✨ Investigating costs increase in infra cluster (GHA)

.github/workflows/documentation.yml

@@ -28,14 +28,14 @@ permissions:
 
 jobs:
   build:
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24
     steps:
-      - uses: actions/checkout@v1
-      - uses: actions/setup-node@v1
+      - uses: actions/checkout@v4
+        with:
+          clean: true
+
+      - name: Set Node.js 22.x
+        uses: actions/setup-node@v3
         with:
           node-version: '>= 18.0'
       - name: Build Preview (PR)

.github/workflows/e2e.yml

@@ -27,16 +27,7 @@ on:
 
 jobs:
   e2e:
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
-    strategy:
-      matrix:
-        include:
-          - browser: chrome
-      fail-fast: false
+    runs-on: gcp-selfhosted-ubuntu24
     steps:
     - uses: actions/checkout@v3
     - name: Use Node.js

.github/workflows/java_test.yml

@@ -1,21 +1,17 @@
 # SPDX-FileCopyrightText: 2024 Sequent Tech <legal@sequentech.io>
 #
-# SPDX-License-Identifier: AGPL-3.0-only
+# SPDX-License-Identifier: AGPL-3.0-only 
 
 name: Java Test
 
 on:
     pull_request:
     push:
-      branches: [ 'main', 'release/[0-9]+.[0-9]+' ]
+      branches: [ 'main', 'release/[0-9]+.[0-9]+']
 
 jobs:
   build-and-test:
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24
 
     steps:
     - uses: actions/checkout@v2
@@ -27,16 +23,9 @@ jobs:
         distribution: 'adopt'
 
     - name: Install Maven
-      command:
-        - /bin/sh
-        - -c
-        - |
-          set -eux
-          apt update
-          # create man folder, otherwise maven doesn't install. it's not there
-          # probably because the image is stripped to make it small
-          mkdir -p /usr/share/man/man1
-          apt install -y build-essential maven
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y maven
 
     - name: Keycloak Extensions Build and Test with Maven
       run: mvn -B clean verify --file packages/keycloak-extensions/pom.xml

.github/workflows/license_reuse.yml

@@ -11,11 +11,7 @@ on:
 
 jobs:
   reuse:
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24
 
     steps:
     - name: Checkout code

.github/workflows/lint_prettify.yml

@@ -12,11 +12,7 @@ on:
 jobs:
   lint-prettify:
     name: Check frontend linting
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24
     steps:
       - name: Check out code
         uses: actions/checkout@v4
@@ -58,11 +54,7 @@ jobs:
 
   lint-prettify-hasura:
     name: Check Hasura prettify
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24
     steps:
       - name: Check out code
         uses: actions/checkout@v4
@@ -86,33 +78,24 @@ jobs:
 
   rust-fmt:
     name: Check Rust format 
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24
     steps:
       - name: Check out code
         uses: actions/checkout@v4
 
       - name: Install Rust
         uses: actions-rs/toolchain@v1
         with:
-          profile: minimal
-          toolchain: nightly
+          toolchain: 1.90.0
           components: rustfmt
-          override: true
+          targets: x86_64-unknown-linux-musl
 
       - name: Check Rust code formatting
         run: cd packages/ && cargo fmt -- --check
 
   java-spotless:
     name: Check Java format
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24
     steps:
       - name: Check out code
         uses: actions/checkout@v4
@@ -123,5 +106,10 @@ jobs:
           java-version: '17'
           distribution: 'adopt'
 
+      - name: Install Maven
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y maven
+
       - name: Run Spotless Check
         run: cd packages/keycloak-extensions && mvn clean install &&mvn invoker:run@run-spotless-check

.github/workflows/locs_report.yml

@@ -11,11 +11,7 @@ on:
 
 jobs:
   locs:
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24
 
     steps:
     - name: Checkout code

.github/workflows/release.yml

@@ -35,11 +35,7 @@ permissions:
 
 jobs:
   create-release-branch:
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24
     outputs:
       NEW_RELEASE_BRANCH: ${{ steps.CreateReleaseBranch.outputs.NEW_RELEASE_BRANCH }}
       DEPLOYER_BRANCH: ${{ steps.CreateReleaseBranch.outputs.DEPLOYER_BRANCH }}
@@ -75,8 +71,13 @@ jobs:
         git config --local user.email "action@github.com"
         git config --local user.name "GitHub Action"
 
+    - name: Setup Node.js
+      uses: actions/setup-node@v4
+      with:
+        node-version: '24'
+
     - name: Install release-it
-      run: npm install --global release-it@19.0.3
+      run: sudo npm install --global release-it@19.0.3
 
