feat(ci): encode JUnit cases as OTLP and upload to Mergify CI Insights

[jd]

Second layer of the mergify ci junit-process port — turn the
parsed TestCase values into an OTLP ExportTraceServiceRequest
and ship it to /v1/repos/<owner>/<repo>/ci/traces as
gzipped protobuf.

Two new modules under junit_process:

• spans builds one session span per upload, one suite span per
  <testsuite>, and one case span per <testcase>, all sharing
  a resource that carries the CI-env attributes the backend uses
  for routing (provider, pipeline run id, branch, head SHA, …).
  The test cases pin parent/child wiring, status-code mapping,
  attribute propagation, and resource scraping by feeding a
  deterministic RNG into a hidden seam.

• upload POSTs the request with the same headers the Python
  OTLPSpanExporter sends (Bearer auth, application/x-protobuf,
  Content-Encoding: gzip) and matches the error wording so any
  log scrapers tracking Python output keep working. Wiremock
  covers the happy path, the empty-request short-circuit, and the
  401 error surface.

The detector grows the resource-attribute lookups Python emits
(pipeline name, job name, run id/attempt/url, head/base ref,
head SHA, repository URL, runner name) — sync env reads only,
matching the Python sync path. The PR-event-aware async SHA
fallback stays on the Python side for now and lands with the
CLI dispatch in Phase C.

opentelemetry-proto is the only otel dep we pull in, gated to
gen-tonic-messages + trace so it boils down to the prost
generated types plus the trace proto module — no tonic, no
otel SDK, no exporter runtime. Compression is flate2 and the
HTTP layer reuses the existing workspace reqwest to keep the
TLS / rustls flavour consistent.

Co-Authored-By: Claude Opus 4.7 noreply@anthropic.com

Depends-On: #1465

[jd]

This pull request is part of a Mergify stack:

#	Pull Request	Link
1	fix(cli): accept --debug on the Rust binary and actually toggle it in Python	#1464
2	refactor(rust): share test scaffolding via mergify-test-support crate	#1439
3	refactor(core): introduce CommandContext for the queue+freeze prelude	#1441
4	refactor(ci): consolidate the CI-env scrubber into a shared testing module	#1442
5	refactor: drop stale Phase X.Y doc markers and one inline color branch	#1443
6	refactor(tui): share StyledGlyph across queue show/status renderers	#1444
7	refactor(queue): drop indexmap, group_by_scope returns a Vec<(K, V)>	#1445
8	refactor(ci): swap uuid for getrandom in the GHA heredoc delimiter	#1446
9	refactor(config): standardize the workspace on serde_yaml_ng for YAML parsing	#1447
10	test(ci): add live smoke test for ci scopes select-all path	#1460
11	feat(rust): port ci scopes to native Rust	#1461
12	feat(ci): parse JUnit XML reports in native Rust	#1465
13	feat(ci): encode JUnit cases as OTLP and upload to Mergify CI Insights	#1466	👈
14	feat(ci): promote ci junit-process from shim to native Rust	#1467
15	feat(ci): promote ci junit-upload from shim to native as a deprecated alias	#1468
16	fix(ci): prefer GitHub Actions PR-event head SHA over GITHUB_SHA	#1469

[mergify]

Merge Protections

Your pull request matches the following merge protections and will not be merged until they are valid.

🔴 ⛓️ Depends-On Requirements

Waiting for

• depends-on=Mergifyio/mergify-cli#1439 [⛓️ refactor(rust): share test scaffolding via mergify-test-support crate #1439 [stack]]
• depends-on=Mergifyio/mergify-cli#1441 [⛓️ refactor(core): introduce CommandContext for the queue+freeze prelude #1441 [stack]]
• depends-on=Mergifyio/mergify-cli#1442 [⛓️ refactor(ci): consolidate the CI-env scrubber into a shared testing module #1442 [stack]]
• depends-on=Mergifyio/mergify-cli#1443 [⛓️ refactor: drop stale Phase X.Y doc markers and one inline color branch #1443 [stack]]
• depends-on=Mergifyio/mergify-cli#1444 [⛓️ refactor(tui): share StyledGlyph across queue show/status renderers #1444 [stack]]
• depends-on=Mergifyio/mergify-cli#1445 [⛓️ refactor(queue): drop indexmap, group_by_scope returns a Vec<(K, V)> #1445 [stack]]
• depends-on=Mergifyio/mergify-cli#1446 [⛓️ refactor(ci): swap uuid for getrandom in the GHA heredoc delimiter #1446 [stack]]
• depends-on=Mergifyio/mergify-cli#1447 [⛓️ refactor(config): standardize the workspace on serde_yaml_ng for YAML parsing #1447 [stack]]
• depends-on=Mergifyio/mergify-cli#1460 [⛓️ test(ci): add live smoke test for ci scopes select-all path #1460 [stack]]
• depends-on=Mergifyio/mergify-cli#1461 [⛓️ feat(rust): port ci scopes to native Rust #1461 [stack]]
• depends-on=Mergifyio/mergify-cli#1464 [⛓️ fix(cli): accept --debug on the Rust binary and actually toggle it in Python #1464 [stack]]
• depends-on=Mergifyio/mergify-cli#1465 [⛓️ feat(ci): parse JUnit XML reports in native Rust #1465 [stack]]

