Skip to content

[DX-3383] Optimize Docker Caching #1487

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
erikburt merged 23 commits into from
Mar 30, 2026
Merged

[DX-3383] Optimize Docker Caching #1487

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
fe82760
cache-scope and max mode
kalverra Mar 25, 2026
07725cd
Fix
kalverra Mar 25, 2026
4180e78
Setup debugging
kalverra Mar 25, 2026
f027575
Remove extra go mod download
kalverra Mar 26, 2026
263166d
Optimize Docker caching
kalverra Mar 26, 2026
ab75dfe
Optimize Docker caching
kalverra Mar 26, 2026
c1f5756
Cleanup
kalverra Mar 26, 2026
59a2a05
Verify image
kalverra Mar 26, 2026
425f86d
Add image inspection
kalverra Mar 26, 2026
6fe95ca
Remove DEBUG
kalverra Mar 26, 2026
9930ffd
Comments
kalverra Mar 26, 2026
00e02e6
tee it up
kalverra Mar 27, 2026
0c5a0ae
Plugin caching + debug
kalverra Mar 27, 2026
826ceff
Fixes
kalverra Mar 27, 2026
b04165c
Fix encoding
kalverra Mar 27, 2026
5004a95
Changeset
kalverra Mar 27, 2026
7b30d4f
Comments
kalverra Mar 27, 2026
b40f786
pr debug
kalverra Mar 27, 2026
1d912f1
Don't cache plugins on PRs
kalverra Mar 27, 2026
82d89c7
Update actions
kalverra Mar 27, 2026
6380446
Caching
kalverra Mar 30, 2026
1f735a1
Test with just docker cache
kalverra Mar 30, 2026
835d3ee
Merge branch 'main' into moreDockerCache
erikburt Mar 30, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .changeset/proud-owls-lick.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"ctf-build-image": minor
---

Adds inputs and tweaks docker caching strategy for better performance
16 changes: 8 additions & 8 deletions .github/workflows/run-e2e-tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -391,7 +391,7 @@
environment:
name: integration
# http://docs.github.com/en/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments#using-environments-without-deployments
deployment: false

Check failure on line 394 in .github/workflows/run-e2e-tests.yml

View workflow job for this annotation

GitHub Actions / ci-lint-misc 

[actionlint] reported by reviewdog 🐶
unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]

Raw Output:
e:.github/workflows/run-e2e-tests.yml:394:7: unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]
outputs:
latest_chainlink_release_version: ${{ steps.get_latest_version.outputs.latest_version }}
steps:
Expand Down Expand Up @@ -427,7 +427,7 @@
persist-credentials: false

- name: Setup Go
uses: actions/setup-go@v5.0.2
uses: actions/setup-go@v6
with:
go-version: "1.24.0"
check-latest: true
Expand Down Expand Up @@ -608,7 +608,7 @@
environment:
name: integration
# http://docs.github.com/en/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments#using-environments-without-deployments
deployment: false

Check failure on line 611 in .github/workflows/run-e2e-tests.yml

View workflow job for this annotation

GitHub Actions / ci-lint-misc 

[actionlint] reported by reviewdog 🐶
unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]

Raw Output:
e:.github/workflows/run-e2e-tests.yml:611:7: unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]
permissions:
id-token: write
contents: read
Expand Down Expand Up @@ -661,7 +661,7 @@
environment:
name: integration
# http://docs.github.com/en/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments#using-environments-without-deployments
deployment: false

Check failure on line 664 in .github/workflows/run-e2e-tests.yml

View workflow job for this annotation

GitHub Actions / ci-lint-misc 

[actionlint] reported by reviewdog 🐶
unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]

Raw Output:
e:.github/workflows/run-e2e-tests.yml:664:7: unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]
permissions:
id-token: write
contents: read
Expand Down Expand Up @@ -712,7 +712,7 @@
environment:
name: integration
# http://docs.github.com/en/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments#using-environments-without-deployments
deployment: false

Check failure on line 715 in .github/workflows/run-e2e-tests.yml

View workflow job for this annotation

GitHub Actions / ci-lint-misc 

[actionlint] reported by reviewdog 🐶
unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]

