Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Speed up GHA workflows, use consistent bot token, etc #55923

Merged
merged 9 commits into from
Oct 2, 2023
Merged

Speed up GHA workflows, use consistent bot token, etc #55923

merged 9 commits into from
Oct 2, 2023

Conversation

jakebailey
Copy link
Member

@jakebailey jakebailey commented Sep 30, 2023
edited
Loading

An amalgamation of various fixups and improvements:

  • Use the bot's token everywhere rather than contents: write. When using contents: write, GHA workflows won't run when pushed as GHA tries to prevent loops by poisoning the token. A PAT works around this.
  • Don't run tests in sync-branch. This is slightly risky given baselines might fail, but I don't think we've seen that happen and @DanielRosenwasser reports that this delay is annoying.
  • Update package-lock.json when changing package.json's version. This is harmless but generally annoying that package-lock is not up to date on release branches. Honestly, I'm shocked that npm ci is okay with that state.
  • Remove update-lkg.yml, which could only ever update LKG on main, which I removed a while back.
  • Use a "blobless" clone rather than a full clone when we need history; this mode downloads the commit info, but none of the file contents until they are actually needed. This brings a full clone of our repo in CI down from 4m to 1m30m or so. See: https://github.blog/2020-12-21-get-up-to-speed-with-partial-clone-and-shallow-clone/ Add support for partial checkout filters actions/checkout#1396 (comment)

@typescript-bot typescript-bot added Author: Team For Uncommitted Bug PR for untriaged, rejected, closed or missing bug labels Sep 30, 2023
DanielRosenwasser
DanielRosenwasser reviewed Sep 30, 2023
View reviewed changes
.github/workflows/update-package-lock.yaml
@@ -46,7 +43,7 @@ jobs:
echo "No change."
else
npm test
npx hereby lkg
npx hereby LKG
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's the point of the LKG? Just as a test to see that it works?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

E.g. the LKG script silently broke because a dep updated, or something. Otherwise we wouldn't know until we attempted to do a release or nightly or something.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(this particular change is just to make all of the workflows have the same casing; silly, I know)

DanielRosenwasser
DanielRosenwasser reviewed Sep 30, 2023
View reviewed changes
.github/workflows/accept-baselines-fix-lints.yaml
@@ -16,11 +16,10 @@ jobs:
build:
runs-on: ubuntu-latest

permissions:
contents: write

steps:
- uses: actions/checkout@v3
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we want this to be v4 also?

Copy link
Member Author

@jakebailey jakebailey Sep 30, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Surprisingly, this doesn't do a full fetch, so I don't need to bump it to get the new filter options.

I wanted to bump all of the versions but I'd need to update every file's version specifiers which felt noisy. Probably, we should enable dependabot but just for GHA. But either of those I'd rather in a different PR.

@DanielRosenwasser
Copy link
Member

Thanks for sending this! I don't know the nuances of permissions.contents: "write" so I can't sign off right away, but doing the blobless clone is a great idea for these.

@jakebailey
Copy link
Member Author

Thanks for sending this! I don't know the nuances of permissions.contents: "write" so I can't sign off right away

This should be safe; we already use that in the package-lock workflow.

@jakebailey
Copy link
Member Author

Any other concerns?

@jakebailey jakebailey merged commit 13a2150 into microsoft:main Oct 2, 2023
@jakebailey jakebailey deleted the tweak-gha-lkg branch October 2, 2023 20:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RyanCavanaugh RyanCavanaugh RyanCavanaugh approved these changes

@DanielRosenwasser DanielRosenwasser DanielRosenwasser approved these changes

@weswigham weswigham Awaiting requested review from weswigham

@andrewbranch andrewbranch Awaiting requested review from andrewbranch

Assignees

@jakebailey jakebailey

Labels
Author: Team For Uncommitted Bug PR for untriaged, rejected, closed or missing bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jakebailey @DanielRosenwasser @RyanCavanaugh @typescript-bot