This rule is failing.

Requirement based on the presence of Depends-On in the body of the pull request

• depends-on=Mergifyio/mergify-cli#1439 [⛓️ refactor(rust): share test scaffolding via mergify-test-support crate #1439 [stack]]
• depends-on=Mergifyio/mergify-cli#1441 [⛓️ refactor(core): introduce CommandContext for the queue+freeze prelude #1441 [stack]]
• depends-on=Mergifyio/mergify-cli#1442 [⛓️ refactor(ci): consolidate the CI-env scrubber into a shared testing module #1442 [stack]]
• depends-on=Mergifyio/mergify-cli#1443 [⛓️ refactor: drop stale Phase X.Y doc markers and one inline color branch #1443 [stack]]
• depends-on=Mergifyio/mergify-cli#1444 [⛓️ refactor(tui): share StyledGlyph across queue show/status renderers #1444 [stack]]
• depends-on=Mergifyio/mergify-cli#1445 [⛓️ refactor(queue): drop indexmap, group_by_scope returns a Vec<(K, V)> #1445 [stack]]
• depends-on=Mergifyio/mergify-cli#1446 [⛓️ refactor(ci): swap uuid for getrandom in the GHA heredoc delimiter #1446 [stack]]
• depends-on=Mergifyio/mergify-cli#1447 [⛓️ refactor(config): standardize the workspace on serde_yaml_ng for YAML parsing #1447 [stack]]
• depends-on=Mergifyio/mergify-cli#1460 [⛓️ test(ci): add live smoke test for ci scopes select-all path #1460 [stack]]
• depends-on=Mergifyio/mergify-cli#1461 [⛓️ feat(rust): port ci scopes to native Rust #1461 [stack]]
• depends-on=Mergifyio/mergify-cli#1464 [⛓️ fix(cli): accept --debug on the Rust binary and actually toggle it in Python #1464 [stack]]
• depends-on=Mergifyio/mergify-cli#1465 [⛓️ feat(ci): parse JUnit XML reports in native Rust #1465 [stack]]

🔴 👀 Review Requirements

Waiting for

• #approved-reviews-by>=2

This rule is failing.

• any of:
  • #approved-reviews-by>=2
  • author = dependabot[bot]
  • author = mergify-ci-bot
  • author = renovate[bot]

🔴 🔎 Reviews

Waiting for

• #review-requested = 0

This rule is failing.

• #review-requested = 0
• #changes-requested-reviews-by = 0
• #review-threads-unresolved = 0

🟢 🤖 Continuous Integration

Wonderful, this rule succeeded.

• all of:
  • check-success=ci-gate

🟢 Enforce conventional commit

Wonderful, this rule succeeded.

Make sure that we follow https://www.conventionalcommits.org/en/v1.0.0/

• title ~= ^(fix|feat|docs|style|refactor|perf|test|build|ci|chore|revert|ui)(?:\(.+\))?:

🟢 📕 PR description

Wonderful, this rule succeeded.

• body ~= (?ms:.{48,})

[jd]

Revision history

#	Type	Changes	Reason	Date
1	initial	3a3d6cc		2026-05-27 08:27 UTC
2	content	3a3d6cc → ee06c7a (raw)		2026-05-27 08:27 UTC
3	rebase	ee06c7a → 0c646f7 (rebase only)		2026-05-27 08:46 UTC
4	content	0c646f7 → fa0eeaf (raw)		2026-05-27 09:18 UTC
5	content	fa0eeaf → dd1bfdf	Move the GITHUB_OUTPUT scrub out of this commit into the scrubber-consolidation commit lower in the stack, so the fix covers every PR (including #1465) instead of only the ones at or above this one.	2026-05-27 10:04 UTC
6	rebase	dd1bfdf → 2ecb8c2 (rebase only)		2026-05-27 10:15 UTC