feat(workflow): replace dispatch-based ci-ready with centralized CI status poller#7674
Open
feat(workflow): replace dispatch-based ci-ready with centralized CI status poller#7674
Conversation
BYK
force-pushed
the
feat/ci-status-poller
branch
8 times, most recently
from
b9db9cd to
953ad6f
Compare
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
.github/workflows/ci-poller.yml
Outdated
| # CI is ready when: commit status is success (or no statuses reported) | ||
| # AND no check runs are still pending AND none have failed | ||
| if [[ ("$commit_status" == "success" || "$commit_status" == "pending") \ | ||
| && "$pending_checks" == "0" && "$failed_checks" == "0" ]]; then |
There was a problem hiding this comment.
Pending commit status conflated with absent statuses
Medium Severity
The condition allows commit_status == "pending" to pass through, but the GitHub combined status API returns "pending" both when no statuses exist (repo uses only check runs) and when an actual status context is still pending. For repos that use both commit statuses and check runs, this could mark CI as ready while legacy status checks are still running.
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
BYK
force-pushed
the
feat/ci-status-poller
branch
from
953ad6f to
b25e625
Compare
BYK
force-pushed
the
feat/ci-status-poller
branch
from
b25e625 to
ca538ee
Compare
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
There are 3 total unresolved issues (including 1 from previous review).
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
ci-pending.yml: triggered on issues:opened, adds ci-pending label and sets CI_POLLER_HAS_PENDING repo variable to "true". ci-poller.yml: cron (*/5 min) with job-level if that checks vars.CI_POLLER_HAS_PENDING — when "false", no runner is provisioned (zero cost). When "true", checks CI status for all ci-pending issues and flips to ci-ready when green. Resets variable to "false" when all pending issues are resolved. Requires creating a CI_POLLER_HAS_PENDING repo variable (initial value: "false") before deploying.
BYK
force-pushed
the
feat/ci-status-poller
branch
from
ca538ee to
296cb5a
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Replace per-release idle polling inside Docker containers with a cron-based CI status poller gated by a repo variable. Zero changes needed in craft or target repos.
How it works
Two new workflow files:
ci-pending.yml— triggered onissues: openedWhen a new publish issue is created, adds the
ci-pendinglabel and setsCI_POLLER_HAS_PENDINGrepo variable totrueto activate the cron poller.ci-poller.yml— cron every 5 minutesif: vars.CI_POLLER_HAS_PENDING == 'true'— whenfalse, no runner is provisioned. Zero cost.true: fetches allci-pendingissues, extracts the commit SHA from the "View check runs" link in each issue body, checks CI status via GitHub APIci-pendingwithci-readylabel (using GitHub App token so the label event triggerspublish.yml)false, disabling the cron until the next releaseExisting
publish.ymlgate (merged in #7664)accepted+ noci-pending→ publish (old repos with legacy polling, or new repos where CI passed)accepted+ci-pending→ skip (waiting-for-ci job comments)accepted+ci-ready→ publishWhy
craft publishcurrently polls GitHub's commit status API every 30 seconds for up to 60 minutes inside a Docker container. This idle polling is billed as GitHub Actions minutes and steals from our available capacity — a publish job that waits 45 minutes for CI burns 45 minutes of runner time doing nothing. For repos like sentry-native (~1h 23m CI), it also exhausts the 1-hour GitHub App token lifetime, causing expired-token failures (getsentry/craft#788).With the poller, the publish job doesn't start at all until CI passes — the expensive Docker job gets a fresh token and runs only for the actual publishing.
Cost
iflevel, no runner provisionedci-pendingissuesPre-deploy
Create the
CI_POLLER_HAS_PENDINGrepo variable with initial valuefalse:Backward Compatibility
ci-pendinglabel (created before this deploys) →publish.ymlgate treats them as old-style, runs with legacy in-Docker polling. Zero behavioral change.ci-pendingfromci-pending.yml, poller handles them.