Skip to content

Cache uv and Go binaries in CI workflows#224

Merged
alexkroman merged 3 commits into
mainfrom
claude/affectionate-knuth-aizys3
Jun 17, 2026
Merged

Cache uv and Go binaries in CI workflows#224
alexkroman merged 3 commits into
mainfrom
claude/affectionate-knuth-aizys3

Conversation

@alexkroman

@alexkroman alexkroman commented Jun 17, 2026

Copy link
Copy Markdown
Collaborator

Summary

Optimize CI performance by caching the uv package manager and Go-built gate binaries (actionlint, gitleaks) across workflow runs, reducing redundant downloads and compilation.

Key Changes

  • Replace manual uv installation with astral-sh/setup-uv action across three jobs (ci, test-e2e, docs-snapshot):

    • Uses the official setup action (v8.2.0) with caching enabled
    • Caches the uv download cache (~/.cache/uv) keyed on uv.lock, avoiding re-downloads of locked dependencies including Rust-backed sdists (pydantic-core, jiter, cryptography)
    • Simplifies the install step from python -m pip install uv to a declarative action

  • Add caching for Go gate binaries in the ci job:

    • New actions/cache step caches ~/go/bin keyed on scripts/gate_tool_pins.sh
    • Conditional go install only runs on cache miss, skipping from-source compilation when binaries are cached
    • Uses environment variable to safely pass cache-hit output to the script (avoiding template-injection risk)

  • Separate uv sync --frozen into its own step in the docs-snapshot job for clarity

Implementation Details

  • All cache keys are deterministic and tied to their respective lock/pin files, ensuring cache invalidation when dependencies change
  • The Go binary caching uses a conditional check (if [ "$CACHE_HIT" != "true" ]) to skip compilation entirely on cache hits
  • Cache-hit output is mapped to an environment variable rather than expanded directly in the script, following security best practices (zizmor template-injection rule)

https://claude.ai/code/session_01Wboq6L5ujSodPxqbewP3tx

@alexkroman alexkroman enabled auto-merge June 17, 2026 18:45
@claude
ci: cache uv downloads and Go gate binaries
59bc84f 
Replace `pip install uv` with astral-sh/setup-uv (pinned, cache enabled)
in the check, windows, and pre-commit jobs so the locked env — including
the Rust-backed sdists (pydantic-core/jiter/cryptography) — is restored
from ~/.cache/uv keyed on uv.lock instead of re-downloaded/rebuilt every
run.

Cache the from-source actionlint/gitleaks builds in the check job keyed
on scripts/gate_tool_pins.sh, skipping the `go install` compile on a hit.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01Wboq6L5ujSodPxqbewP3tx
@alexkroman alexkroman force-pushed the claude/affectionate-knuth-aizys3 branch from 164bbd0 to 59bc84f Compare June 17, 2026 20:20
@alexkroman alexkroman added this pull request to the merge queue Jun 17, 2026
Merged via the queue into main with commit 8a5474e Jun 17, 2026
19 checks passed
@alexkroman alexkroman deleted the claude/affectionate-knuth-aizys3 branch June 17, 2026 21:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@alexkroman @claude