chore(ci): Better local running

[AndesKrrrrrrrrrrr]

• Make get-cache use shell instead of script (better for local testing)
• Minor linting and conformance
• Better cypress overrides
• Make Stickman (last good build) fall back to all affected

Summary by CodeRabbit

Summary by CodeRabbit

• Chores

  • Updated GitHub Actions workflow configuration
  • Refined CI script for build tag preparation
  • Enhanced cache configuration for dynamic path assignment

• New Features

  • Added new input parameter for cache URL in GitHub Action
  • Improved environment setup and debugging capabilities in workflows
  • Enhanced configurability of the Cypress cache path

• Bug Fixes

  • Added error handling for build reference retrieval
  • Implemented more robust permission checking in workflows

[coderabbitai]

Walkthrough

The pull request introduces modifications to GitHub Actions configuration, CI scripts, and cache handling. The changes focus on improving environment variable management, cache URL configuration, and build process robustness. Key updates include adding a new cache-url input parameter, refining workflow steps for pull request handling, enhancing error handling in build preparation scripts, and making the Cypress cache path more dynamically configurable.

Changes

File	Change Summary
.github/actions/get-cache/action.yml	Added cache-url input parameter, renamed github-token to GITHUB_TOKEN, modified logic for ACTIONS_CACHE_URL based on the new input, updated paths for COREPACK_HOME and CYPRESS_CACHE_FOLDER to use $HOME.
.github/workflows/pullrequest.yml	Added debugging step for home directory, updated checkout process to use -m option, modified permission checking logic with conditions, refined environment variable conditions based on pull request labels, renamed unit test step to "Run unit tests," added condition to skip artifact uploads when running locally.
scripts/ci/00_prepare-base-tags.sh	Enhanced error handling for last good build retrieval, added Slack notification for invalid build references, streamlined BASE variable export, logged completion of the "Stickman" process.
scripts/ci/cache/__config.mjs	Made Cypress cache path dynamically configurable using environment variables, updated cache configuration to reflect new cypressPath.

Possibly related PRs

• ci: making it easier to upgrade node #14472: GitHub Actions workflow modifications that may interact with caching mechanisms.
• Revert "ci: making it easier to upgrade node" #14967: Reverts changes related to Node.js version handling and caching.
• ci: cache refactor #15103: Refactors caching mechanisms in CI.

Suggested labels

automerge

Suggested reviewers

• busla
• eirikurn
• peturgq

---

📜 Recent review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b57361f and cf6173d.

📒 Files selected for processing (1)

• .github/workflows/pullrequest.yml (6 hunks)

🧰 Additional context used

📓 Learnings (1)

.github/workflows/pullrequest.yml (1)

Learnt from: AndesKrrrrrrrrrrr
PR: island-is/island.is#17432
File: .github/workflows/pullrequest.yml:71-75
Timestamp: 2025-01-09T12:32:05.402Z
Learning: In `.github/workflows/pullrequest.yml`, the `-m` flag is intentionally used with `git checkout` commands to preserve uncommitted changes when running the workflow locally with `act`. While unnecessary in GitHub Actions environment where the workspace is always clean, it's beneficial for local development workflow.

🔇 Additional comments (5)

.github/workflows/pullrequest.yml (5)

43-49: LGTM: Debug step helps with local development.

The debug step is a good addition that helps troubleshoot environment setup issues when running locally with act.

---

71-75: Intentional use of -m flag for local development.

The -m flag is correctly used here to preserve uncommitted changes when running the workflow locally with act.

---

89-90: LGTM: Skip artifact upload for local runs.

Good optimization to skip the artifact upload step when running locally.

---

224-225: LGTM: Improved step naming.

The step name has been updated to be more descriptive, improving workflow readability.

---

128-129: Verify permission check conditions.

The conditions for permission checks have been updated to handle local runs and admin permissions correctly. However, ensure that the error messages in the step summary are clear and actionable.

Also applies to: 132-132, 137-137

✅ Verification successful

Permission checks and error messages are properly implemented

The permission checks are correctly implemented with clear, actionable error messages. The step summary includes:

• Warning header for visibility
• User identification
• Clear explanation of required permissions

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify error messages in step summary for permission checks
rg -A 2 "GITHUB_STEP_SUMMARY" .github/workflows/

Length of output: 853

---

Script:

#!/bin/bash
# Search for permission-related conditions and messages in workflows
rg -i "permission|if:|!github" .github/workflows/

Length of output: 6878

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

.github/actions/get-cache/action.yml (1)

44-45: Consider documenting cache path configuration.

