ci: Delete old caches and refresh them every night#155
Conversation
The action deletes caches for which it needs the write permission.
License Check Results🚀 The license check job ran with the Bazel command: bazel run //:license-checkStatus: Click to expand output |
|
The created documentation from the pull request is available at: docu-html |
the cache is updated on pushes to main. This will happen after a pull request is merged for everybody. Signed-off-by: lurtz <727209+lurtz@users.noreply.github.com>
|
FYI @AlexanderLanin Currently checks if the defaults will be changed to not need write permission |
|
PR of used branch: eclipse-score/cicd-workflows#125 UPDATE Now this is used: etas-contrib/score_cicd-workflows#1 |
It has its own cache and does not interfere with CI
There was a problem hiding this comment.
Pull request overview
This PR introduces a scheduled “nightly” GitHub Actions workflow to delete existing repository caches and then run the standard CI pipeline to repopulate them, and updates existing workflows to support cache deletion via actions: write permissions and revised cache key naming.
Changes:
- Add a new nightly workflow that deletes all GitHub Actions caches, then runs the repo’s reusable CI workflows sequentially.
- Update multiple workflows to grant
actions: write(for cache deletion) and adjust Bazel cacheunique-cache-nameto be stable across workflows. - Switch several reusable-workflow references from
eclipse-score/cicd-workflowstoelektrobit-contrib/eclipse-score_cicd-workflows.
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated 12 comments.
Show a summary per file
| File | Description |
|---|---|
| .github/workflows/nightly.yml | New scheduled workflow to delete all caches and rerun CI to refresh them. |
| .github/workflows/ci.yml | Adds actions: write permissions on reusable-workflow calls to support cache deletion. |
| .github/workflows/ci_pull_request_target.yml | Adds actions: write permissions for called workflows in PR-target context. |
| .github/workflows/copilot-setup-steps.yml | Adds actions: write and adjusts Bazel cache name to github.job. |
| .github/workflows/build_and_test_host.yml | Adds job permissions and changes Bazel cache name to github.job. |
| .github/workflows/build_and_test_cross_compilation.yml | Adds job permissions and changes Bazel cache name to github.job + matrix config. |
| .github/workflows/build_and_test_qnx.yml | Switches reusable workflow source and adds actions: write permission. |
| .github/workflows/copyright.yml | Adds actions: write and switches reusable workflow source. |
| .github/workflows/format.yml | Adds actions: write and switches reusable workflow source. |
| .github/workflows/docs.yml | Adds actions: write and switches reusable workflow source. |
| .github/workflows/docs-cleanup.yml | Switches reusable workflow source. |
| .github/workflows/license_check.yml | Adds actions: write and switches reusable workflow source. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
d228c70 to
f0f14f6
Compare
| matrix: | ||
| bazel-config: ["x86_64-qnx", "aarch64-qnx"] | ||
| uses: eclipse-score/cicd-workflows/.github/workflows/qnx-build.yml@93aac16ada7d247bbb6ae926509ddea74cf5213a # main (2026-06-03) | ||
| uses: elektrobit-contrib/score_cicd-workflows/.github/workflows/qnx-build.yml@590ce6b04b7964f0986e0a138f5fb57589f95a51 |
There was a problem hiding this comment.
Any particular reason for the fork version?
Can we bring the change to score instead?
There was a problem hiding this comment.
It is work in progress. After yesterdays discussions I decided to extend the scope. Once I am satisfied I will merge my cicd-workflows changes first.
There was a problem hiding this comment.
Now I am satisfied and need my PR merged into cicd-workflows
| permissions: | ||
| pull-requests: write | ||
| issues: write | ||
| actions: write # needed for cache deletion at setup-bazel-cache |
There was a problem hiding this comment.
Can you explain real quick how this works?
Isn't the deletion of the cache done in the nightly.yml? So why would the license check as an example now require write permission?
There was a problem hiding this comment.
The setup-bazel-cache action uses the latest cache and bazel then compiles the code. When the builds succeeds setup-bazel-cache will upload the cache with a new timestamp. Because the old cache will not be used anymore, it can be deleted. This was the logic before I started with nightly.yml and still has the problem, that caches will never shrink. With the nightly.yml I try to solve the issue that caches always grow.
When nightly.yml works, it would not be really necessary to delete caches with setup-bazel-cache except for the repository cache. The repository cache can easily grow up to 10GB (Github limit). Maybe it is ok to have multiple stale repository caches and then let Github delete them. The second issue I have to clarify is what does setup-bazel-cache do, when there are multiple caches available. I hope it picks the one with latest timestamp.
At the moment I am testing nightly.yml at https://github.com/lurtz/inc_someip_gateway/actions/workflows/nightly.yml
There was a problem hiding this comment.
Seems to look good now
There was a problem hiding this comment.
There is a misconception here. You can only reuse caches that are created based on a trigger on branch main.
See the communication module workflows for a working cache setup.
There was a problem hiding this comment.
That is why I tested it using a fork at my github user. The link above does not point to S-CORE.
|
bazel build-without-bytes might speedup builds with risk of breaking the build |
|
Discussion continues at https://github.com/orgs/eclipse-score/discussions/3016#discussioncomment-17431750 |
Pull request was converted to draft
jorgecasal
left a comment
There was a problem hiding this comment.
Withdrawing my previous approval. The PR has been converted to draft and there are ongoing discussions about the changes (workflow source references, permissions scope, cache strategy). Will re-review once the PR is ready for review again.
Old caches should not be used and waste space. Thus it is better to delete them. This requires the
actions: writepermission.When caches are always reused they will grow without limits. Thus they are cleaned every night and recreated. This avoid having stale entries.
TODO
bazel fetchto download external dependenciesbazel fetchneeds to run exclusively and the other jobs can run in parrallel