Skip to content

adding action/cache #75

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 26 commits into
base: main
Choose a base branch
from
Open

adding action/cache #75

wants to merge 26 commits into from

Conversation

hamzabouissi
Copy link
Contributor

@hamzabouissi hamzabouissi commented May 29, 2025

PR Type

enhancement


Description

  • Add Terraform plugin cache directory setup and caching.

  • Integrate GitHub Actions cache for plugin cache directory.

  • Add debug step to list plugin cache contents.


Changes walkthrough 📝

Relevant files
Enhancement
action.yml
Add and cache Terraform plugin cache directory in workflow

action.yml

  • Set TF_PLUGIN_CACHE_DIR environment variable for plugin caching.
  • Add step to ensure the plugin cache directory exists.
  • Integrate actions/cache to cache the plugin cache directory.
  • Add debug step to list plugin cache contents after validation.
  • +26/-1   

    Need help?
  • Type /help how to ... in the comments thread for any questions about Qodo Merge usage.
  • Check out the documentation for more information.
  • @Copilot Copilot AI review requested due to automatic review settings May 29, 2025 16:18
    Copy link

    PR Checklist (required):

    • Is the README.md up to date?
    • Code tested appropriately (end-to-end considered)?
    • Did you review any AI provided feedback?

    Copy link

    PR Reviewer Guide 🔍

    Here are some key observations to aid the review process:

    ⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪
    🧪 No relevant tests
    🔒 No security concerns identified
    ⚡ Recommended focus areas for review

    Cache Key Strategy

    The cache key is hardcoded as "tenant-tofu-plugin-cache" without incorporating any versioning or content hash. This could lead to stale cache issues when dependencies change.

    key: tenant-tofu-plugin-cache
    restore-keys: |
      tenant-tofu-plugin-cache
    Debug Step Configuration

    The debug step to list plugin cache contents runs on every workflow execution (due to if: always()). Consider making this conditional on a debug flag input to avoid unnecessary output in normal runs.

    - name: List Plugin Cache Contents
      if: always() # Run even if previous steps fail, for debugging
      run: |
        echo "Contents of TF_PLUGIN_CACHE_DIR (${{ env.TF_PLUGIN_CACHE_DIR }}):"
        ls -R ${{ env.TF_PLUGIN_CACHE_DIR }}

    Copy link

    codiumai-pr-agent-free bot commented May 29, 2025

    PR Code Suggestions ✨

    Explore these optional code suggestions:

    CategorySuggestion                                                                                                                                    Impact
    General
    Improve cache key specificity

    The cache key is hardcoded as 'tenant-tofu-plugin-cache', which could cause
    cache conflicts across different repositories or workflows. Use a more specific
    cache key that includes the runner OS and a hash of the lock file to ensure
    proper cache isolation and invalidation.

    action.yml [98-108]

     - name: Cache Terraform Plugin Cache Directory
       uses: actions/cache@v4
       id: cache-tf-plugin-dir
       with:
         path: ${{ env.TF_PLUGIN_CACHE_DIR }}
    -    # Use a key that makes sense for your setup.
    -    # Hashing .terraform.lock.hcl is good if you have one at the root
    -    # or a specific one for the validated project.
    -    key: tenant-tofu-plugin-cache
    +    key: tofu-plugin-cache-${{ runner.os }}-${{ hashFiles('**/.terraform.lock.hcl') }}
         restore-keys: |
    -      tenant-tofu-plugin-cache
    +      tofu-plugin-cache-${{ runner.os }}-
    • Apply / Chat
    Suggestion importance[1-10]: 7

    __

    Why: The suggestion correctly identifies that using a hardcoded cache key tenant-tofu-plugin-cache could cause conflicts across repositories. Using runner.os and lock file hash improves cache isolation and invalidation.

    Medium
    Add missing shell specification
    Suggestion Impact:The commit implemented the suggestion by adding a shell specification, but in an incorrect way. Instead of adding 'shell: bash' as a separate line, it replaced 'run:' with 'shell:' which is not the correct syntax for GitHub Actions.

    code diff:

         - name: Ensure TF_PLUGIN_CACHE_DIR exists
    -      run: mkdir -p ${{ env.TF_PLUGIN_CACHE_DIR }}
    +      shell: mkdir -p /github/workspace/.terraform.d/plugin-cache

    The 'run' command is missing the shell specification, which could cause
    compatibility issues across different operating systems. Add the shell
    specification to ensure consistent behavior across all GitHub runners.

    action.yml [95-96]

     - name: Ensure TF_PLUGIN_CACHE_DIR exists
    +  shell: bash
       run: mkdir -p ${{ env.TF_PLUGIN_CACHE_DIR }}

    [Suggestion processed]

    Suggestion importance[1-10]: 6

    __

    Why: Adding shell: bash specification is a good practice for cross-platform compatibility in GitHub Actions, ensuring consistent behavior across different runner operating systems.

    Low
    Limit debug step execution
    Suggestion Impact:The commit completely removed the debugging step that was previously set to run with 'if: always()' by commenting it out, which addresses the suggestion's concern about unnecessary debug output, though in a different way than proposed

    code diff:

    -    - name: List Plugin Cache Contents
    -      if: always() # Run even if previous steps fail, for debugging
    -      run: |
    -        echo "Contents of TF_PLUGIN_CACHE_DIR (${{ env.TF_PLUGIN_CACHE_DIR }}):"
    -        ls -R ${{ env.TF_PLUGIN_CACHE_DIR }}
    +    # - name: List Plugin Cache Contents
    +    #   if: always() # Run even if previous steps fail, for debugging
    +    #   run: |
    +    #     echo "Contents of TF_PLUGIN_CACHE_DIR (${{ env.TF_PLUGIN_CACHE_DIR }}):"
    +    #     ls -R ${{ env.TF_PLUGIN_CACHE_DIR }}

    The debugging step is set to run on every workflow execution with 'if:
    always()'. This could expose sensitive information in logs and add unnecessary
    output. Consider making this step conditional or removing it from the production
    workflow.

    action.yml [135-139]

     - name: List Plugin Cache Contents
    -  if: always() # Run even if previous steps fail, for debugging
    +  if: inputs.debug == 'true' || failure()
       run: |
         echo "Contents of TF_PLUGIN_CACHE_DIR (${{ env.TF_PLUGIN_CACHE_DIR }}):"
         ls -R ${{ env.TF_PLUGIN_CACHE_DIR }}

    [Suggestion processed]

    Suggestion importance[1-10]: 4

    __

    Why: While the concern about always() running debug output is valid, the suggested solution references an undefined inputs.debug parameter that doesn't exist in the action inputs, making the implementation incorrect.

    Low
    • Update

    Copy link

    @Copilot Copilot AI left a comment

    Choose a reason for hiding this comment

    The reason will be displayed to describe this comment to others. Learn more.

    Pull Request Overview

    This PR adds caching for the Terraform plugin directory in the composite GitHub Action to speed up workflow runs and optionally inspect the cache contents.

    • Introduces TF_PLUGIN_CACHE_DIR environment variable
    • Ensures the plugin cache directory exists and is persisted using actions/cache
    • Adds a debug step to list cache contents
    Comments suppressed due to low confidence (1)

    action.yml:135

    • [nitpick] Consider gating this debug step behind an input flag or removing it in production to avoid cluttering logs.
    - name: List Plugin Cache Contents
    

    action.yml Outdated
    # Use a key that makes sense for your setup.
    # Hashing .terraform.lock.hcl is good if you have one at the root
    # or a specific one for the validated project.
    key: tenant-tofu-plugin-cache
    Copy link
    Preview

    Copilot AI May 29, 2025

    Choose a reason for hiding this comment

    The reason will be displayed to describe this comment to others. Learn more.

    Use a dynamic cache key to automatically bust the cache when dependencies change. For example:
    key: tenant-tofu-plugin-cache-${{ hashFiles('**/.terraform.lock.hcl') }}

    Suggested change
    key: tenant-tofu-plugin-cache
    key: tenant-tofu-plugin-cache-${{ hashFiles('**/.terraform.lock.hcl') }}

    Copilot uses AI. Check for mistakes.

    action.yml Outdated
    @@ -112,6 +129,14 @@ runs:
    workspace: ${{ inputs.workspace }}
    backend_config: ${{ inputs.backend_config }}
    backend_config_file: ${{ inputs.backend_config_file }}


    #You can add a step to see the contents of the plugin cache for debugging if needed
    Copy link
    Preview

    Copilot AI May 29, 2025

    Choose a reason for hiding this comment

    The reason will be displayed to describe this comment to others. Learn more.

    [nitpick] Add a space after the hash for consistency with comment style, e.g.:

    You can add a step to see the contents of the plugin cache for debugging if needed

    Suggested change
    #You can add a step to see the contents of the plugin cache for debugging if needed
    # You can add a step to see the contents of the plugin cache for debugging if needed

    Copilot uses AI. Check for mistakes.

    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Projects
    None yet
    Development

    Successfully merging this pull request may close these issues.

    1 participant