Skip to content

Auto-clean stale pr-test-builds releases#11678

Open
sensei-hacker wants to merge 1 commit into
iNavFlight:maintenance-10.xfrom
sensei-hacker:cleanup-pr-test-builds
Open

Auto-clean stale pr-test-builds releases#11678
sensei-hacker wants to merge 1 commit into
iNavFlight:maintenance-10.xfrom
sensei-hacker:cleanup-pr-test-builds

Conversation

@sensei-hacker

Copy link
Copy Markdown
Member

Summary

iNavFlight/pr-test-builds accumulates a release for every PR (via pr-test-builds.yml) but nothing ever deleted them once a PR closed — 157 stale releases had built up. This adds three cleanup mechanisms.

Changes

  • .github/workflows/cleanup-pr-test-builds.yml — deletes a PR's pr-test-builds release immediately when the PR merges. Uses pull_request_target (not pull_request) so the existing PR_BUILDS_TOKEN secret is available even for fork PRs; this is safe here because the workflow never checks out or executes any PR code, it only reads number/merged from the trusted event payload and calls the GitHub API. Also accepts workflow_dispatch for manual retries.
  • .github/workflows/cleanup-pr-test-builds-scheduled.yml — a daily cron safety-net sweep (--older-than 14) for anything the merge-triggered workflow missed, and to gradually clear the pre-existing backlog.
  • .github/scripts/cleanup-old-pr-test-builds.py — the script the scheduled sweep runs; also runnable by hand with --dry-run and --older-than DAYS.
  • docs/development/cleanup-pr-test-builds.md — usage, token setup, and troubleshooting.

inav-configurator doesn't need any of this — its PR test builds are plain GitHub Actions artifacts linked from a PR comment, not pr-test-builds releases, so they already expire under GitHub's own artifact retention policy.

No new secrets needed — everything reuses the existing PR_BUILDS_TOKEN that pr-test-builds.yml already uses to publish releases.

Testing

  • Dry-run validated against live data: python3 .github/scripts/cleanup-old-pr-test-builds.py --dry-run --older-than 14 correctly classified all ~150 live releases (150 to delete, 7 correctly skipped as recent+open) across ~300 real API calls with 0 errors. Default (merged-only) mode: 112 to delete, 45 correctly skipped (open or closed-without-merge).
  • Found and fixed a real bug pre-merge: the release's created_at field is bogus (identical across every release regardless of actual publish date) — using it for --older-than would have deleted the entire repo on first run regardless of threshold. Switched to published_at, which is verified accurate.
  • Performed one real, live end-to-end delete against an already-merged PR's stale release (pr-11614) using the exact command the workflow runs (gh release delete ... --cleanup-tag --yes). Verified afterward that both the release and its underlying git tag are gone (404 on both gh release view and the git ref API).
  • Hand-tested the workflow's error-handling branch logic (found/not-found/real-failure) directly against a real 404, a real existing release, and a simulated auth failure — confirmed each takes the correct path (delete / no-op / fail loudly).
  • Validated Python syntax (py_compile) and YAML syntax (yaml.safe_load) for all new files; shellchecked the embedded bash in the merge-triggered workflow (clean).

Code Review

Reviewed with the inav-code-review agent. Three IMPORTANT issues found and fixed before this PR: the merge-triggered workflow's "not found" check was swallowing all gh release view failures (including real auth/rate-limit errors) instead of only genuine not-found cases, contradicting the workflow's own documented behavior; the script's list_releases() call wasn't wrapped in the same error handling as the rest of the tool; and the doc incorrectly claimed both workflows share the Python script's logic (only the scheduled sweep does — the merge-triggered workflow has its own simpler inline logic).

iNavFlight/pr-test-builds accumulated releases forever since nothing
deleted them once a PR closed (157 at time of writing). Adds a
merge-triggered workflow for immediate cleanup plus a scheduled sweep
and manual script as a safety net / backlog cleaner.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant