CI: only save dependency caches on master, restore on PRs#10731
Merged
Conversation
GitHub Actions caches are branch-scoped: an entry written by a pull_request run lives under refs/pull/<N>/merge and is invisible to other PRs. The haproxy, mbedtls, nss, ntp, threadx and hostap-vm workflows used combined actions/cache with fixed keys, so every PR re-saved its own copy of the same dependency, yielding one duplicate cache entry per PR. Split each into actions/cache/restore (always) plus actions/cache/save gated to refs/heads/master, and add a daily schedule so a master run reseeds the single shared entry that all PRs restore. mbedtls/nss save in their build job only; the test jobs restore-only. Disable the setup-msys2 package cache: the action only toggles caching on/off and cannot save on master while restoring on PRs.
The v6.4.3_rel version was repeated in the cache path, cache key, download URL and extract command. Define it once as a workflow-level env var and reference it everywhere.
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates several CI workflows to avoid creating duplicate dependency caches on every pull request by switching from actions/cache to an always-restore + default-branch-only save pattern, and adds scheduled runs to keep the shared cache warm. It also deduplicates the ThreadX NetXDuo version string into a single workflow-level environment variable.
Changes:
- Split dependency caching into
actions/cache/restore@v5(always) andactions/cache/save@v5(only onrefs/heads/master), with a dailyscheduletrigger to reseed shared caches. - Adjust mbedtls/nss so only the build job owns cache saving; test jobs are restore-only (with existing cache-miss fallbacks).
- Factor ThreadX NetXDuo version into
NETXDUO_REFand disable msys2/setup-msys2 caching.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| .github/workflows/threadx.yml | Adds scheduled seeding, splits NetXDuo cache restore/save, and factors version into NETXDUO_REF. |
| .github/workflows/ntp.yml | Adds scheduled seeding and splits NTP tarball caching into restore-only + master-only save. |
| .github/workflows/nss.yml | Adds scheduled seeding and switches NSS dist/ caching to restore-only + master-only save. |
| .github/workflows/msys2.yml | Disables msys2/setup-msys2 caching since it can’t be restricted to master-only saves. |
| .github/workflows/mbedtls.yml | Adds scheduled seeding and switches mbedtls caching to restore-only + master-only save. |
| .github/workflows/hostap-vm.yml | Adds scheduled seeding and splits hostap + kernel caches into restore-only + master-only save. |
| .github/workflows/haproxy.yml | Adds scheduled seeding and switches haproxy checkout caching to restore-only + master-only save. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
With the cache save restricted to master, a cold-cache PR or release run can no longer restore in the test job what the build job just built (the per-PR cache scope is gone), so mbedtls/nss were compiled twice. Upload the build as an artifact on a cache miss and download it in the test job instead of recompiling, matching the handoff hostap-vm already uses. master still restores from the shared cache, so it never uses the artifact.
Add the same draft-PR guard the other workflows use so the job does not run while a pull request is still a draft.
|
retest this please |
The draft guard skips the job on draft PRs, but the pull_request trigger used the default types (no ready_for_review), so marking a draft ready did not re-run the job and it stayed skipped. Add the standard types, matching the other workflows, so it re-runs when the PR becomes ready.
Member
|
Jenkins restest this please: "ERROR: Build 'PRB-generic-config-parser' failed with result: FAILURE" -> "DTLS" -> "FAIL scripts/unit.test (exit status: 1)" |
dgarske
approved these changes
Jun 18, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
GitHub Actions caches are branch-scoped: an entry written by a
pull_requestrun lives under
refs/pull/<N>/mergeand is invisible to other PRs. Thehaproxy, mbedtls, nss, ntp, threadx and hostap-vm workflows used combined
actions/cachewith fixed keys, so every PR re-saved its own copy of the samedependency, yielding one duplicate cache entry per PR.
CI: only save dependency caches on master, restore on PRsactions/cache/restore(always) plusactions/cache/savegated to
refs/heads/master, and add a daily schedule so a master runreseeds the single shared entry that all PRs restore.
setup-msys2package cache: the action only toggles cachingon/off and cannot save on master while restoring on PRs.
CI: factor threadx NetXDuo version into NETXDUO_REF env varv6.4.3_relversion was repeated in the cache path, cache key, downloadURL and extract command. Define it once as a workflow-level env var and
reference it everywhere.