Raw Output:
e:.github/workflows/run-e2e-tests.yml:715:7: unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]
permissions:
actions: read
checks: write
Expand Down Expand Up @@ -955,13 +955,13 @@
- name: Upload trace data as artifact
if: inputs.enable_otel_traces_for_ocr2_plugins &&
matrix.tests.test_env_vars.ENABLE_OTEL_TRACES == 'true'
uses: actions/upload-artifact@v4.4.3
uses: actions/upload-artifact@v7
with:
name: trace-data
path: ./integration-tests/smoke/traces/trace-data.json

- name: Upload test log as artifact
uses: actions/upload-artifact@v4.4.3
uses: actions/upload-artifact@v7
if: failure()
with:
name: test_log_${{ env.TEST_ID }}
Expand All @@ -971,7 +971,7 @@

- name: Upload cl node coverage data as artifact
if: inputs.upload_cl_node_coverage_artifact
uses: actions/upload-artifact@v4.4.3
uses: actions/upload-artifact@v7
timeout-minutes: 2
continue-on-error: true
with:
Expand All @@ -988,7 +988,7 @@

- name: Upload test result as artifact
if: ${{ always() }}
uses: actions/upload-artifact@v4.4.3
uses: actions/upload-artifact@v7
with:
name: test_result_${{ needs.load-test-configurations.outputs.workflow_id
}}_${{ env.TEST_ID }}
Expand All @@ -997,7 +997,7 @@

- name: Upload custom test artifacts
if: failure() && matrix.tests.test_artifacts_on_failure != ''
uses: actions/upload-artifact@v4.4.3
uses: actions/upload-artifact@v7
with:
name: custom_test_artifacts_${{ env.TEST_ID }}_${{
needs.load-test-configurations.outputs.workflow_id }}
Expand All @@ -1019,7 +1019,7 @@
environment:
name: integration
# http://docs.github.com/en/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments#using-environments-without-deployments
deployment: false

Check failure on line 1022 in .github/workflows/run-e2e-tests.yml

View workflow job for this annotation

GitHub Actions / ci-lint-misc 

[actionlint] reported by reviewdog 🐶
unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]

Raw Output:
e:.github/workflows/run-e2e-tests.yml:1022:7: unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]
permissions:
actions: read
checks: write
Expand Down Expand Up @@ -1080,7 +1080,7 @@
environment:
name: integration
# http://docs.github.com/en/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments#using-environments-without-deployments
deployment: false

Check failure on line 1083 in .github/workflows/run-e2e-tests.yml

View workflow job for this annotation

GitHub Actions / ci-lint-misc 

[actionlint] reported by reviewdog 🐶
unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]

Raw Output:
e:.github/workflows/run-e2e-tests.yml:1083:7: unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]
permissions:
actions: read
checks: write
Expand Down Expand Up @@ -1256,7 +1256,7 @@
test_suite: ${{ matrix.tests.test_env_vars.TEST_SUITE }}

- name: Upload test log as artifact
uses: actions/upload-artifact@v4.4.3
uses: actions/upload-artifact@v7
if: failure()
with:
name: test_log_${{ env.TEST_ID }}
Expand All @@ -1266,7 +1266,7 @@

- name: Upload custom test artifacts
if: failure() && matrix.tests.test_artifacts_on_failure != ''
uses: actions/upload-artifact@v4.4.3
uses: actions/upload-artifact@v7
with:
name: ${{ format('custom_test_artifacts_{0}_{1}', env.TEST_ID, needs.load-test-configurations.outputs.workflow_id) }}
path: ${{ matrix.tests.test_artifacts_on_failure }}
Expand All @@ -1287,7 +1287,7 @@
environment:
name: integration
# http://docs.github.com/en/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments#using-environments-without-deployments
deployment: false

Check failure on line 1290 in .github/workflows/run-e2e-tests.yml

View workflow job for this annotation

GitHub Actions / ci-lint-misc 

[actionlint] reported by reviewdog 🐶
unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]

Raw Output:
e:.github/workflows/run-e2e-tests.yml:1290:7: unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]
permissions:
actions: read
checks: write
Expand Down Expand Up @@ -1408,7 +1408,7 @@
environment:
name: integration
# http://docs.github.com/en/actions/how-tos/deploy/configure-and-manage-deployments/control-deployments#using-environments-without-deployments
deployment: false

Check failure on line 1411 in .github/workflows/run-e2e-tests.yml

View workflow job for this annotation

GitHub Actions / ci-lint-misc 

[actionlint] reported by reviewdog 🐶
unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]

Raw Output:
e:.github/workflows/run-e2e-tests.yml:1411:7: unexpected key "deployment" for "environment" section. expected one of "name", "url" [syntax-check]
outputs:
test_results: ${{ steps.set_test_results.outputs.results }}
steps:
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/solidity-review-artifacts.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -184,7 +184,7 @@ jobs:
done

- name: Upload basic info and modified contracts list
uses: actions/upload-artifact@v4.6.2
uses: actions/upload-artifact@v7
timeout-minutes: 2
continue-on-error: true
with:
Expand Down Expand Up @@ -284,7 +284,7 @@ jobs:
inputs.foundry_profile_override || inputs.product }}

- name: Upload Artifacts for product contracts
uses: actions/upload-artifact@v4.6.2
uses: actions/upload-artifact@v7
timeout-minutes: 2
continue-on-error: true
with:
Expand Down Expand Up @@ -401,7 +401,7 @@ jobs:
./dot_github/tools/scripts/solidity/generate_slither_report.sh "${{ github.server_url }}/${{ github.repository }}/blob/${{ env.head_ref }}/" "$SLITHER_CONFIG_FILE_PATH" "$CONTRACTS_DIRECTORY" "$contract_list" "${{ env.artifacts_dir }}/slither-reports" "--solc-remaps @=$CONTRACTS_DIRECTORY/node_modules/@"

- name: Upload UMLs and Slither reports
uses: actions/upload-artifact@v4.6.2
uses: actions/upload-artifact@v7
timeout-minutes: 10
continue-on-error: true
with:
Expand Down Expand Up @@ -437,7 +437,7 @@ jobs:
merge-multiple: true

- name: Upload all artifacts as single package
uses: actions/upload-artifact@v4.6.2
uses: actions/upload-artifact@v7
with:
name: review-artifacts-${{ inputs.product }}-${{ inputs.base_ref }}-${{
env.head_ref }}
Expand Down
4 changes: 2 additions & 2 deletions actions/apidiff-go/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ jobs:
fetch-depth: 0

- name: Set up Go
uses: actions/setup-go@v5
uses: actions/setup-go@v6
with:
go-version-file: "go.mod"
cache: false
Expand Down Expand Up @@ -140,7 +140,7 @@ jobs:
fetch-depth: 0

- name: Set up Go
uses: actions/setup-go@v5
uses: actions/setup-go@v6
# uses: ./.github/actions/setup-go
with:
go-version-file: ${{matrix.modules}}/go.mod
Expand Down
8 changes: 4 additions & 4 deletions actions/build-push-docker/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -203,14 +203,14 @@ runs:

- name: Login to private ECR registries for base images
if: ${{ steps.dockerfile-ecr-parse.outputs.needs-ecr-login == 'true' }}
uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # v2.0.1
uses: aws-actions/amazon-ecr-login@183a1442edf41672e66566b7fc560e297a290896 # v2.1.1
with:
registries: ${{ steps.dockerfile-ecr-parse.outputs.ecr-registries }}

- name: Login to ECR for publishing
if: ${{ inputs.docker-push == 'true' }}
id: login-ecr
uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # v2.0.1
uses: aws-actions/amazon-ecr-login@183a1442edf41672e66566b7fc560e297a290896 # v2.1.1
with:
registry-type: >-
${{
Expand All @@ -221,13 +221,13 @@ runs:
registries: ${{ inputs.aws-account-number }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3.9.0
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: latest

- name: Docker meta
id: docker-meta
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1
uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
with:
images:
${{ format('{0}/{1}', inputs.docker-registry-url,
Expand Down
68 changes: 42 additions & 26 deletions actions/ctf-build-image/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,21 @@ inputs:
go get github.com/smartcontractkit/chainlink-solana@abc123
go get github.com/smartcontractkit/chainlink-evm@def456

cache-scope:
required: false
description: |
Custom scope for Docker build cache. Separates caches when multiple
Dockerfiles build on the same architecture (e.g. "core" vs "plugins").
If not set, defaults to runner OS and architecture.
default: ""

free-disk-space:
required: false
description: |
Whether to run the free-disk-space step before building. Set to "false"
on runners with sufficient disk (e.g. RunsOn with 100GB+) to save ~30-60s.
default: "true"

outputs:
docker-image-sha-digest-amd64:
description: "Docker image SHA digest for platform: amd64"
Expand All @@ -119,12 +134,6 @@ outputs:
runs:
using: composite
steps:
- uses: actions/setup-go@v6
with:
go-version-file: "go.mod"
check-latest: true
cache: false

- name: Setup GitHub token using GATI
if: inputs.gati-role-arn != '' && inputs.gati-lambda-url != ''
id: github-token
Expand All @@ -136,13 +145,6 @@ runs:
aws-role-duration-seconds: "1800"
set-git-config: "true"

- name: Process go get overrides
shell: bash
env:
GO_OVERRIDES: ${{ inputs.go-get-overrides }}
ACTIONS_PATH: ${{ github.action_path }}
run: ${ACTIONS_PATH}/scripts/go-get-overrides.sh

- name: Process plugin manifest overrides (public)
shell: bash
env:
Expand All @@ -152,18 +154,32 @@ runs:
ACTIONS_PATH: ${{ github.action_path }}
run: ${ACTIONS_PATH}/scripts/plugin-overrides.sh

- name: Tidy and Output go.mod
- name: Setup Go for dependency overrides
if: inputs.go-get-overrides != ''
uses: actions/setup-go@v6
with:
go-version-file: go.mod
cache: false

- name: Apply go-get dependency overrides
if: inputs.go-get-overrides != ''
shell: bash
env:
GO_OVERRIDES: ${{ inputs.go-get-overrides }}
run: |
echo "::group::Tidy go.mod"
set -e
while IFS= read -r line; do
[ -z "$line" ] && continue
dep="${line%%=*}"
sha="${line#*=}"
[ -z "$dep" ] || [ -z "$sha" ] && continue
echo "Overriding: github.com/smartcontractkit/${dep}@${sha}"
go get "github.com/smartcontractkit/${dep}@${sha}"
done <<< "$GO_OVERRIDES"
go mod tidy
echo "::endgroup::"

echo "::group::cat go.mod"
cat go.mod
echo "::endgroup::"

- name: Free up disk space (to avoid 'no space left on device' errors)
if: inputs.free-disk-space == 'true'
uses: smartcontractkit/.github/actions/free-disk-space@free-disk-space/v1

- name: Build push docker image
Expand All @@ -182,18 +198,18 @@ runs:
docker-registry-url: ${{ inputs.docker-registry-url }}
docker-repository-name: ${{ inputs.docker-repository-name }}
# only save on events which are expected to be from the default branch
docker-save-cache:
${{ github.event_name == 'schedule' || github.event_name == 'push' }}
docker-save-cache: ${{ github.event_name == 'schedule' ||
github.event_name == 'push' || github.event_name == 'pull_request' }} # TODO: Remove pull_request after testing
Copy link
Copy Markdown
Contributor

@erikburt erikburt Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can remove in follow-up

# dont use cache on events which are expected to be from the default branch
# this is to create a fresh cache/snapshot unpolluted by previous cache entries
docker-restore-cache:
${{ github.event_name != 'schedule' && github.event_name != 'push' }}
docker-build-cache-to:
"type=gha,timeout=10m,mode=min,ignore-error=true,scope=ctf-build-image-${{
runner.os }}-${{ runner.arch }}"
"type=gha,timeout=10m,mode=max,ignore-error=true,compression=zstd,compression-level=3,scope=ctf-build-image-${{
inputs.cache-scope || format('{0}-{1}', runner.os, runner.arch) }}"
docker-build-cache-from:
"type=gha,timeout=10m,scope=ctf-build-image-${{ runner.os }}-${{
runner.arch }}"
"type=gha,timeout=10m,scope=ctf-build-image-${{ inputs.cache-scope ||
format('{0}-{1}', runner.os, runner.arch) }}"

tags: type=raw,value=${{ inputs.image-tag }}
aws-account-number: ${{ inputs.aws-account-number }}
Expand Down
59 changes: 0 additions & 59 deletions actions/ctf-build-image/scripts/go-get-overrides.sh
View file
Open in desktop

This file was deleted.

Loading