chore: random CI improvements

[LesnyRumcajs]

Summary of changes

Changes introduced in this pull request:

• bunch of CI improvements, more description in the comments.

Reference issue to close (if applicable)

Closes

Other information and links

Change checklist

• I have performed a self-review of my own code,
• I have made corresponding changes to the documentation. All new code adheres to the team's documentation standards,
• I have added tests that prove my fix is effective or that my feature works (if possible),
• I have made sure the CHANGELOG is up-to-date. All user-facing changes should be reflected in this document.

Outside contributions

• I have read and agree to the CONTRIBUTING document.
• I have read and agree to the AI Policy document. I understand that failure to comply with the guidelines will lead to rejection of the pull request.

Summary by CodeRabbit

• New Features

  • Added an automated dry-run publishing check that runs daily or on demand and files an issue automatically if it detects failures.

• Chores

  • Improved CI efficiency by caching proof parameters and actor bundles.
  • Removed diagnostic noise from build logs.
  • Streamlined Docker image publishing conditions and always builds multi-arch images for slim builds.
  • Removed duplicate artifact download steps across CI jobs.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: ecfeca60-9f2c-4a73-98cd-39098a9659fd

📥 Commits

Reviewing files that changed from the base of the PR and between db83104 and a4d5684.

📒 Files selected for processing (1)

• .github/workflows/cargo-publish-dry-run.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/workflows/cargo-publish-dry-run.yml

---

Walkthrough

Adds a new scheduled and manual GitHub Actions workflow that runs cargo publish --dry-run with automated issue creation on failure and an issue template. Introduces caching of proof parameters and actor bundle in CI, removes diagnostic steps across workflows, consolidates duplicate artifact downloads, and adjusts Docker/build workflow conditions.

Changes

Cohort / File(s)	Summary
New Cargo Publish Workflow .github/CARGO_PUBLISH_DRY_RUN_ISSUE_TEMPLATE.md, .github/workflows/cargo-publish-dry-run.yml	Introduces a new workflow (manual + daily cron) to run cargo publish --dry-run, sets up sccache and toolchains, conditionally configures AWS-related sccache env, and creates an issue via JasonEtco/create-an-issue@v2 using a dedicated issue template on failure.
Caching Optimizations .github/workflows/coverage.yml, .github/workflows/unit-tests.yml	Adds actions/cache@v5 steps to cache FIL_PROOFS_PARAMETER_CACHE and FOREST_ACTOR_BUNDLE_PATH before fetch/test-snapshot steps to reuse downloaded proof params and actor bundle across runs.
Workflow Cleanup & Consolidation .github/workflows/forest.yml	Removes diagnostic steps (lscpu, curl ifconfig.me), deletes the embedded cargo-publish-dry-run job and its dependency references, and removes duplicate artifact download steps in several Calibnet jobs.
Docker & Build Workflow Updates .github/workflows/docker.yml	Removes diagnostic commands, conditions Rust install between release vs quick depending on branch/tag, and changes slim Docker build/push to always build multi-arch and always push, with job steps gated by branch/tag where appropriate.

Sequence Diagram(s)

mermaid
sequenceDiagram
participant Workflow as GitHub Actions Workflow
participant Runner as Runner (ubuntu-24.04-arm)
participant SCCache as sccache (remote/AWS)
participant Toolchain as mise/toolchain
participant Cargo as cargo
participant GH as GitHub API (create-an-issue)
Workflow->>Runner: dispatch (manual/cron)
Runner->>SCCache: configure endpoint/bucket/region (if AWS creds)
Runner->>Toolchain: install toolchains via mise
Runner->>SCCache: setup sccache (allow failure)
Runner->>Cargo: run cargo publish --dry-run
alt publish dry-run fails
Runner->>GH: compute WORKFLOW_URL -> create issue using template
end

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• chore: add issues on parity report failures #6700: Adds automated failure-reporting flow with issue template and create-an-issue usage similar to the new cargo-publish-dry-run workflow.
• fix(test): speed up test-release and codecov on CI #6372: Modifies coverage and unit-tests workflows to add caching and sccache/configuration changes overlapping with caching and sccache setup here.
• chore: remove disk usage tricks for buildjet #5892: Edits forest.yml to remove diagnostic steps and adjust workflow housekeeping, overlapping with the diagnostic step removals in this PR.

Suggested labels

github_actions

Suggested reviewers

• hanabi1224
• sudo-shashank
• akaladarshi

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title "chore: random CI improvements" is vague and does not clearly summarize the specific changes made to the pull request.	Use a more descriptive title that reflects the main changes, such as "chore: refactor CI workflows and add cargo publish dry run automation" or similar.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch optimize-workflows

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch optimize-workflows

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (2)

.github/workflows/cargo-publish-dry-run.yml (1)

23-27: Minor: Inconsistent whitespace in template expressions.

Lines 24-26 are missing a space before the closing }}:

echo "SCCACHE_ENDPOINT=${{ vars.SCCACHE_ENDPOINT}}" >> $GITHUB_ENV

While GitHub Actions will parse this correctly, it's inconsistent with the spacing used elsewhere (e.g., line 23 has ${{secrets.AWS_ACCESS_KEY_ID}}). Consider normalizing for consistency.

