Skip to content

ci: reduce Actions spend (drop daily cron, slim PR fan-out, monthly dependabot)#233

Open
SimplyLiz wants to merge 1 commit into
developfrom
chore/reduce-ci-spend
Open

ci: reduce Actions spend (drop daily cron, slim PR fan-out, monthly dependabot)#233
SimplyLiz wants to merge 1 commit into
developfrom
chore/reduce-ci-spend

Conversation

@SimplyLiz

Copy link
Copy Markdown
Collaborator

Warum

Actions-Storage/Compute lief dauerhaft auf, obwohl seit Monaten keine manuellen Commits kamen. Ursachen:

  • Täglicher Cron in ckb.yml (0 3 * * *) → Reindex jede Nacht
  • Dependabot (wöchentlich) × ~15 Workflows Fan-out pro PR → tausende PR-Runs
  • Security-Audit lief bei jedem PR (8 Sub-Workflows)

Änderungen

  • ckb.yml: täglichen schedule-Cron entfernt. Reindex läuft weiter manuell via workflow_dispatch.
  • security-audit.yml: pull_request-Trigger entfernt. Security läuft jetzt auf push→main/develop + wöchentlichem Cron (Mo 06:00) + manuell.
  • dependabot.yml: alle Ökosysteme weeklymonthly; npm-Updates gruppiert (ein PR statt vieler).

Hinweise

  • Keine Branch-Protection aktiv → kein Required-Check wird blockiert.
  • Security-Coverage auf PRs entfällt bewusst (kommt weiter auf main + wöchentlich). Bei Bedarf zurücknehmbar.

- ckb.yml: remove daily '0 3 * * *' schedule (reindex now manual via workflow_dispatch)
- security-audit.yml: drop pull_request trigger (runs on push to main/develop + weekly cron)
- dependabot.yml: weekly -> monthly for all ecosystems, group npm updates into one PR
@github-actions

Copy link
Copy Markdown

🟢 Change Impact Analysis

Metric Value
Risk Level LOW 🟢
Files Changed 3
Symbols Changed 3
Directly Affected 0
Transitively Affected 0

Blast Radius: 0 modules, 0 files, 0 unique callers

📝 Changed Symbols (3)
Symbol File Type Confidence
.github/dependabot.yml .github/dependabot.yml modified 30%
.github/workflows/ckb.yml .github/workflows/ckb.yml modified 30%
.github/workflows/security-audit.yml .github/workflows/security-audit.yml modified 30%

Recommendations

  • ℹ️ coverage: 3 symbols have low mapping confidence. Index may be stale.
    • Action: Run 'ckb index' to refresh the SCIP index

Generated by CKB

@github-actions

Copy link
Copy Markdown

CKB Analysis

Risk Files +7 -7 Modules

🎯 3 changed → 0 affected · 🔥 3 hotspots · 📚 197 stale

Risk factors: Touches 3 hotspot(s)

👥 Suggested: @lisa.welsch1985@gmail.com (100%), @talantyyr@gmail.com (100%)

Metric Value
Impact Analysis 3 symbols → 0 affected 🟢
Doc Coverage 6.598984771573605% ⚠️
Complexity 0 violations
Coupling 0 gaps
Blast Radius 0 modules, 0 files
Index indexed (1s) 🆕
🎯 Change Impact Analysis · 🟢 LOW · 3 changed → 0 affected
Metric Value
Symbols Changed 3
Directly Affected 0
Transitively Affected 0
Modules in Blast Radius 0
Files in Blast Radius 0

Symbols changed in this PR:

Recommendations:

  • ℹ️ 3 symbols have low mapping confidence. Index may be stale.
    • Action: Run 'ckb index' to refresh the SCIP index
🔥 Hotspots · 3 volatile files
File Churn Score
.github/dependabot.yml 2.99
.github/workflows/ckb.yml 1.37
.github/workflows/security-audit.yml 1.37
💡 Quick wins · 10 suggestions
📚 Stale docs · 197 broken references

Generated by CKB · Run details

@github-actions

Copy link
Copy Markdown

CKB Review: ✅ PASS — 97/100

3 files (+14 changes) · 2 modules

Changes 3 files across 2 modules. No blocking issues found.

Check Status Detail
hotspots ℹ️ INFO 3 hotspot file(s) touched
blast-radius ℹ️ INFO No symbols with callers in changes
dead-code ✅ PASS No dead code in changed files
coupling ✅ PASS No missing co-change files
format-consistency ✅ PASS No format consistency issues
bug-patterns ✅ PASS No bug patterns detected
comment-drift ✅ PASS No comment/code drift detected
health ✅ PASS No significant health changes
secrets ✅ PASS No secrets detected
risk ✅ PASS Risk score: 0.30 (low)
test-gaps ✅ PASS All changed functions have tests
complexity ✅ PASS No significant complexity increase
breaking ✅ PASS No breaking API changes
unwired ✅ PASS All exported symbols are reachable from entrypoints
tests ✅ PASS 0 test(s) cover the changes
arch-health ⚪ SKIP Cartographer not compiled in this build
layers ⚪ SKIP Cartographer not compiled in this build
Change Breakdown
Category Files Review Priority
config 3 🟢 Quick check
Code Health

Estimated review: ~13min (trivial)

Reviewers: lisa.welsch1985 (100%) · talantyyr (100%)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant