From dd26bcb6aad03c8930a69606b7c17fa604fd3ead Mon Sep 17 00:00:00 2001 From: Ivan Date: Fri, 24 Apr 2026 14:52:30 -0500 Subject: [PATCH] chore(workflows): add caching for Node.js and Poetry in CI workflows --- .github/workflows/android-build.yml | 5 ++++ .github/workflows/bench.yml | 17 +++++++++-- .github/workflows/build-linux-packages.yml | 17 +++++++++-- .github/workflows/build-linux-release.yml | 17 +++++++++-- .github/workflows/build-release.yml | 8 ++++-- .github/workflows/build.yml | 8 ++++-- .github/workflows/ci.yml | 33 ++++++++++++++++++---- .github/workflows/codeql.yml | 17 +++++++++-- .github/workflows/docker.yml | 2 ++ .github/workflows/frontend-build.yml | 12 ++++---- .github/workflows/security-scan.yml | 17 +++++++++-- 11 files changed, 121 insertions(+), 32 deletions(-) diff --git a/.github/workflows/android-build.yml b/.github/workflows/android-build.yml index 7f92db0..507d544 100644 --- a/.github/workflows/android-build.yml +++ b/.github/workflows/android-build.yml @@ -86,6 +86,11 @@ jobs: with: distribution: temurin java-version: ${{ env.JAVA_VERSION }} + cache: gradle + cache-dependency-path: | + android/build.gradle + android/settings.gradle + android/app/build.gradle - name: Set up Python uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 diff --git a/.github/workflows/bench.yml b/.github/workflows/bench.yml index 475c0e9..ed08d86 100644 --- a/.github/workflows/bench.yml +++ b/.github/workflows/bench.yml @@ -4,6 +4,7 @@ # actions/checkout@v6.0.1 8e8c483db84b4bee98b60c0593521ed34d9990e8 # actions/setup-python@v6.2.0 a309ff8b426b58ec0e2a45f0f869d46889d02405 # actions/setup-node@v6.1.0 395ad3262231945c25e8478fd5baf05154b1d79f +# actions/cache@v4.2.0 1bd1e32a3bdc45362d1e726936510720a7c30a57 name: Benchmarks @@ -46,13 +47,23 @@ jobs: POETRY_VERSION: ${{ env.POETRY_VERSION }} run: bash scripts/ci/github-install-poetry.sh + - name: Cache Poetry downloads + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 + with: + path: ~/.cache/pypoetry + key: ${{ runner.os }}-pypoetry-${{ hashFiles('poetry.lock') }} + restore-keys: | + ${{ runner.os }}-pypoetry- + + - name: Enable pnpm (corepack) + run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + - name: Set up Node uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f with: node-version: ${{ env.NODE_VERSION }} - - - name: Enable pnpm (corepack) - run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + cache: pnpm + cache-dependency-path: pnpm-lock.yaml - name: Install dependencies run: bash scripts/ci/github-install-deps.sh diff --git a/.github/workflows/build-linux-packages.yml b/.github/workflows/build-linux-packages.yml index 543b8dd..3fa6e8a 100644 --- a/.github/workflows/build-linux-packages.yml +++ b/.github/workflows/build-linux-packages.yml @@ -6,6 +6,7 @@ # actions/setup-node@v6.1.0 395ad3262231945c25e8478fd5baf05154b1d79f # actions/upload-artifact@v5.0.0 330a01c490aca151604b8cf639adc76d48f6c5d4 # actions/download-artifact@v5.0.0 634f93cb2916e3fdff6788551b99b062d0335ce0 +# actions/cache@v4.2.0 1bd1e32a3bdc45362d1e726936510720a7c30a57 name: Build Linux packages @@ -98,13 +99,23 @@ jobs: POETRY_VERSION: ${{ env.POETRY_VERSION }} run: bash scripts/ci/github-install-poetry.sh + - name: Cache Poetry downloads + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 + with: + path: ~/.cache/pypoetry + key: ${{ runner.os }}-pypoetry-${{ hashFiles('poetry.lock') }} + restore-keys: | + ${{ runner.os }}-pypoetry- + + - name: Enable pnpm (corepack) + run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + - name: Set up Node uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f with: node-version: ${{ env.NODE_VERSION }} - - - name: Enable pnpm (corepack) - run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + cache: pnpm + cache-dependency-path: pnpm-lock.yaml - name: Install dependencies run: bash scripts/ci/github-install-deps.sh diff --git a/.github/workflows/build-linux-release.yml b/.github/workflows/build-linux-release.yml index f32ea33..40e5a2b 100644 --- a/.github/workflows/build-linux-release.yml +++ b/.github/workflows/build-linux-release.yml @@ -7,6 +7,7 @@ # actions/setup-node@v6.1.0 395ad3262231945c25e8478fd5baf05154b1d79f # actions/upload-artifact@v5.0.0 330a01c490aca151604b8cf639adc76d48f6c5d4 # actions/download-artifact@v5.0.0 634f93cb2916e3fdff6788551b99b062d0335ce0 +# actions/cache@v4.2.0 1bd1e32a3bdc45362d1e726936510720a7c30a57 # # SLSA generator (must stay @vX.Y.Z semver per upstream): # slsa-framework/slsa-github-generator/generator_generic_slsa3.yml@v2.1.0 @@ -75,13 +76,23 @@ jobs: POETRY_VERSION: ${{ env.POETRY_VERSION }} run: bash scripts/ci/github-install-poetry.sh + - name: Cache Poetry downloads + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 + with: + path: ~/.cache/pypoetry + key: ${{ runner.os }}-pypoetry-${{ hashFiles('poetry.lock') }} + restore-keys: | + ${{ runner.os }}-pypoetry- + + - name: Enable pnpm (corepack) + run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + - name: Set up Node uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f with: node-version: ${{ env.NODE_VERSION }} - - - name: Enable pnpm (corepack) - run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + cache: pnpm + cache-dependency-path: pnpm-lock.yaml - name: Linux packaging APT dependencies run: bash scripts/ci/github-apt-linux-packaging.sh diff --git a/.github/workflows/build-release.yml b/.github/workflows/build-release.yml index 0ef27f5..9b40c7a 100644 --- a/.github/workflows/build-release.yml +++ b/.github/workflows/build-release.yml @@ -89,13 +89,15 @@ jobs: POETRY_VERSION: ${{ env.POETRY_VERSION }} run: bash scripts/ci/github-install-poetry.sh + - name: Enable pnpm (corepack) + run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + - name: Set up Node uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f with: node-version: ${{ env.NODE_VERSION }} - - - name: Enable pnpm (corepack) - run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + cache: pnpm + cache-dependency-path: pnpm-lock.yaml - name: Install dependencies run: bash scripts/ci/github-install-deps.sh diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 39aedb8..878c47c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -85,13 +85,15 @@ jobs: POETRY_VERSION: ${{ env.POETRY_VERSION }} run: bash scripts/ci/github-install-poetry.sh + - name: Enable pnpm (corepack) + run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + - name: Set up Node uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f with: node-version: ${{ env.NODE_VERSION }} - - - name: Enable pnpm (corepack) - run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + cache: pnpm + cache-dependency-path: pnpm-lock.yaml - name: Install dependencies run: bash scripts/ci/github-install-deps.sh diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 05cc2d7..152dfea 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -10,6 +10,7 @@ # actions/setup-node@v6.1.0 395ad3262231945c25e8478fd5baf05154b1d79f # actions/upload-artifact@v5.0.0 330a01c490aca151604b8cf639adc76d48f6c5d4 # actions/download-artifact@v5.0.0 634f93cb2916e3fdff6788551b99b062d0335ce0 +# actions/cache@v4.2.0 1bd1e32a3bdc45362d1e726936510720a7c30a57 name: CI on: @@ -84,13 +85,23 @@ jobs: POETRY_VERSION: ${{ env.POETRY_VERSION }} run: bash scripts/ci/github-install-poetry.sh + - name: Cache Poetry downloads + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 + with: + path: ~/.cache/pypoetry + key: ${{ runner.os }}-pypoetry-${{ hashFiles('poetry.lock') }} + restore-keys: | + ${{ runner.os }}-pypoetry- + + - name: Enable pnpm (corepack) + run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + - name: Set up Node uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f with: node-version: ${{ env.NODE_VERSION }} - - - name: Enable pnpm (corepack) - run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + cache: pnpm + cache-dependency-path: pnpm-lock.yaml - name: Install dependencies run: bash scripts/ci/github-install-deps.sh @@ -146,13 +157,23 @@ jobs: POETRY_VERSION: ${{ env.POETRY_VERSION }} run: bash scripts/ci/github-install-poetry.sh + - name: Cache Poetry downloads + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 + with: + path: ~/.cache/pypoetry + key: ${{ runner.os }}-pypoetry-${{ hashFiles('poetry.lock') }} + restore-keys: | + ${{ runner.os }}-pypoetry- + + - name: Enable pnpm (corepack) + run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + - name: Set up Node uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f with: node-version: ${{ env.NODE_VERSION }} - - - name: Enable pnpm (corepack) - run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + cache: pnpm + cache-dependency-path: pnpm-lock.yaml - name: Install dependencies run: bash scripts/ci/github-install-deps.sh diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index de110c1..eaf953c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -5,6 +5,7 @@ # actions/download-artifact@v5.0.0 634f93cb2916e3fdff6788551b99b062d0335ce0 # github/codeql-action/init@v4.31.6 95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # github/codeql-action/analyze@v4.31.6 95e58e9a2cdfd71adc6e0353d5c52f41a045d225 +# actions/cache@v4.2.0 1bd1e32a3bdc45362d1e726936510720a7c30a57 name: "CodeQL Advanced" @@ -107,13 +108,23 @@ jobs: POETRY_VERSION: ${{ env.POETRY_VERSION }} run: bash scripts/ci/github-install-poetry.sh + - name: Cache Poetry downloads + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 + with: + path: ~/.cache/pypoetry + key: ${{ runner.os }}-pypoetry-${{ hashFiles('poetry.lock') }} + restore-keys: | + ${{ runner.os }}-pypoetry- + + - name: Enable pnpm (corepack) + run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + - name: Set up Node uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f with: node-version: ${{ env.NODE_VERSION }} - - - name: Enable pnpm (corepack) - run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + cache: pnpm + cache-dependency-path: pnpm-lock.yaml - name: Install dependencies run: bash scripts/ci/github-install-deps.sh diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 021df23..6f539fa 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -132,6 +132,8 @@ jobs: platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.tags.outputs.tags }} + cache-from: type=gha + cache-to: type=gha,mode=max build-args: | OCI_REVISION=${{ github.sha }} OCI_VERSION=${{ steps.oci.outputs.version }} diff --git a/.github/workflows/frontend-build.yml b/.github/workflows/frontend-build.yml index bb4e894..5fc5b70 100644 --- a/.github/workflows/frontend-build.yml +++ b/.github/workflows/frontend-build.yml @@ -84,16 +84,18 @@ jobs: with: python-version: ${{ inputs.python_version }} - - name: Set up Node - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f - with: - node-version: ${{ inputs.node_version }} - - name: Enable pnpm (corepack) env: PNPM_VERSION: ${{ inputs.pnpm_version }} run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + - name: Set up Node + uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f + with: + node-version: ${{ inputs.node_version }} + cache: pnpm + cache-dependency-path: pnpm-lock.yaml + - name: Install frontend dependencies run: pnpm install --frozen-lockfile diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml index 0d78056..82b657a 100644 --- a/.github/workflows/security-scan.yml +++ b/.github/workflows/security-scan.yml @@ -4,6 +4,7 @@ # actions/checkout@v6.0.1 8e8c483db84b4bee98b60c0593521ed34d9990e8 # actions/setup-python@v6.2.0 a309ff8b426b58ec0e2a45f0f869d46889d02405 # actions/setup-node@v6.1.0 395ad3262231945c25e8478fd5baf05154b1d79f +# actions/cache@v4.2.0 1bd1e32a3bdc45362d1e726936510720a7c30a57 # FIXME: CVE-2026-3219 affects pip through 26.0.1 waiting for next release to fix for now we ignore it @@ -52,13 +53,23 @@ jobs: POETRY_VERSION: ${{ env.POETRY_VERSION }} run: bash scripts/ci/github-install-poetry.sh + - name: Cache Poetry downloads + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 + with: + path: ~/.cache/pypoetry + key: ${{ runner.os }}-pypoetry-${{ hashFiles('poetry.lock') }} + restore-keys: | + ${{ runner.os }}-pypoetry- + + - name: Enable pnpm (corepack) + run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + - name: Set up Node uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f with: node-version: ${{ env.NODE_VERSION }} - - - name: Enable pnpm (corepack) - run: corepack enable && corepack prepare "pnpm@${PNPM_VERSION}" --activate + cache: pnpm + cache-dependency-path: pnpm-lock.yaml - name: Install dependencies run: bash scripts/ci/github-install-deps.sh