     - name: Create Release Branch if required
       id: CreateReleaseBranch
@@ -125,11 +126,7 @@ jobs:
         fi
 
   release:
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24 #gcp
     needs: create-release-branch
     outputs:
       VERSION: ${{ steps.Release.outputs.VERSION }}
@@ -167,7 +164,7 @@ jobs:
 
     - name: Install release tools
       run: |
-        npm install --global release-it@16.2.1
+        sudo npm install --global release-it@16.2.1
 
     - name: Determine Release Increment
       id: CheckLatestRelease
@@ -262,11 +259,7 @@ jobs:
   trigger-beyond-release:
     needs: [release]
     if: ${{ always() && needs.release.result == 'success' }}
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24 #gcp
     steps:
     - name: Trigger Beyond Release Workflow
       uses: the-actions-org/workflow-dispatch@v4 # https://github.com/the-actions-org/workflow-dispatch
@@ -281,11 +274,7 @@ jobs:
   trigger-deployer:
     needs: [release, create-release-branch, trigger-beyond-release]
     if: ${{ always() && needs.release.result == 'success' && needs.create-release-branch.result == 'success' }}
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24 #gcp
     steps:
     - name: Trigger Deployer Workflow
       uses: the-actions-org/workflow-dispatch@v4 # https://github.com/the-actions-org/workflow-dispatch
@@ -300,11 +289,7 @@ jobs:
     if: failure()
     # Here define the depenency jobs
     needs: [release]
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24 #gcp
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -320,11 +305,7 @@ jobs:
 
   slack-report:
     needs: [release, trigger-deployer, cleanup]
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24 #gcp
     timeout-minutes: 20
     if: always()
     steps:

.github/workflows/reusable_build_push.yml

@@ -112,8 +112,8 @@ jobs:
         tags: |
           ${{ vars.AWS_ECR_REGISTRY_GLOBALDOT }}/${{ matrix.service }}:${{ env.SHORT_SHA }}
           ${{ vars.AWS_ECR_REGISTRY_GLOBALDOT }}/${{ matrix.service }}:${{ inputs.tag || github.run_number }}
-        cache-from: type=gha,scope=${{ matrix.service }}
-        cache-to: type=gha,mode=max,scope=${{ matrix.service }}
+        cache-from: type=registry,ref=${{ vars.AWS_ECR_REGISTRY_GLOBALDOT }}/${{ matrix.service }}:buildcache
+        cache-to: type=registry,ref=${{ vars.AWS_ECR_REGISTRY_GLOBALDOT }}/${{ matrix.service }}:buildcache,mode=max
         build-args: |
           SPA_NAME=${{ matrix.spa_name }}
           FEATURES=${{ matrix.features }}

.github/workflows/step_cli_build.yml

@@ -13,11 +13,8 @@ on:
 
 jobs:
   build-cli:
-    runs-on:
-      - env=infra-euw1
-      - runs-on=${{ github.run_id }}
-      - runner=2cpu-linux-x64
-      - image=ubuntu24-full-x64
+    runs-on: gcp-selfhosted-ubuntu24
+    timeout-minutes: 45
     env:
       CARGO_TARGET_DIR: rust-local-target
       RUSTFLAGS: "-C target-feature=-crt-static -lgcc_eh -lm"
@@ -29,16 +26,32 @@ jobs:
         if: runner.os == 'Linux'
         run: |
           sudo apt-get update
-          sudo apt-get install -y protobuf-compiler musl-tools libssl-dev pkg-config musl-dev libunwind-dev
+          sudo apt-get install -y build-essential protobuf-compiler musl-tools libssl-dev pkg-config musl-dev libunwind-dev
 
       - name: Install Rust
         uses: actions-rs/toolchain@v1
         with:
-          profile: minimal
-          toolchain: nightly
+          toolchain: 1.90.0
           components: rustfmt
-          override: true
-          target: x86_64-unknown-linux-musl
+          targets: x86_64-unknown-linux-musl
+
+      - name: Cache Cargo registry
+        uses: actions/cache@v4
+        with:
+          path: |
+            ~/.cargo/registry
+            ~/.cargo/git
+          key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-cargo-registry-
+
+      - name: Cache Cargo build
+        uses: actions/cache@v4
+        with:
+          path: packages/step-cli/rust-local-target
+          key: ${{ runner.os }}-cargo-build-${{ hashFiles('packages/step-cli/Cargo.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-cargo-build-
 
       - name: Link openssl
         working-directory: packages/step-cli
@@ -52,6 +65,7 @@ jobs:
           OPENSSL_STATIC: 1
           PKG_CONFIG_ALLOW_CROSS: 1
           OPENSSL_NO_VENDOR: 0
+          CARGO_BUILD_JOBS: 4
         run: cargo build --release --target x86_64-unknown-linux-musl
 
       - name: List build output target-rust-local (for debugging)