fix: pin uv version and add caching to CI workflows#127
Conversation
## What Pin uv to version 0.10.9 with caching enabled across all setup-uv action usages in CI workflows. Add concurrency groups to CI and linter workflows to cancel in-progress runs on new pushes. ## Why Unpinned uv versions can cause unexpected CI breakage when new releases introduce breaking changes. Caching speeds up workflow runs. Concurrency cancellation avoids wasting CI resources on outdated pushes. ## Notes - Mirrors changes from github-community-projects/evergreen#496 - The concurrency block only applies to CI and linter workflows, not to copilot-setup-steps or update-uv-lock workflows Signed-off-by: jmeridth <jmeridth@gmail.com>
There was a problem hiding this comment.
Pull request overview
Updates CI workflows to use a pinned uv version and adds workflow-level concurrency controls, aligning with the referenced evergreen change.
Changes:
- Pin
uvto0.10.9and enablesetup-uvcaching in all workflows that installuv. - Add
concurrencygroups to cancel in-progress runs on new pushes for the Python package and linter workflows.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| .github/workflows/update-uv-lock.yml | Pins uv and enables setup-uv caching for lockfile update automation. |
| .github/workflows/python-package.yml | Adds concurrency cancellation and pins/enables cached uv in the main test workflow. |
| .github/workflows/linter.yaml | Adds concurrency cancellation and pins/enables cached uv in the lint workflow. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| with: | ||
| version: "0.10.9" | ||
| enable-cache: true |
There was a problem hiding this comment.
enable-cache: true will attempt to use the GitHub Actions cache, but this workflow explicitly sets permissions and does not grant any actions permission. With restricted GITHUB_TOKEN permissions, cache restore/save can fail (often with "Resource not accessible by integration"). Consider adding actions: write (or at least actions: read if you only want restores) to the workflow/job permissions when enabling uv caching.
| with: | ||
| version: "0.10.9" | ||
| enable-cache: true |
There was a problem hiding this comment.
This workflow enables setup-uv caching (enable-cache: true) but the workflow-level permissions only grants contents: read, leaving actions as none. GitHub’s cache API requires actions: write to save caches (and actions: read to restore), so the caching step may fail under the restricted token. Add the appropriate actions permission if caching is intended.
| uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1 | ||
| with: | ||
| version: "0.10.9" | ||
| enable-cache: true |
There was a problem hiding this comment.
enable-cache: true relies on the Actions cache service, but the workflow/job permissions don’t grant any actions scope (only contents, packages, statuses). With permissions set explicitly, actions defaults to none, which can prevent cache restore/save. Add actions: write (or actions: read if you only want restores) when enabling uv caching.
Summary
Test plan