🔧 Suggested fix for consistent spacing

       - name: Configure SCCache variables
         run: |
           # External PRs do not have access to 'vars' or 'secrets'.
           if [[ "${{secrets.AWS_ACCESS_KEY_ID}}" != "" ]]; then
-            echo "SCCACHE_ENDPOINT=${{ vars.SCCACHE_ENDPOINT}}" >> $GITHUB_ENV
-            echo "SCCACHE_BUCKET=${{ vars.SCCACHE_BUCKET}}" >> $GITHUB_ENV
-            echo "SCCACHE_REGION=${{ vars.SCCACHE_REGION}}" >> $GITHUB_ENV
+            echo "SCCACHE_ENDPOINT=${{ vars.SCCACHE_ENDPOINT }}" >> $GITHUB_ENV
+            echo "SCCACHE_BUCKET=${{ vars.SCCACHE_BUCKET }}" >> $GITHUB_ENV
+            echo "SCCACHE_REGION=${{ vars.SCCACHE_REGION }}" >> $GITHUB_ENV
           fi

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/cargo-publish-dry-run.yml around lines 23 - 27, Normalize
spacing in the template expressions inside the conditional block: update the
three echo lines that set SCCACHE_ENDPOINT, SCCACHE_BUCKET, and SCCACHE_REGION
so each uses a space before the closing `}}` (e.g., `${{ vars.SCCACHE_ENDPOINT
}}`) to match the `${{secrets.AWS_ACCESS_KEY_ID}}` style in the if check; locate
the echo statements referencing SCCACHE_ENDPOINT, SCCACHE_BUCKET, and
SCCACHE_REGION and add the missing space before each `}}`.

.github/CARGO_PUBLISH_DRY_RUN_ISSUE_TEMPLATE.md (1)

1-8: Consider adding deduplication to prevent multiple issues on consecutive failures.

If the cargo publish --dry-run fails on multiple consecutive days, this workflow will create a new issue each time. The JasonEtco/create-an-issue action supports search_existing parameter to deduplicate by searching for open issues with a matching title.

Alternatively, you could add a unique identifier to the issue body for searching, though the current approach may be intentional to track each distinct failure.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/CARGO_PUBLISH_DRY_RUN_ISSUE_TEMPLATE.md around lines 1 - 8, The
workflow currently creates a new issue every run because the
`JasonEtco/create-an-issue` action isn't configured to deduplicate; update the
workflow step that uses `JasonEtco/create-an-issue` to enable deduplication by
setting the `search_existing` parameter (e.g., `search_existing: true`) and
provide a stable `search_term` or use the issue `title` template used now so it
matches existing open issues, or alternatively embed a unique identifier in the
issue body and use that for searching; change the action configuration in the
workflow that builds the title/body to include these parameters so repeated
failures reuse the same issue instead of opening new ones.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In @.github/CARGO_PUBLISH_DRY_RUN_ISSUE_TEMPLATE.md:
- Around line 1-8: The workflow currently creates a new issue every run because
the `JasonEtco/create-an-issue` action isn't configured to deduplicate; update
the workflow step that uses `JasonEtco/create-an-issue` to enable deduplication
by setting the `search_existing` parameter (e.g., `search_existing: true`) and
provide a stable `search_term` or use the issue `title` template used now so it
matches existing open issues, or alternatively embed a unique identifier in the
issue body and use that for searching; change the action configuration in the
workflow that builds the title/body to include these parameters so repeated
failures reuse the same issue instead of opening new ones.

In @.github/workflows/cargo-publish-dry-run.yml:
- Around line 23-27: Normalize spacing in the template expressions inside the
conditional block: update the three echo lines that set SCCACHE_ENDPOINT,
SCCACHE_BUCKET, and SCCACHE_REGION so each uses a space before the closing `}}`
(e.g., `${{ vars.SCCACHE_ENDPOINT }}`) to match the
`${{secrets.AWS_ACCESS_KEY_ID}}` style in the if check; locate the echo
statements referencing SCCACHE_ENDPOINT, SCCACHE_BUCKET, and SCCACHE_REGION and
add the missing space before each `}}`.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 57a443df-c7c1-41ed-b33a-988561f5f061

📥 Commits

Reviewing files that changed from the base of the PR and between 163a441 and db83104.

📒 Files selected for processing (6)

• .github/CARGO_PUBLISH_DRY_RUN_ISSUE_TEMPLATE.md
• .github/workflows/cargo-publish-dry-run.yml
• .github/workflows/coverage.yml
• .github/workflows/docker.yml
• .github/workflows/forest.yml
• .github/workflows/unit-tests.yml

💤 Files with no reviewable changes (1)

• .github/workflows/forest.yml

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 63.84%. Comparing base (d52a294) to head (a4d5684).
⚠️ Report is 11 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

see 26 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d52a294...a4d5684. Read the comment docs.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.