Skip to content

Workflows: nightly build and sync #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 24, 2025
Merged

Workflows: nightly build and sync #1

merged 1 commit into from
Oct 24, 2025

Conversation

@pmtk
Copy link
Collaborator

@pmtk pmtk commented Oct 24, 2025
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Chores
    • Added a nightly automated workflow to build and publish the clonerefs binary for multiple architectures.
    • Added a daily automated workflow to sync the fork with the upstream repository.

@coderabbitai
Copy link

coderabbitai bot commented Oct 24, 2025
edited
Loading

Caution

Review failed

The pull request is closed.

Walkthrough

Two new GitHub Actions workflows were added: one schedules nightly builds and releases of a clonerefs binary for amd64 and arm64; the other schedules daily (and manual) synchronization of the fork with its upstream repository.

Changes

Cohort / File(s) Summary
Nightly clonerefs build & release
.github/workflows/nightly-clonerefs.yml		 New workflow that runs on schedule and workflow_dispatch, builds clonerefs for linux/amd64 and linux/arm64 (Go build with GOOS/GOARCH matrix), writes artifacts into dist with platform-specific names, generates SHA256 checksums, and updates the nightly GitHub Release via softprops/action-gh-release.
Daily fork sync
.github/workflows/nightly-sync.yaml		 New workflow that runs daily (cron) and via workflow_dispatch to sync the fork with upstream using gh repo sync executed on ubuntu-latest with repository and branch provided from context and GITHUB_TOKEN.

Sequence Diagram(s)

sequenceDiagram
    participant GitHub as GitHub Scheduler
    participant Runner as Runner (ubuntu-latest)
    participant Repo as Repository
    participant Release as GitHub Releases

    rect rgb(235, 245, 255)
    Note over GitHub,Release: Nightly clonerefs build & release
    GitHub->>Runner: trigger (cron / workflow_dispatch)
    Runner->>Repo: checkout
    Runner->>Runner: setup-go
    Runner->>Runner: build (matrix: amd64, arm64)
    Runner->>Runner: generate SHA256 checksums
    Runner->>Release: upload/overwrite nightly release artifacts
    end
Loading 
sequenceDiagram
    participant GitHub as GitHub Scheduler
    participant Runner as Runner (ubuntu-latest)
    participant Upstream as Upstream Repository
    participant Fork as Fork Repository

    rect rgb(235, 245, 255)
    Note over GitHub,Fork: Daily fork synchronization
    GitHub->>Runner: trigger (cron / workflow_dispatch)
    Runner->>Upstream: fetch latest changes
    Runner->>Fork: run `gh repo sync` (apply changes)
    Runner->>Fork: push updates (if needed)
    end
Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 I hopped through YAML lines tonight,

Built binaries by moonlit byte,
I nudged the fork to match the stream,
Nightly dreams in CI's gleam,
🍃 Pipelines hum — a rabbit's delight.

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
Coderabbit Review ⚠️ Warning The workflow files contain architectural and style issues that deviate from best practices. The nightly-clonerefs.yml workflow has a race condition problem where multiple matrix jobs attempt to simultaneously create/update the same nightly release tag, which can cause conflicts or failed updates. The recommended approach is to separate build and release steps using artifacts and a separate release job. Additionally, there is file naming inconsistency between the two workflow files (.yml vs .yaml), and the nightly-sync.yaml workflow lacks proper quoting for shell variables and explicit error handling for the gh repo sync command. To fix these issues: (1) Refactor nightly-clonerefs.yml to build all artifacts in the matrix job, then upload them as artifacts, and use a separate dependent release job to download artifacts and create the release once; (2) Use consistent file extensions (.yaml) for both workflow files; (3) Add proper quoting around variables in the nightly-sync.yaml command ("$REPOSITORY" -b "$BRANCH_NAME"); and (4) Add explicit error handling in nightly-sync.yaml using set -e or explicit error checks to ensure the workflow fails appropriately if the sync command fails.
✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check ✅ Passed The pull request title "Workflows: nightly build and sync" directly and accurately summarizes the two main changes being introduced: the addition of a nightly workflow for building and publishing the clonerefs binary (nightly-clonerefs.yml) and a nightly workflow for synchronizing with the upstream repository (nightly-sync.yaml). The title is concise, specific, and clearly conveys the purpose of the changeset without vague language or unnecessary details.
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f6b4c61 and c31a9ba.

📒 Files selected for processing (2)
  • .github/workflows/nightly-clonerefs.yml (1 hunks)
  • .github/workflows/nightly-sync.yaml (1 hunks)

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Oct 24, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (4)
.github/workflows/nightly-clonerefs.yml (3)

29-30: Consider specifying an explicit Go version for reproducible builds.

Without pinning a Go version in setup-go, builds may differ if the Go version changes. This could lead to inconsistent binaries across different nightly builds or when troubleshooting issues.

       - name: Set up Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v5
+        with:
+          go-version: '1.22'  # or your target version

24-27: Simplify checkout configuration for build-only workflow.

The fetch-depth: 0 option fetches the entire Git history, which is unnecessary for building a binary. This adds unnecessary overhead to the checkout step.

       - name: Checkout code
         uses: actions/checkout@v4
-        with:
-          fetch-depth: 0

45-51: Release overwrite pattern is acceptable but limits artifact history.

Using a fixed nightly tag with overwrite_files: true will replace previous builds each night. This is a common pattern for rolling releases but means prior nightly artifacts won't be retained in releases. If you need artifact retention, consider appending the date or build number to the tag (e.g., nightly-{{ github.run_id }}).

.github/workflows/nightly-sync.yaml (1)

16-20: Consider adding workflow notifications for sync failures.

The current sync step lacks explicit error handling or notifications. If the sync fails, it may go unnoticed. Consider adding a notification step (Slack, email, or issue comment) to alert on failures.

      - name: Sync fork with upstream
        run: gh repo sync $REPOSITORY -b $BRANCH_NAME
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          REPOSITORY: ${{ github.repository }}
          BRANCH_NAME: ${{ github.ref_name }}
      
      - name: Notify on sync failure
        if: failure()
        run: echo "Fork sync failed. Check workflow logs."
        # Consider adding Slack/email notification here
📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8287407 and f6b4c61.

📒 Files selected for processing (2)
  • .github/workflows/nightly-clonerefs.yml (1 hunks)
  • .github/workflows/nightly-sync.yaml (1 hunks)
🔇 Additional comments (2)
.github/workflows/nightly-clonerefs.yml (1)

32-43: Binary build and checksum logic is well-implemented.

The build step properly configures cross-compilation with explicit GOOS/GOARCH, disables CGO for static linking, and strips symbols. SHA256 checksums are correctly generated for integrity verification.

.github/workflows/nightly-sync.yaml (1)

1-20: Fork sync workflow is well-configured.

The workflow correctly uses gh repo sync with appropriate permissions scoping (contents: write). The repository guard and environment variable setup (REPOSITORY and BRANCH_NAME) follow best practices. The attribution to the upstream source is appreciated.

@pmtk pmtk merged commit 3a582f8 into microshift-io:main Oct 24, 2025
1 check was pending
@pmtk pmtk deleted the workflows branch October 27, 2025 07:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pmtk