From 93d4cce11f31d23b0d2edcc649553f0023e5c3ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Dinis=20Ferreira?= Date: Sun, 31 May 2026 14:37:32 +0200 Subject: [PATCH] ci: restore Maven cache from master-produced caches in maven-verify The maven-verify cache never hit in practice, for three compounding reasons (verified against the live cache inventory): - actions/cache only restores on an exact key match, and the key embedded hashFiles('**/pom.xml') - so any pom-touching PR missed outright. - GitHub isolates caches per PR scope: the open PRs each held a byte-identical ~700 MB cache under their own refs/pull/N/merge, invisible to one another. The only shareable scope is master, and verify.yml (a pull_request-only workflow) never saved there. - The redundant per-PR saves pushed the repo over its 10 GB cache budget (10+ GB across 14 caches), so LRU eviction also killed same-PR reuse. Fix, all in the one cache step: switch to actions/cache/restore (PRs stop saving - ends the duplicate-cache churn and the eviction pressure) and mirror the producer exactly. master DOES have a producer - snapshot.yml saves ~/.m2/repository as Linux-maven-publish-* on every push - so maven-verify now adopts that family's exact path spec and key recipe. The mirroring must be literal: GitHub hashes the path spec into the cache *version* and only serves a cache whose key AND version both match, so ~/.m2/repository vs /home/runner/.m2/repository alone makes the producer's caches silently unmatchable (the repo's cache inventory showed the two path spellings under distinct version hashes). A PR that touches no pom/target files exact-hits master's newest cache; any other PR prefix-restores it via restore-keys. The cache-bust lever is renaming the maven-publish family in snapshot.yml and here together. Co-Authored-By: Claude Fable 5 --- .github/workflows/verify.yml | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index a75dad226..fbece6cf2 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -45,11 +45,18 @@ jobs: run: mvn --version - name: Set up Workspace Environment Variable run: echo "WORKSPACE=${{ github.workspace }}" >> $GITHUB_ENV - - name: Cache Maven dependencies - uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.1.0 + - name: Restore Maven dependency cache + # Restore-only: PR scopes cannot share caches with each other, so per-PR + # saves are dead weight that evicts the useful master-scoped caches + # (10 GB repo budget). The producer is snapshot.yml on master pushes + # (Linux-maven-publish-*). Path and key must mirror snapshot.yml exactly: + # the literal path spec is hashed into the cache *version*, so any + # variation (~/.m2 vs /home/runner/.m2) makes its caches unmatchable. + uses: actions/cache/restore@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.1.0 with: - path: /home/runner/.m2/repository - key: ${{ runner.os }}-maven-0-${{ hashFiles('**/pom.xml') }} + path: ~/.m2/repository + key: ${{ runner.os }}-maven-publish-${{ hashFiles('**/pom.xml', '**/*.target') }} + restore-keys: ${{ runner.os }}-maven-publish- - name: Build with Maven within a virtual X Server Environment # Run pmd:pmd and pmd:cpd first to generate reports for all modules, then run pmd:check and pmd:cpd-check # This ensures all violations are collected and reported before the build fails