Skip to content

ci: make dependency cache keys job-unique and poetry-aware#1032

Open
ekampf wants to merge 4 commits into
mainfrom
ci/improve-cache-keys
Open

ci: make dependency cache keys job-unique and poetry-aware#1032
ekampf wants to merge 4 commits into
mainfrom
ci/improve-cache-keys

Conversation

@ekampf

@ekampf ekampf commented Jun 8, 2026

Copy link
Copy Markdown
Contributor

Related Tickets & Documents

  • Issue: n/a

Changes

Improve the actions/cache keys in .github/workflows/ci.yaml:

  • Include the poetry version (env.POETRY_VERSION) in every cache key, so upgrading poetry no longer reuses a .venv built by a different poetry.
  • Make keys unique per job via ${{ github.job }}, so unit-tests and e2e-tests no longer share the same .venv key (previously only the first job to finish could save it, and they could cross-contaminate).
  • Fix a latent bug: the keys interpolated ${{ steps.setup_python.outputs.python-version }}, but no step defined id: setup_python — so it expanded to an empty string and the Python version was effectively absent from the key. Added id: setup_python to the setup-python steps in unit-tests and e2e-tests.
  • Add job-scoped restore-keys so a lockfile change still restores the latest matching cache (same job/os/python/poetry); make dev-deps reconciles afterward.

Notes

  • Affects the three cache steps that exist today: unit-tests .venv + pre-commit, and e2e-tests .venv. The build / release_dev* jobs have no dependency cache (unchanged), and release.yaml has no caches.
  • These key changes invalidate existing caches once (one cold run per job), then keys stabilize.
  • Independent of open PRs chore: unblock kopf updates by running semantic-release via pipx #1030 / chore: upgrade to Python 3.14 #1031 — they don't touch these lines.
  • Verified: workflow YAML parses; each rendered key now contains job name + python version (no empty gap) + poetry<version>.

Improve the actions/cache keys in CI:
- include the poetry version (env.POETRY_VERSION) so a poetry upgrade
  doesn't reuse a venv built by a different poetry
- make keys unique per job (github.job) so unit-tests and e2e-tests no
  longer share/contend on one key
- fix a latent bug: the keys referenced
  steps.setup_python.outputs.python-version but no step had that id, so
  the python version expanded to empty. Add id: setup_python to the
  setup-python steps so the version actually enters the key
- add job-scoped restore-keys for better hit rates when only the lock
  changes

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@codecov

codecov Bot commented Jun 8, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 98.02%. Comparing base (c7bf978) to head (299dba7).
⚠️ Report is 6 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #1032   +/-   ##
=======================================
  Coverage   98.02%   98.02%           
=======================================
  Files          32       32           
  Lines        1725     1725           
  Branches      177      177           
=======================================
  Hits         1691     1691           
  Misses         18       18           
  Partials       16       16           

Impacted file tree graph

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@minhtule

Copy link
Copy Markdown
Contributor

Make keys unique per job via ${{ github.job }}, so unit-tests and e2e-tests no longer share the same .venv key (previously only the first job to finish could save it, and they could cross-contaminate).

Not sure I understand this point. Both unit-tests and e2e-tests install dependencies using make dev-deps and we cache the .venv directory so both caches should be the same. Why do we need 2 separate caches? 🤔

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the CI workflow’s dependency caching strategy to avoid cross-job cache contamination and to make cache keys sensitive to Poetry and Python versions, improving correctness and reproducibility of CI runs.

Changes:

  • Adds id: setup_python to the actions/setup-python steps so steps.setup_python.outputs.python-version is actually populated.
  • Makes dependency cache keys job-unique (${{ github.job }}) and includes Poetry version (${{ env.POETRY_VERSION }}) to prevent reusing incompatible .venv caches.
  • Adds job-scoped restore-keys prefixes so caches can still be restored across lockfile changes, with make dev-deps reconciling afterward.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@minhtule minhtule left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants