ADFA-4306 Constrain GitHub Actions cache growth in analyze.yml

[hal-eisen-adfa]

Summary

• The daily Jacoco/SonarQube job's Linux-gradle cache on stage had grown to ~26 GB (vs. GitHub's 10 GB limit), evicting useful caches across the repo.
• Narrows the Gradle cache to dependency/wrapper dirs only, excluding ~/.gradle/caches/build-cache-1 (Gradle's task-output build cache — the actual driver of the bloat). Adds gradle-wrapper.properties to the hashFiles() key.
• Branch-scopes and content-hashes the SonarQube cache key so it rolls over under GitHub's 7-day LRU instead of pinning forever on stage.
• Passes --no-build-cache to the sonarqube invocation so the build cache stays empty even if the directory reappears.
• Sets retention-days: 7 on the JaCoCo report artifact (was the 90-day default).

Test plan

• Trigger analyze.yml manually via workflow_dispatch on this branch.
• Confirm new Linux-gradle-<hash> entry in Actions → Caches is < 2 GB.
• Confirm new Linux-sonar-<branch>-<hash> entry is < 500 MB.
• Re-run the workflow with no code changes and verify both caches show Cache restored successfully.
• Confirm the JaCoCo artifact in the run shows a 7-day expiry.
• After 24h of daily stage runs, confirm total cache usage stays well under 10 GB.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: edf1a7aa-5ed5-477c-b638-b35160fe83f7

📥 Commits

Reviewing files that changed from the base of the PR and between 2e32a60 and ac2fb15.

📒 Files selected for processing (1)

• .github/workflows/analyze.yml

---

📝 Walkthrough

Changes to GitHub Actions Analyze Workflow

Cache & Artifact Optimizations

• Gradle cache narrowing: Restricted to dependency and wrapper directories (~/.gradle/caches/modules-2, ~/.gradle/caches/jars-*, ~/.gradle/caches/transforms-*, ~/.gradle/wrapper), excluding the build cache directory (~/.gradle/caches/build-cache-1) to prevent ~26 GB cache bloat on the stage branch
• Enhanced Gradle cache key: Now includes gradle-wrapper.properties and libs.versions.toml in the hash to invalidate cache when Gradle wrapper version or dependency versions change
• SonarQube cache optimization: Now branch-scoped (github.ref_name) and content-hashed on Gradle/dependency files so entries age out under GitHub's 7-day LRU policy instead of persisting indefinitely
• Build cache disabled: Added --no-build-cache flag to SonarQube invocation to prevent build cache directory recreation
• JaCoCo retention period: Set to 7 days (reduced from 90-day default) to reduce artifact storage

Risks & Best Practices Considerations

• ⚠️ Build performance impact: Excluding the Gradle task-output build cache (~/.gradle/caches/build-cache-1) from the cached directories means each workflow run will need to rebuild task outputs rather than reusing previous build results. This trades disk space efficiency for potentially longer build times on re-runs. Monitor build duration metrics to quantify the impact.
• ⚠️ Branch cache isolation: SonarQube cache is now branch-scoped, so different branches will not share SonarQube cache entries. This is intentional for cache freshness but means each branch maintains its own separate cache, which may increase overall cache storage across multiple active branches.
• ⚠️ Artifact retention reduction: Reducing JaCoCo report retention from 90 to 7 days may impact historical analysis if reports need to be referenced beyond that window.
• ⚠️ Self-hosted runner considerations: Workflow runs on self-hosted infrastructure; cache management relies on local disk cleanup policies being properly configured to enforce GitHub's size limits and LRU eviction.

Walkthrough

The analyze.yml GitHub Actions workflow is updated to narrow the Gradle package cache paths and refine cache key hash inputs, scope the SonarQube cache key to the current branch, add --no-build-cache to the Gradle/Sonar execution command, and set a 7-day retention period on the uploaded JaCoCo report artifact.

Changes

CI Cache and Artifact Tuning

Layer / File(s)	Summary
Gradle package cache, Sonar cache, build command, and artifact retention .github/workflows/analyze.yml	Gradle cache paths narrowed to modules-2/jars, modules-2/transforms, and wrapper directories; cache key hash inputs updated to include gradle-wrapper.properties and libs.versions.toml. SonarQube cache key scoped to github.ref_name with hash inputs and updated restore-keys. Build command gains --no-build-cache. JaCoCo artifact upload adds retention-days: 7.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐇 Hoppity-hop through the CI lane,
Caches now keyed by branch name,
No stale Gradle builds to blame,
JaCoCo reports — seven days their fame,
Clean and tidy, the workflow's the same! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main objective: constraining GitHub Actions cache growth in analyze.yml by implementing specific cache directory restrictions and optimization strategies.
Description check	✅ Passed	The description is directly related to the changeset, providing detailed context about the cache overflow problem, explaining each solution implemented, and outlining a comprehensive test plan.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch ADFA-4306-constrain-cache-growth

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}