The cache paths have been updated to use $HOME, which is more portable. Consider adding a comment explaining why these specific paths were chosen.

Add documentation:

+        # Use $HOME for cache paths to ensure consistent permissions and portability
         export COREPACK_HOME="$HOME/.corepack-cache"
         export CYPRESS_CACHE_FOLDER="$HOME/.cypress-cache"

.github/workflows/pullrequest.yml (1)

105-110: Consider using GitHub Actions environment files.

Instead of directly setting environment variables in the script, consider using GitHub Actions environment files for better maintainability.

-        run: |
-          set -euo pipefail
-          echo "HEAD=$GITHUB_SHA" >> "$GITHUB_ENV"
+        run: |
+          {
+            echo "HEAD=$GITHUB_SHA"
+            echo "SHELL=/usr/bin/bash"
+            echo "WORKFLOW_ID=pullrequest"
+          } >> "$GITHUB_ENV"

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ace662d and 9121da3.

📒 Files selected for processing (2)

• .github/actions/get-cache/action.yml (3 hunks)
• .github/workflows/pullrequest.yml (6 hunks)

🔇 Additional comments (6)

.github/actions/get-cache/action.yml (2)

7-9: LGTM! Well-structured input parameter definition.

The new cache-url input parameter is properly defined with a clear description and sensible default value.

---

24-32: Verify cache URL configuration in different environments.

The cache URL configuration has been made environment-aware, but we should verify its behavior in different scenarios.

Run this script to check the cache URL configuration:

✅ Verification successful

Cache URL configuration verified successfully

The cache URL configuration correctly handles different environments and maintains consistency across workflow files. The environment-aware implementation properly manages:

• Local development runs
• GitHub Actions environment
• Environment variable propagation

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify cache URL configuration across different environments
# Test: Check if the cache URL is properly configured in the workflow
rg -A 3 "ACTIONS_CACHE_URL" .github/workflows/
# Test: Check if there are any hardcoded cache URLs that should use the new parameter
rg -i "cache.*\.is"

Length of output: 86076

.github/workflows/pullrequest.yml (4)

43-49: LGTM! Helpful debug information added.

The debug step provides useful information for troubleshooting local runs, especially when using act.

---

89-90: LGTM! Proper local run handling.

The condition to skip artifact upload during local runs is appropriate.

---

128-129: Fix permission check error handling.

The permission check logic has been updated with continue-on-error, but the conditions still need to be consistent.

Also applies to: 132-132, 137-137

---

224-225: LGTM! Improved step naming.

The step name has been updated to be more descriptive, which improves workflow readability.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 35.60%. Comparing base (b892a0d) to head (cf6173d).
Report is 21 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #17432      +/-   ##
==========================================
+ Coverage   35.57%   35.60%   +0.02%     
==========================================
  Files        7027     7016      -11     
  Lines      150413   150224     -189     
  Branches    42930    42878      -52     
==========================================
- Hits        53516    53493      -23     
+ Misses      96897    96731     -166     

Flag	Coverage Δ
services-auth-public-api	49.39% <ø> (ø)
services-user-profile	56.99% <ø> (ø)
shared-components	29.47% <ø> (ø)
shared-form-fields	33.38% <ø> (ø)
shared-mocking	58.64% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

see 59 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6cd8e3a...cf6173d. Read the comment docs.

[datadog-island-is]

Datadog Report

All test runs 84f2b6e 🔗

✅ 10 Total Test Services: 0 Failed, 10 Passed
🔻 Test Sessions change in coverage: 3 decreased, 29 increased, 154 no change

Test Services

This report shows up to 10 services

Service Name	Failed	Known Flaky	New Flaky	Passed	Skipped	Total Time	Code Coverage Change	Test Service View
air-discount-scheme-backend	0	0	0	63	0	23.99s	N/A	Link
air-discount-scheme-web	0	0	0	2	0	8.11s	N/A	Link
api	0	0	0	4	0	3.13s	N/A	Link
api-catalogue-services	0	0	0	23	0	9.13s	N/A	Link
api-domains-air-discount-scheme	0	0	0	6	0	18.75s	N/A	Link
api-domains-assets	0	0	0	3	0	11.82s	N/A	Link
api-domains-auth-admin	0	0	0	18	0	14.98s	N/A	Link
api-domains-communications	0	0	0	5	0	35.78s	N/A	Link
api-domains-criminal-record	0	0	0	5	0	9.69s	N/A	Link
api-domains-driving-license	0	0	0	23	0	31.28s	N/A	Link

🔻 Code Coverage Decreases vs Default Branch (3)

• message-queue - jest 67.46% (-0.8%) - Details
• clients-middlewares - jest 75.67% (-0.19%) - Details
• icelandic-names-registry-backend - jest 59.77% (-0.03%) - Details

[brynjarorng]

One minor comment

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (4)

.github/actions/get-cache/action.yml (2)

7-9: Consider making the cache URL configurable through environment variables.

The hardcoded cache URL in the default value might not be suitable for all environments. Consider making it more configurable.

   cache-url:
     description: 'Cache URL'
-    default: 'https://cache.dev01.devland.is/'
+    default: '${{ env.CACHE_URL || "https://cache.dev01.devland.is/" }}'

---

24-25: Improve local development experience.

The condition for skipping when running locally is good, but the error handling could be improved to provide better feedback.

       # Skip when running locally
       if: ${{ !github.event.localrun }}
+      continue-on-error: true
       uses: actions/github-script@v7
       env:
         cache-url: ${{ inputs.cache-url }}
         github-token: ${{ inputs.GITHUB_TOKEN }}
       with:
         script: |
+          if (!process.env['cache-url']) {
+            core.warning('Cache URL not set, using default')
+          }
           core.exportVariable('ACTIONS_CACHE_URL', process.env['cache-url'])

Also applies to: 28-32

.github/workflows/pullrequest.yml (2)

43-49: Consider adding error handling for directory creation.

While creating the home directory is helpful for local development, the script should handle potential permission issues.

       - name: Debug home etc.
         run: |
+          set -euo pipefail
           echo "User: HOME=$HOME, PWD=$PWD, id=$(id)"
-          mkdir -p "$HOME"
+          if ! mkdir -p "$HOME" 2>/dev/null; then
+            echo "::warning::Failed to create home directory, continuing anyway"
+          fi
           ls -lah "$HOME"

---

105-110: Consider using GitHub Actions default environment variables.

Some of the environment variables being set are already available as default GitHub Actions environment variables.

         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          HTML_URL: ${{ github.event.pull_request.html_url }}
+          # Using default GITHUB_EVENT_PATH instead of explicit HTML_URL
           ISSUE_REPORTING_SLACK_WEBHOOK_URL: ${{ secrets.SLACK_BUILD_ISSUES_REPORTING_WEBHOOK_URL }}

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9121da3 and b57361f.

📒 Files selected for processing (2)

• .github/actions/get-cache/action.yml (3 hunks)
• .github/workflows/pullrequest.yml (6 hunks)

🧰 Additional context used

📓 Learnings (1)

.github/workflows/pullrequest.yml (1)

Learnt from: AndesKrrrrrrrrrrr
PR: island-is/island.is#17432
File: .github/workflows/pullrequest.yml:71-75
Timestamp: 2025-01-09T12:32:05.402Z
Learning: In `.github/workflows/pullrequest.yml`, the `-m` flag is intentionally used with `git checkout` commands to preserve uncommitted changes when running the workflow locally with `act`. While unnecessary in GitHub Actions environment where the workspace is always clean, it's beneficial for local development workflow.

🔇 Additional comments (3)

.github/actions/get-cache/action.yml (1)

44-45: Verify cache paths are created with appropriate permissions.

Using $HOME for cache paths is a good practice, but ensure the directories are created with appropriate permissions.

✅ Verification successful

Cache directory permissions are handled automatically ✅

The cache directories are managed automatically by GitHub Actions, Corepack, and Cypress. These tools handle directory creation and permissions internally, requiring no explicit permission setup. The environment variables only configure the cache locations, and there's no evidence of permission issues in the workflow logs.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check if cache directories are created with correct permissions
# Test: Look for any file permission issues in the workflow logs
rg "permission denied.*\.cache" .github/workflows/

Length of output: 52

---

Script:

#!/bin/bash
# Check for cache operations using these paths
rg -l "corepack-cache|cypress-cache" .github/

# Look for directory creation commands
rg "mkdir.*cache" .github/

# Check cache action usage
rg "actions/cache" .github/

Length of output: 688

.github/workflows/pullrequest.yml (2)

71-75: LGTM! The -m flag is intentionally used for local development.

Based on the retrieved learnings, the -m flag is intentionally used to preserve uncommitted changes when running the workflow locally with act.

---

224-225: LGTM! Improved step naming.

The step naming has been improved to be more descriptive, which enhances workflow readability.

[brynjarorng]

LGTM