ci: add timeout-minutes to all 25 jobs lacking explicit limits#21601
Merged
ci: add timeout-minutes to all 25 jobs lacking explicit limits#21601
Conversation
3 tasks
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] [ci-coach] Add timeout-minutes to all jobs lacking explicit limits
ci: add timeout-minutes to all 25 jobs lacking explicit limits
Mar 18, 2026
pelikhan
approved these changes
Mar 18, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
Adds explicit timeout-minutes limits across the CI workflow to avoid consuming the default 6-hour GitHub Actions job timeout when jobs hang (e.g., stalled downloads or tests).
Changes:
- Added job-level
timeout-minutessettings across most CI jobs in.github/workflows/ci.yml. - Chose timeout values (10–30 minutes) tailored per job category (unit tests, integration matrix, builds, lint, etc.).
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
Comment on lines
+17
to
19
| timeout-minutes: 15 | ||
| permissions: | ||
| contents: read |
This was referenced Mar 18, 2026
lpcox
added a commit
that referenced
this pull request
Mar 18, 2026
* docs: add GH_HOST and RUNNER_TEMP to glossary (daily scan 2026-03-18) (#21553) * docs: update GHES CLI docs and add Copilot GHES troubleshooting guide (#21528) * Fix list height not updating on terminal resize (#21555) * fix(daily-workflow-updater): unblock PR creation by setting protected-files: allowed (#21554) * chore: bump MCP Gateway v0.1.15→v0.1.17 (#21552) * feat: custom Huh theme mapped from pkg/styles Dracula palette (#21557) * Add top-level `github-app` frontmatter as universal fallback for token minting (#21510) * feat: add GitHub App-only permissions support (#21511) * fix: fall back to existing remote tracking ref when incremental patch fetch fails (#21568) * Add weekly blog post writer agentic workflow (#21575) * ci: add timeout-minutes to all 25 jobs lacking explicit limits (#21601) * fix: add setupGlobals in generate_aw_info step to fix staged mode ReferenceError (#21602) * Disable lockdown mode for weekly blog post generator (#21598) * fix: replace git push with GraphQL signed commits to satisfy required_signatures rulesets (#21576) * docs: add weekly update blog post for 2026-03-18 (#21608) Covers v0.58.0 through v0.61.0 (7 releases this week), notable PRs, and auto-triage-issues as Agent of the Week. Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix failing CI: merge main to include setupGlobals in generate_aw_info step and update golden files Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com> --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
lpcox
added a commit
that referenced
this pull request
Mar 18, 2026
…ains on data residency (#21527) * Initial plan * Fix threat detection AWF run missing --copilot-api-target and GHE domains on data residency When engine.api-target is configured for GHE Cloud with data residency, propagate the APITarget from the main engine config to the detection engine config so the threat detection AWF invocation receives the same --copilot-api-target flag and GHE-specific domains in --allow-domains. Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com> * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * Add GITHUB_COPILOT_BASE_URL env var support and fix integration test api-target - Fix TestAPITargetDomainsInThreatDetectionStep to use api.contoso-aw.ghe.com (copilot-api. prefix does not trigger base-domain derivation in GetAPITargetDomains) - Add GetCopilotAPITarget() helper: resolves --copilot-api-target from engine.api-target (explicit) or GITHUB_COPILOT_BASE_URL in engine.env (fallback), mirroring the OPENAI_BASE_URL/ANTHROPIC_BASE_URL pattern for Codex/Claude - Update awf_helpers.go, copilot_engine_execution.go, and domains.go to use the helper - Add unit tests for GetCopilotAPITarget and engine execution step - Add integration test TestGitHubCopilotBaseURLInCompiledWorkflow - Update engines.md docs to document GITHUB_COPILOT_BASE_URL Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> * Update DefaultMCPGatewayVersion to v0.1.17 and regenerate golden/lock files (#21609) Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com> * fix: merge main to resolve failing build-wasm and test CI jobs (#21612) * docs: add GH_HOST and RUNNER_TEMP to glossary (daily scan 2026-03-18) (#21553) * docs: update GHES CLI docs and add Copilot GHES troubleshooting guide (#21528) * Fix list height not updating on terminal resize (#21555) * fix(daily-workflow-updater): unblock PR creation by setting protected-files: allowed (#21554) * chore: bump MCP Gateway v0.1.15→v0.1.17 (#21552) * feat: custom Huh theme mapped from pkg/styles Dracula palette (#21557) * Add top-level `github-app` frontmatter as universal fallback for token minting (#21510) * feat: add GitHub App-only permissions support (#21511) * fix: fall back to existing remote tracking ref when incremental patch fetch fails (#21568) * Add weekly blog post writer agentic workflow (#21575) * ci: add timeout-minutes to all 25 jobs lacking explicit limits (#21601) * fix: add setupGlobals in generate_aw_info step to fix staged mode ReferenceError (#21602) * Disable lockdown mode for weekly blog post generator (#21598) * fix: replace git push with GraphQL signed commits to satisfy required_signatures rulesets (#21576) * docs: add weekly update blog post for 2026-03-18 (#21608) Covers v0.58.0 through v0.61.0 (7 releases this week), notable PRs, and auto-triage-issues as Agent of the Week. Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix failing CI: merge main to include setupGlobals in generate_aw_info step and update golden files Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com> --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com> Co-authored-by: Landon Cox <landon.cox@microsoft.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
26 of 27 CI jobs relied on GitHub's 6-hour default timeout — a hanging test, slow Docker pull, or stalled tool download could silently burn 6 hours of runner compute before being killed.
Adds
timeout-minutesto all 25 jobs that lacked explicit limits (one job already had it):validate-yaml,js,js-integration-live-api,update,actions-build,lint-js,check-validator-sizes,health-smoke-copilot,mcp-server-compile-test,safe-outputs-conformance,integration-add-dispatch-workflowtest,build,build-wasm,canary_go,bench,audit,security,integration-unauthenticated-addlint-go,fuzz,cross-platform-build,alpine-container-testintegration(matrix; test step uses-timeout=10m)integration-add(clones external repo + adds N workflows)All values are set conservatively above observed max run durations.
🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.