Skip to content

Parallelize launch infrastructure steps and cleanup comments#642

Merged
forstmeier merged 1 commit intomasterfrom
cleanup-workflow-definitions
Dec 24, 2025
Merged

Parallelize launch infrastructure steps and cleanup comments#642
forstmeier merged 1 commit intomasterfrom
cleanup-workflow-definitions

Conversation

@forstmeier
Copy link
Copy Markdown
Collaborator

@forstmeier forstmeier commented Dec 24, 2025

Overview

Changes

  • make build and push steps run in parallel
  • remove all schedule comments

Comments

Speeding up the workflow execution time a bit.

Summary by CodeRabbit

  • Chores
    • Cleaned up GitHub Actions workflow configurations by removing inline comments
    • Optimized infrastructure deployment workflow with matrix-driven build strategy for multi-service builds
    • Streamlined cron schedule expressions for improved readability

✏️ Tip: You can customize this high-level summary in your review settings.

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai Bot commented Dec 24, 2025

Walkthrough

This PR modifies four GitHub Actions workflow files. The create_or_update_portfolio.yaml, sync_data.yaml, and teardown_infrastructure.yaml workflows have minor changes: removal of inline cron comments and simplification of weekday cron expressions from lists (1,2,3,4,5) to range notation (1-5). The launch_infrastructure.yaml workflow undergoes substantial restructuring: it introduces a matrix strategy to parallelize building and pushing multiple services (datamanager, portfoliomanager, equitypricemodel), replaces hardcoded service references with matrix variables, generalizes the AWS IAM role reference, and separates the deploy phase into a distinct job that depends on the completed build_and_push job.

Possibly related PRs

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly summarizes the two main changes: parallelizing build/push steps using matrix strategy and removing comments from workflow files.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch cleanup-workflow-definitions

📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 22e3494 and 31b650a.

📒 Files selected for processing (4)
  • .github/workflows/create_or_update_portfolio.yaml
  • .github/workflows/launch_infrastructure.yaml
  • .github/workflows/sync_data.yaml
  • .github/workflows/teardown_infrastructure.yaml
🧰 Additional context used
🧠 Learnings (1)
📚 Learning: 2025-12-23T16:45:01.573Z
Learnt from: CR
Repo: pocketsizefund/pocketsizefund PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-12-23T16:45:01.573Z
Learning: Place Pulumi infrastructure as code in the `infrastructure/` folder

Applied to files:

  • .github/workflows/launch_infrastructure.yaml
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: Run Rust code checks
🔇 Additional comments (8)
.github/workflows/create_or_update_portfolio.yaml (1)

5-5: LGTM!

The removal of the inline cron comment is a clean, cosmetic change that aligns with the PR objective to clean up workflow definitions. The cron expression itself remains valid and unchanged.

.github/workflows/teardown_infrastructure.yaml (1)

5-5: LGTM!

The change from explicit weekday list notation (1,2,3,4,5) to range notation (1-5) is semantically equivalent and more concise. This is a clean improvement that aligns with standard cron expression practices.

.github/workflows/sync_data.yaml (1)

5-5: LGTM!

The removal of the inline cron comment is consistent with the PR's cleanup objectives. The cron expression remains valid and the workflow functionality is preserved.

.github/workflows/launch_infrastructure.yaml (5)

5-5: LGTM!

The change from explicit weekday list to range notation (1-5) is semantically equivalent and more concise, consistent with changes in other workflow files.


13-25: Matrix strategy correctly implements parallelization.

The matrix configuration will create three parallel jobs for building and pushing each service, achieving the PR objective to speed up workflow execution. The job name correctly references ${{ matrix.service }}.

By default, GitHub Actions matrix jobs use fail-fast: true, meaning if one service build fails, the remaining builds are cancelled. If you want all builds to complete even when one fails, add:

 strategy:
+  fail-fast: false
   matrix:

Additionally, verify that the three services (datamanager, portfoliomanager, equitypricemodel) can safely build in parallel without resource conflicts or shared dependencies.


44-67: Deploy job correctly depends on all matrix build jobs.

The new deploy job structure is well-designed:

  • The needs: build_and_push dependency ensures deployment only runs after ALL three matrix jobs complete successfully
  • Proper separation of concerns: parallel builds for speed, sequential deploy for safety
  • Repeating setup steps (checkout, AWS credentials, Flox) is necessary since each job runs on a fresh runner

The deploy job assumes Pulumi will deploy the newly built images from ECR. Verify that:

  1. The Pulumi deployment (mask infrastructure stack up) references the correct image tags or uses "latest"
  2. The deployment is idempotent and safe to run after parallel builds complete
  3. If any build_and_push job fails, the deploy job is skipped (default behavior)

Also, the concurrency setting (cancel-in-progress: false) ensures multiple workflow runs don't interfere with each other, which is correct for infrastructure deployment.


36-43: Matrix-based build and push steps are correct.

The generalized build and push commands correctly use ${{ matrix.service }} with all three services (datamanager, portfoliomanager, equitypricemodel) in the matrix. The mask infrastructure images build and mask infrastructure images push commands are properly defined in maskfile.md to accept application name and stage name parameters, and all services exist in the codebase. The "server" stage argument is a valid Docker build target used in each service's Dockerfile.


29-33: Ensure AWS IAM role and secrets are configured correctly for parallel matrix jobs.

This workflow uses a matrix strategy to run 3 parallel jobs (datamanager, portfoliomanager, equitypricemodel) that each assume the same IAM role via OIDC. AWS IAM supports concurrent session assumptions, so multiple parallel jobs can safely assume the same role—each receives unique temporary credentials.

For this setup to work, verify that:

  1. The AWS_IAM_INFRASTRUCTURE_ROLE_ARN secret is configured in the repository or pulumi environment with a valid IAM role ARN
  2. The IAM role's trust policy allows the GitHub Actions OIDC provider to assume it (provider: token.actions.githubusercontent.com)
  3. The role has permissions for ECR operations (push/pull) required by mask infrastructure images push
  4. The AWS_REGION and PULUMI_ACCESS_TOKEN secrets are also configured

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR optimizes the launch infrastructure workflow by parallelizing Docker image build and push operations, and removes timezone-specific comments from cron schedules across all workflow files for cleaner maintainability.

Key changes:

  • Refactored launch infrastructure workflow to use matrix strategy for parallel service builds
  • Updated AWS IAM role secret reference from AWS_INFRASTRUCTURE_ROLE_ARN to AWS_IAM_INFRASTRUCTURE_ROLE_ARN
  • Removed timezone conversion comments from cron schedules in all workflow files

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File Description
.github/workflows/launch_infrastructure.yaml Restructured to parallelize build/push steps using matrix strategy and separated deployment into its own job
.github/workflows/teardown_infrastructure.yaml Removed timezone comment from cron schedule
.github/workflows/sync_data.yaml Removed timezone comment from cron schedule
.github/workflows/create_or_update_portfolio.yaml Removed timezone comment from cron schedule

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/workflows/launch_infrastructure.yaml
@forstmeier forstmeier merged commit 5872907 into master Dec 24, 2025
4 checks passed
@forstmeier forstmeier deleted the cleanup-workflow-definitions branch December 26, 2025 02:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants