Skip to content

BUILD-10739 Cache cleanup with list and delete modes#43

Merged
mikolaj-matuszny-ext-sonarsource merged 2 commits intomasterfrom
feat/mmatuszny/BUILD-10739-cache-cleanup-v2
Mar 18, 2026
Merged

BUILD-10739 Cache cleanup with list and delete modes#43
mikolaj-matuszny-ext-sonarsource merged 2 commits intomasterfrom
feat/mmatuszny/BUILD-10739-cache-cleanup-v2

Conversation

@mikolaj-matuszny-ext-sonarsource
Copy link
Contributor

@mikolaj-matuszny-ext-sonarsource mikolaj-matuszny-ext-sonarsource commented Mar 18, 2026
edited
Loading

Summary

Rewrites the cache cleanup script to use a two-phase approach with list and delete modes:

  • List mode (no branch): Lists all cache entries for the repo, optionally filtered by key prefix. Helps users discover what's cached before deciding what to delete.
  • Delete mode (branch provided): Deletes matching cache entries with optional dry-run preview.

Changes

  • scripts/cleanup-cache.sh: Replaced aws s3 rm --include/--exclude with aws s3api list-objects-v2 + grep filtering + aws s3api delete-objects batch deletion (up to 1000 objects per API call)
  • cleanup/action.yml: Made branch input optional to support list mode
  • .github/workflows/cleanup-cache.yml: Updated inputs to match (branch optional, descriptions updated)
  • README.md: Rewrote Cache Cleanup section with usage table showing all scenarios
  • .github/workflows/test-action.yml: Removed test-cleanup-dry-run job (tested manually, requires IAM changes to work in CI)

How users interact

Scenario Branch Key Dry-run
List all cache entries (empty) (empty) n/a
List entries matching a key (empty) sccache-Linux- n/a
Preview what would be deleted feature/my-branch (optional) true
Delete cache for a branch feature/my-branch (optional) false

Dependencies

Requires IAM policy changes in github-runners-infra PR to grant s3:ListBucket and s3:DeleteObject for workflow_dispatch from protected branches.

Test plan

  • Test list mode locally: S3_BUCKET=sonarsource-s3-cache-dev-bucket GITHUB_REPOSITORY=SonarSource/gh-action_cache bash scripts/cleanup-cache.sh
  • Test list with key filter: add CLEANUP_KEY=git-clean-test
  • Test dry-run delete: add CLEANUP_BRANCH=feat/... DRY_RUN=true
  • Test actual delete after IAM changes are merged
  • Verify CI passes (existing cache tests unaffected)

🤖 Generated with Claude Code

@mikolaj-matuszny-ext-sonarsource mikolaj-matuszny-ext-sonarsource force-pushed the feat/mmatuszny/BUILD-10739-cache-cleanup-v2 branch from 12ba6f8 to f12bcfc Compare March 18, 2026 11:30
@mikolaj-matuszny-ext-sonarsource mikolaj-matuszny-ext-sonarsource force-pushed the feat/mmatuszny/BUILD-10739-cache-cleanup-v2 branch from f12bcfc to ce47e17 Compare March 18, 2026 11:37
@mikolaj-matuszny-ext-sonarsource mikolaj-matuszny-ext-sonarsource marked this pull request as ready for review March 18, 2026 11:40
@sonar-review-alpha
Copy link

sonar-review-alpha bot commented Mar 18, 2026
edited
Loading

Summary

Rewrites cache cleanup from simple aws s3 rm --include/--exclude to a two-phase API approach: list all objects with pagination via aws s3api list-objects-v2, filter by branch/key using jq and grep, then batch-delete up to 1000 objects per call with aws s3api delete-objects. Adds list mode (no branch) for cache discovery. Updates action inputs and workflow to reflect the two modes.

What reviewers should know

Start with: scripts/cleanup-cache.sh (core logic rewrite) — the filtering logic (grep escaping via escape_grep()), pagination handling, and batch deletion are new.

Key changes to review:

  • The jq operations for filtering and building delete payloads — verify correctness of array manipulation and JSON structure
  • The escape_grep() function ensures grep patterns don't fail on special characters in branch/key names
  • Pagination loop handles NextContinuationToken to fetch >1000 objects
  • Batch deletion: script accumulates matched keys into a temp file, deletes in 1000-object chunks, and tracks progress
  • Output now shows size (human-readable via format_size()) and date for each object

Gotchas:

  • Branch matching still searches for both bare (feature/x) and full ref (refs/heads/feature/x) forms to cover PR and push events
  • DRY_RUN only applies in delete mode; list mode always shows what exists without deleting
  • Size/date come from S3 object metadata (Size, LastModified fields)
  • The test-cleanup-dry-run job was removed (author notes it needs manual testing post-IAM merge)
  • Generate Walkthrough
  • Generate Diagram

🗣️ Give feedback

@mikolaj-matuszny-ext-sonarsource mikolaj-matuszny-ext-sonarsource changed the title BUILD-10739 Cache cleanup - changes BUILD-10739 Cache cleanup with list and delete modes Mar 18, 2026
sonar-review-alpha[bot]
sonar-review-alpha bot reviewed Mar 18, 2026
View reviewed changes
Copy link

@sonar-review-alpha sonar-review-alpha bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Conclusion: The script rewrite is solid and the new list mode is a useful addition. One logic duplication worth cleaning up, but nothing blocking.

🗣️ Give feedback

sonar-review-alpha[bot]
sonar-review-alpha bot reviewed Mar 18, 2026
View reviewed changes
Copy link

@sonar-review-alpha sonar-review-alpha bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pagination bug is the main concern — it could cause silent data loss in delete mode on busy repos. The table duplication is straightforward to fix with a helper function.

Conclusion: Two issues need fixing before merge: a real bug (truncated S3 listing) and new logic duplication introduced by this commit. The key-filter duplication flagged in the previous review (comment #2953033147) also remains unaddressed.

🗣️ Give feedback

@mikolaj-matuszny-ext-sonarsource mikolaj-matuszny-ext-sonarsource force-pushed the feat/mmatuszny/BUILD-10739-cache-cleanup-v2 branch from cd26e9c to deb8385 Compare March 18, 2026 14:13
@sonarqube-cloud-us
Copy link

sonarqube-cloud-us bot commented Mar 18, 2026

SonarQube reviewer guide

Review in SonarQube

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@mikolaj-matuszny-ext-sonarsource mikolaj-matuszny-ext-sonarsource merged commit 9e32862 into master Mar 18, 2026
11 of 13 checks passed
@mikolaj-matuszny-ext-sonarsource mikolaj-matuszny-ext-sonarsource deleted the feat/mmatuszny/BUILD-10739-cache-cleanup-v2 branch March 18, 2026 14:15
@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 18, 2026

SonarQube reviewer guide

Review in SonarQube

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sonar-review-alpha sonar-review-alpha[bot] sonar-review-alpha[bot] left review comments

@julien-carsique-sonarsource julien-carsique-sonarsource julien-carsique-sonarsource approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mikolaj-matuszny-ext-sonarsource @julien-carsique-sonarsource