.
- Dataset replay metrics.
- SITL tlogs.
- Jetson profiling traces.

## Caching

- Cache dependency builds by lockfile hash.
- Cache public dataset slices only in controlled CI storage with license metadata.
- Do not cache secrets or signing keys.

## Branch Policy

- Work occurs on `dev`.
- Release gates must pass before deploy artifacts are considered production-ready.
- Any failed safety, spoofing, false-position, or cache-poisoning test blocks release.

## Quality Gates

| Gate | Threshold |
|------|-----------|
| Still-image geolocation | >=80% within 50 m and >=50% within 20 m |
| Hot-path latency | <400 ms p95 |
| Memory | <8 GB shared |
| Cold start | <30 s p95 |
| FDR | <=64 GB / 8-hour flight |
| Cache storage | <=10 GB unless split budget is approved |
| False position | AC-NEW-4 thresholds |

## Open Tasks For Decomposition

- Define CI runner labels for Docker/replay vs Jetson local hardware.
- Add dataset-license checks before public dataset jobs.
- Implement SITL scenario generation and tlog validation job.
- Implement report collation into a release evidence bundle.