ci: make the Docker test matrix resilient to registry flakes (#172)#173
Merged
Conversation
The Test (debian/alpine/fedora) matrix failed four times in a row on 2026-06-10, each on a transient network error (Docker Hub base-image pull i/o timeout; crates.io download broken pipe) unrelated to the code. - fail-fast: false so one distro's flake no longer cancels the others. - Retry 'docker compose build <target>' (the Docker Hub pull) with backoff. - Pass CARGO_NET_RETRY into the container and set it for runner-native jobs so cargo retries crate downloads; real test failures still fail fast (no step-level retry around the test run). No new third-party actions — a shell retry loop keeps the supply-chain surface unchanged. Closes #172.
Contributor
There was a problem hiding this comment.
Pull request overview
This PR hardens the Docker-based CI test matrix against transient network/registry failures (Docker Hub pulls and crates.io downloads) so that unrelated flakes don’t fail or prematurely cancel the overall matrix run.
Changes:
- Set
CARGO_NET_RETRY=10at the workflow level to make cargo downloads more resilient. - Disable matrix
fail-fastso one distro flake doesn’t cancel the other distro jobs. - Add a small shell retry loop with backoff around
docker compose build <target>to mitigate transient Docker Hub pull failures.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
pierre-warnier
added a commit
that referenced
this pull request
Jun 10, 2026
Address review feedback on #173: - Don't sleep after the final build attempt (no retry follows it). - Forward the workflow-wide CARGO_NET_RETRY into the container with a bare '-e CARGO_NET_RETRY' instead of re-hardcoding the value, keeping a single source of truth.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The
Test (debian/alpine/fedora)matrix fails intermittently on transient network errors unrelated to the code. On 2026-06-10mainCI for27daa7bfailed four times in a row — Docker Hub base-image pulli/o timeout(alpine, then fedora) and a crates.iocurl failed [55] Broken pipe. The runner-nativeTestjob (no Docker pull, cached) passed every time, isolating the cause to the matrix's network exposure.Changes (
.github/workflows/ci.ymlonly)fail-fast: falseon the matrix — one distro's flake no longer cancels the other two.docker compose build <target>(the Docker Hub pull) 3× with 30s backoff.CARGO_NET_RETRY=10— set workflow-wide for runner-native jobs and passed into the container (-e) so cargo retries crate downloads. A real test failure still fails fast (no retry wraps the test run).No new third-party actions; a plain shell retry loop keeps the supply-chain surface unchanged.
Validation
docker compose run --rm -e CARGO_NET_RETRY=10 <svc>propagates the var into the container.push-gated, so it does not execute on this PR — it runs on merge tomain. The retry/back-off logic is plain shell and reviewed inline.Closes #172.