Skip to content

ci: Delete old caches and refresh them every night#155

Draft
lurtz wants to merge 18 commits into
mainfrom
add-write-permission-to-workflows-using-setup-bazel-cache
Draft

ci: Delete old caches and refresh them every night#155
lurtz wants to merge 18 commits into
mainfrom
add-write-permission-to-workflows-using-setup-bazel-cache

Conversation

@lurtz

@lurtz lurtz commented Jun 16, 2026

Copy link
Copy Markdown
Contributor

Old caches should not be used and waste space. Thus it is better to delete them. This requires the actions: write permission.

When caches are always reused they will grow without limits. Thus they are cleaned every night and recreated. This avoid having stale entries.

TODO

  • use bazel fetch to download external dependencies
    • Then only the job doing bazel fetch needs to run exclusively and the other jobs can run in parrallel
    • take multiple configurations into account

The action deletes caches for which it needs the write permission.
@lurtz lurtz marked this pull request as ready for review June 16, 2026 13:34
Comment thread .github/workflows/copilot-setup-steps.yml Outdated
@lurtz lurtz enabled auto-merge June 16, 2026 13:37
@github-actions

github-actions Bot commented Jun 16, 2026

Copy link
Copy Markdown

License Check Results

🚀 The license check job ran with the Bazel command:

bazel run //:license-check

Status: ⚠️ Needs Review

Click to expand output
[License Check Output]
2026/06/19 18:21:03 Downloading https://releases.bazel.build/8.4.1/release/bazel-8.4.1-linux-x86_64...
Extracting Bazel installation...
Starting local Bazel server (8.4.1) and connecting to it...
INFO: Invocation ID: 0c40f745-9e8e-424e-8918-f3ca44ed45f3
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Loading: 
Loading: 4 packages loaded
Loading: 4 packages loaded
    currently loading: 
Loading: 4 packages loaded
    currently loading: 
Loading: 4 packages loaded
    currently loading: 
Analyzing: target //:license-check (5 packages loaded, 0 targets configured)
Analyzing: target //:license-check (5 packages loaded, 0 targets configured)

Analyzing: target //:license-check (33 packages loaded, 10 targets configured)

Analyzing: target //:license-check (94 packages loaded, 10 targets configured)

Analyzing: target //:license-check (110 packages loaded, 106 targets configured)

Analyzing: target //:license-check (162 packages loaded, 3239 targets configured)

Analyzing: target //:license-check (164 packages loaded, 6191 targets configured)

Analyzing: target //:license-check (168 packages loaded, 8234 targets configured)

Analyzing: target //:license-check (171 packages loaded, 8245 targets configured)

Analyzing: target //:license-check (171 packages loaded, 8245 targets configured)

Analyzing: target //:license-check (171 packages loaded, 8245 targets configured)

Analyzing: target //:license-check (171 packages loaded, 8245 targets configured)

Analyzing: target //:license-check (175 packages loaded, 10256 targets configured)

Analyzing: target //:license-check (175 packages loaded, 10256 targets configured)

Analyzing: target //:license-check (175 packages loaded, 10256 targets configured)

Analyzing: target //:license-check (176 packages loaded, 10376 targets configured)

Analyzing: target //:license-check (176 packages loaded, 10376 targets configured)

INFO: Analyzed target //:license-check (177 packages loaded, 11955 targets configured).
[10 / 17] Creating runfiles tree bazel-out/k8-opt-exec-ST-d57f47055a04/bin/external/score_tooling+/dash/tool/formatters/dash_format_converter.runfiles [for tool]; 0s local ... (2 actions, 1 running)
INFO: From Generating Dash formatted dependency file ...:
INFO: Successfully converted 2 packages from Cargo.lock to bazel-out/k8-fastbuild/bin/formatted.txt
[15 / 17] JavaToolchainCompileBootClasspath external/rules_java+/toolchains/platformclasspath.jar; 0s disk-cache, processwrapper-sandbox
INFO: Found 1 target...
Target //:license.check.license_check up-to-date:
  bazel-bin/license.check.license_check
  bazel-bin/license.check.license_check.jar
INFO: Elapsed time: 221.359s, Critical Path: 2.50s
INFO: 17 processes: 12 internal, 4 processwrapper-sandbox, 1 worker.
INFO: Build completed successfully, 17 total actions
INFO: Running command line: bazel-bin/license.check.license_check ./formatted.txt <args omitted>
usage: org.eclipse.dash.licenses.cli.Main [-batch <int>] [-cd <url>]
       [-confidence <int>] [-ef <url>] [-excludeSources <sources>] [-help] [-lic
       <url>] [-project <shortname>] [-repo <url>] [-review] [-summary <file>]
       [-timeout <seconds>] [-token <token>]

@github-actions

Copy link
Copy Markdown

The created documentation from the pull request is available at: docu-html

@lurtz lurtz added the test-cross Run cross compilation tests in pull request label Jun 16, 2026
the cache is updated on pushes to main. This will happen after a pull request is merged for everybody.

Signed-off-by: lurtz <727209+lurtz@users.noreply.github.com>
@lurtz

lurtz commented Jun 17, 2026

Copy link
Copy Markdown
Contributor Author

FYI @AlexanderLanin Currently checks if the defaults will be changed to not need write permission

@lurtz

lurtz commented Jun 19, 2026

Copy link
Copy Markdown
Contributor Author

PR of used branch: eclipse-score/cicd-workflows#125

UPDATE Now this is used: etas-contrib/score_cicd-workflows#1

@lurtz lurtz changed the title ci: Add action: write permission to jobs using setup-bazel-cache ci: Delete old caches and refresh them every night Jun 19, 2026

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR introduces a scheduled “nightly” GitHub Actions workflow to delete existing repository caches and then run the standard CI pipeline to repopulate them, and updates existing workflows to support cache deletion via actions: write permissions and revised cache key naming.

