Enable docker layer caching for dry-run and nightly container builds#36738
Enable docker layer caching for dry-run and nightly container builds#36738lunny merged 9 commits intogo-gitea:mainfrom
dry-run and nightly container builds#36738Conversation
Add cache-from/cache-to with GitHub Actions cache backend to all docker/build-push-action steps to speed up container image builds by reusing cached layers across runs. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
GiteaBot
added
the
lgtm/need 2
silverwind
added
the
skip-changelog
silverwind
changed the title
silverwind
changed the title
There was a problem hiding this comment.
Pull request overview
Enables GitHub Actions cache-backed layer caching for Docker Buildx builds across release and PR container workflows to speed up repeated builds.
Changes:
- Added
cache-from: type=ghaandcache-to: type=gha,mode=maxto regular and rootless container build steps in tag-based release workflows. - Added the same GitHub Actions cache configuration to nightly and PR dry-run multi-arch container builds.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 8 comments.
| File | Description |
|---|---|
| .github/workflows/release-tag-version.yml | Adds GitHub Actions cache import/export to release container builds. |
| .github/workflows/release-tag-rc.yml | Adds GitHub Actions cache import/export to RC container builds. |
| .github/workflows/release-nightly.yml | Adds GitHub Actions cache import/export to nightly container builds. |
| .github/workflows/pull-docker-dryrun.yml | Adds GitHub Actions cache import/export to PR dry-run container builds. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
The `cache-to: type=gha` directive requires `actions: write` permission to export the BuildKit cache to the GitHub Actions cache. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Fork PRs cannot write to the GHA cache even with actions: write permission. Only keep cache-from since the nightly workflow will keep the cache populated. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 4 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Only keep layer caching for dry-run and nightly builds where it provides consistent benefit. Release builds happen too infrequently for the cache to be useful and caching could lead to stale Alpine packages in release images. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
silverwind
changed the title
silverwind
changed the title
dry-run and nightly container builds
GiteaBot
added
lgtm/need 1
|
oh btw, why cache to GHA and not registry? Any specific reason? |
|
Which registry would it use? I want this to be reliable so if you suggest a private registry as cache, I don't think it would be as reliable as GHA. |
|
ghcr? I don't have experience with GHA cache and buildkit so it's mostly a question why that over a registry - not a request to change to one. |
|
No particular reason. I basically asked Claude to suggest a caching and the only thing it suggested was GHA cache. |
|
I checked the registry topic and it's probably the cleaner approach given that GHA cache is shared with other artifacts like dependency caches. So registry is likely a better option given that there is practically no size limit there. |
Use registry-type cache stored at ghcr.io/go-gitea/gitea:buildcache instead of GitHub Actions cache. Registry cache has no size limit unlike the 10GB GHA cache. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
Using registry. No auth necessary as the write action already has auth and the read action needs not auth for a public repo. |
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
silverwind
changed the title
dry-run and nightly container buildsdry-run and nightly container builds
GiteaBot
added
lgtm/done
lunny
added
topic/build
GiteaBot
removed
the
reviewed/wait-merge
* giteaofficial/main: (21 commits) Enable docker layer caching for `dry-run` and `nightly` container builds (go-gitea#36738) Add admin badge to navbar avatar (go-gitea#36790) WorkflowDispatch api optionally return runid (go-gitea#36706) upgrade minimatch (go-gitea#36760) Add `never` option to `PUBLIC_URL_DETECTION` configuration (go-gitea#36785) Refactor avatar package, support default avatar fallback (go-gitea#36788) Mark unused&immature activitypub as "not implemented" (go-gitea#36789) Add “Copy Source” to markup comment menu (go-gitea#36726) Update Nix flake (go-gitea#36787) Implements OIDC RP-Initiated Logout (go-gitea#36724) Fix README symlink resolution in subdirectories like .github (go-gitea#36775) [skip ci] Updated translations via Crowdin Correct spelling (go-gitea#36783) refactor: replace legacy tw-flex utility classes with flex-text-block/inline (go-gitea#36778) Fix `no-content` message not rendering after comment edit (go-gitea#36733) Fix typos and grammar in English locale (go-gitea#36751) Move Fomantic dropdown CSS to custom module (go-gitea#36530) Use "Enable Gravatar" but not "Disable" (go-gitea#36771) feat: add branch_count to repository API (go-gitea#35351) (go-gitea#36743) Deprecate RenderWithErr (go-gitea#36769) ...
|
It seems the container build still have uncached go/js dependencies and these regularily fail because of gitea.com/codeberg.org downtime: https://github.com/go-gitea/gitea/actions/runs/22816127536/job/66181314879 I guess we can extract the dependencies into a separate docker layer so they are always cached until go.sum / pnpm-lock.yml changes, eliminating these downloads on every run. |
#36864 will fix that. |
Enable Docker BuildKit layer caching for the dry-run and nightly container build workflows using GHCR registry cache.
pull-docker-dryrun.yml): addscache-from, read-only, PRs can't write cacherelease-nightly.yml): addscache-fromandcache-toto both read and write cach