Draft
fix: reduce AIC guardrail listArtifacts fan-out and add in-loop rate-limit backoff#43408
listArtifacts fan-out and add in-loop rate-limit backoff#43408Conversation
6 tasks
Copilot
AI
changed the title
[WIP] Fix daily AIC guardrail's per-run
fix: reduce AIC guardrail Jul 4, 2026
listArtifacts fan-out issuelistArtifacts fan-out and add in-loop rate-limit backoff
Contributor
🤖 PR Triage — Run §28715668077
0 files changed — PR body describes AIC guardrail fix but diff is empty. Close or reopen once actual changes are committed.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Under high run frequency + cold cache, the daily AIC guardrail produces an O(N×M)
listArtifactsfan-out (N concurrent activations × M uncached prior runs), all drawing from the sharedGITHUB_TOKENcore budget (~15k/hr). In a real incident this consumed ~50% of the hourly budget, starving unrelated critical steps (e.g. build-provenance attestation) with HTTP 403.Changes
restore_aic_usage_cache_fallback.cjs— widen cross-branch searchMAX_RUNS_TO_SEARCH: 5 → 20. The fallback searches recent completed runs for the aggregateaic-usage-cacheartifact; 5 was too narrow for repos with high PR branch churn. At 20, PR-branch activations reliably find the artifact and populate the local cache before the guardrail loop runs, reducing per-runlistArtifactscalls to zero on a warm aggregate cache.check_daily_aic_workflow_guardrail.cjs— in-loop rate-limit backoff + consumption outputRATE_LIMIT_RECHECK_INTERVAL = 5: after every 5 cache-miss artifact inspections the loop re-readsgetCoreRateLimitSnapshot. Since all concurrent activation jobs share the same budget, a concurrent drain shows up here; ifremaining < RATE_LIMIT_RESERVEthe loop halts early withtruncatedByRateLimit = true. This is the cross-run coordination mechanism without requiring shared state.daily_ai_credits_api_consumedstep output: exposes the per-run before/after rate-limit delta so downstream monitoring can aggregate total guardrail cost across runs.Tests
main()stops after exactly 5 inspections when the in-loop re-check returns below-reserve remaining (7 candidate runs, only 5 inspected).daily_ai_credits_api_consumedoutput equals the before–after rate-limit delta.