Changes:

  • Add a new nightly workflow that deletes all GitHub Actions caches, then runs the repo’s reusable CI workflows sequentially.
  • Update multiple workflows to grant actions: write (for cache deletion) and adjust Bazel cache unique-cache-name to be stable across workflows.
  • Switch several reusable-workflow references from eclipse-score/cicd-workflows to elektrobit-contrib/eclipse-score_cicd-workflows.

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 12 comments.

Show a summary per file
File Description
.github/workflows/nightly.yml New scheduled workflow to delete all caches and rerun CI to refresh them.
.github/workflows/ci.yml Adds actions: write permissions on reusable-workflow calls to support cache deletion.
.github/workflows/ci_pull_request_target.yml Adds actions: write permissions for called workflows in PR-target context.
.github/workflows/copilot-setup-steps.yml Adds actions: write and adjusts Bazel cache name to github.job.
.github/workflows/build_and_test_host.yml Adds job permissions and changes Bazel cache name to github.job.
.github/workflows/build_and_test_cross_compilation.yml Adds job permissions and changes Bazel cache name to github.job + matrix config.
.github/workflows/build_and_test_qnx.yml Switches reusable workflow source and adds actions: write permission.
.github/workflows/copyright.yml Adds actions: write and switches reusable workflow source.
.github/workflows/format.yml Adds actions: write and switches reusable workflow source.
.github/workflows/docs.yml Adds actions: write and switches reusable workflow source.
.github/workflows/docs-cleanup.yml Switches reusable workflow source.
.github/workflows/license_check.yml Adds actions: write and switches reusable workflow source.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/workflows/build_and_test_host.yml
Comment thread .github/workflows/build_and_test_cross_compilation.yml
Comment thread .github/workflows/ci.yml
Comment thread .github/workflows/ci.yml
Comment thread .github/workflows/nightly.yml
Comment thread .github/workflows/format.yml
Comment thread .github/workflows/docs.yml
Comment thread .github/workflows/docs-cleanup.yml
Comment thread .github/workflows/copyright.yml
Comment thread .github/workflows/build_and_test_qnx.yml
@lurtz lurtz force-pushed the add-write-permission-to-workflows-using-setup-bazel-cache branch from d228c70 to f0f14f6 Compare June 19, 2026 12:50
matrix:
bazel-config: ["x86_64-qnx", "aarch64-qnx"]
uses: eclipse-score/cicd-workflows/.github/workflows/qnx-build.yml@93aac16ada7d247bbb6ae926509ddea74cf5213a # main (2026-06-03)
uses: elektrobit-contrib/score_cicd-workflows/.github/workflows/qnx-build.yml@590ce6b04b7964f0986e0a138f5fb57589f95a51

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any particular reason for the fork version?
Can we bring the change to score instead?

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is work in progress. After yesterdays discussions I decided to extend the scope. Once I am satisfied I will merge my cicd-workflows changes first.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now I am satisfied and need my PR merged into cicd-workflows

permissions:
pull-requests: write
issues: write
actions: write # needed for cache deletion at setup-bazel-cache

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you explain real quick how this works?
Isn't the deletion of the cache done in the nightly.yml? So why would the license check as an example now require write permission?

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The setup-bazel-cache action uses the latest cache and bazel then compiles the code. When the builds succeeds setup-bazel-cache will upload the cache with a new timestamp. Because the old cache will not be used anymore, it can be deleted. This was the logic before I started with nightly.yml and still has the problem, that caches will never shrink. With the nightly.yml I try to solve the issue that caches always grow.

When nightly.yml works, it would not be really necessary to delete caches with setup-bazel-cache except for the repository cache. The repository cache can easily grow up to 10GB (Github limit). Maybe it is ok to have multiple stale repository caches and then let Github delete them. The second issue I have to clarify is what does setup-bazel-cache do, when there are multiple caches available. I hope it picks the one with latest timestamp.

At the moment I am testing nightly.yml at https://github.com/lurtz/inc_someip_gateway/actions/workflows/nightly.yml

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems to look good now

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is a misconception here. You can only reuse caches that are created based on a trigger on branch main.
See the communication module workflows for a working cache setup.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That is why I tested it using a fork at my github user. The link above does not point to S-CORE.

Comment thread .github/workflows/nightly.yml Outdated
Comment thread nightly.yml Outdated
@lurtz

lurtz commented Jun 23, 2026

Copy link
Copy Markdown
Contributor Author

bazel build-without-bytes might speedup builds with risk of breaking the build

@lurtz

lurtz commented Jun 25, 2026

Copy link
Copy Markdown
Contributor Author

@lurtz lurtz marked this pull request as draft June 29, 2026 07:43
auto-merge was automatically disabled June 29, 2026 07:43

Pull request was converted to draft

@jorgecasal jorgecasal left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Withdrawing my previous approval. The PR has been converted to draft and there are ongoing discussions about the changes (workflow source references, permissions scope, cache strategy). Will re-review once the PR is ready for review again.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

test-cross Run cross compilation tests in pull request

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants