Improve build time in CI through caching native modules (#482)

* Improve caching of hak native modules * Avoid double-hashing * Skip native installs where cache is hit * Include Electron version in the hash, it affects the ABI * Add missing step IDs * Add comments
2025-01-18 23:44:59 +01:00 · 2022-12-13 14:12:40 +00:00 · 2022-12-13 14:12:40 +00:00 · 2f48519dce
commit 2f48519dce
parent 6508e171db
4 changed files with 30 additions and 4 deletions
--- a/.github/workflows/build_linux.yaml
+++ b/.github/workflows/build_linux.yaml
@ -1,3 +1,6 @@
+# This workflow relies on actions/cache to store the hak dependency artifacts as they take a long time to build
+# Due to this extra care must be taken to only ever run all build_* scripts against the same branch to ensure
+# the correct cache scoping, and additional care must be taken to not run untrusted actions on the develop branch.
 on:
  workflow_call:
    inputs:
@ -16,19 +19,21 @@ jobs:
          name: webapp

      - name: Cache .hak
+        id: cache
        uses: actions/cache@v3
        with:
-          key: ${{ hashFiles('./yarn.lock') }}
+          key: ${{ runner.os }}-${{ hashFiles('hakDependencies.json', 'electronVersion') }}
          path: |
            ./.hak

      - name: Install Rust
+        if: steps.cache.outputs.cache-hit != 'true'
        uses: actions-rs/toolchain@v1
        with:
          toolchain: stable

      - name: Install libsqlcipher-dev
-        if: inputs.sqlcipher == 'system'
+        if: steps.cache.outputs.cache-hit != 'true' && inputs.sqlcipher == 'system'
        run: sudo apt-get install -y libsqlcipher-dev

      - uses: actions/setup-node@v3
@ -40,6 +45,7 @@ jobs:
        run: "yarn install --pure-lockfile"

      - name: Build Natives
+        if: steps.cache.outputs.cache-hit != 'true'
        run: "yarn build:native"
        env:
          SQLCIPHER_STATIC: ${{ inputs.sqlcipher == 'static' && '1' || '' }}
--- a/.github/workflows/build_macos.yaml
+++ b/.github/workflows/build_macos.yaml
@ -1,3 +1,6 @@
+# This workflow relies on actions/cache to store the hak dependency artifacts as they take a long time to build
+# Due to this extra care must be taken to only ever run all build_* scripts against the same branch to ensure
+# the correct cache scoping, and additional care must be taken to not run untrusted actions on the develop branch.
 on:
  workflow_call:
 jobs:
@ -11,13 +14,15 @@ jobs:
          name: webapp

      - name: Cache .hak
+        id: cache
        uses: actions/cache@v3
        with:
-          key: ${{ hashFiles('./yarn.lock') }}
+          key: ${{ runner.os }}-${{ hashFiles('hakDependencies.json', 'electronVersion') }}
          path: |
            ./.hak

      - name: Install Rust
+        if: steps.cache.outputs.cache-hit != 'true'
        uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
@ -32,6 +37,7 @@ jobs:
        run: "yarn install --pure-lockfile"

      - name: Build Natives
+        if: steps.cache.outputs.cache-hit != 'true'
        run: "yarn build:native:universal"

      - name: Build App
--- a/.github/workflows/build_prepare.yaml
+++ b/.github/workflows/build_prepare.yaml
@ -26,6 +26,12 @@ jobs:
      - name: Fetch Element Web
        run: yarn run fetch --noverify -d ${{ inputs.config }} ${{ inputs.version }}

+      # We split this out to save the build_* scripts having to do it to make use of `hashFiles` in the cache action
+      - name: Generate cache hash files
+        run: |
+          yarn run --silent electron --version > electronVersion
+          cat package.json | jq -c .hakDependencies > hakDependencies.json
+
      - uses: actions/upload-artifact@v3
        with:
          name: webapp
@ -33,3 +39,5 @@ jobs:
          path: |
            webapp.asar
            package.json
+            electronVersion
+            hakDependencies.json
--- a/.github/workflows/build_windows.yaml
+++ b/.github/workflows/build_windows.yaml
@ -1,3 +1,6 @@
+# This workflow relies on actions/cache to store the hak dependency artifacts as they take a long time to build
+# Due to this extra care must be taken to only ever run all build_* scripts against the same branch to ensure
+# the correct cache scoping, and additional care must be taken to not run untrusted actions on the develop branch.
 on:
  workflow_call:
    inputs:
@ -32,9 +35,10 @@ jobs:
          name: webapp

      - name: Cache .hak
+        id: cache
        uses: actions/cache@v3
        with:
-          key: ${{ runner.os }}-${{ hashFiles('./yarn.lock') }}
+          key: ${{ runner.os }}-${{ hashFiles('hakDependencies.json', 'electronVersion') }}
          path: |
            ./.hak

@ -58,6 +62,7 @@ jobs:
          echo "C:/Program Files/NASM" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append

      - name: Install Rust
+        if: steps.cache.outputs.cache-hit != 'true'
        uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
@ -72,6 +77,7 @@ jobs:
        run: "yarn install --pure-lockfile"

      - name: Build Natives
+        if: steps.cache.outputs.cache-hit != 'true'
        run: |
          refreshenv
          yarn build:native --target ${{ steps.config.outputs.target }}