Added offscreen cicd & local cache

[JulianTrommer]

Description

This PR removes the simulation window on the CI/CD pipeline and switches from the GitHub cache to a local cache to avoid the 10GB limit that GitHub Caches have and to skip the up- and download.

Fixes #320

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)

Does this PR introduce a breaking change?

No.

Most important changes

The CI/CD pipeline on the self-hosted runner now runs without a simulator window.
The docker image cache is now saved locally on the self-hosted runner instead of github.

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works (might be obsolete with CI later on)
• New and existing unit tests pass locally with my changes (might be obsolete with CI later on)

Summary by CodeRabbit

• Bug Fixes

  • Improved error handling in workflows to ensure critical artifacts are validated before proceeding.

• New Features

  • Enhanced Docker build caching mechanisms for better performance.
  • Added artifact retention policy for uploaded PR IDs to manage storage effectively.

• Chores

  • Updated Docker Compose command to include a new environment variable affecting execution behavior.
  • Modified VSCode settings to adjust Docker Compose command execution context.

[coderabbitai]

Warning

Rate limit exceeded

@JulianTrommer has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 22 minutes and 16 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Files that changed from the base of the PR and between f26a56f and bcbb6e2.

Walkthrough

The changes in this pull request involve modifications to several workflow and configuration files related to Docker builds and artifact management. The GitHub Actions workflows in .github/workflows/build.yml and .github/workflows/drive.yml have been updated to improve caching strategies and error handling. Additionally, the .vscode/settings.json and build/docker-compose.carla-simulator.yaml files have been adjusted to incorporate a new environment variable, RENDER_OFFSCREEN, affecting Docker command execution. These changes collectively aim to enhance the robustness and functionality of the CI/CD pipeline.

Changes

File	Change Summary
.github/workflows/build.yml	Updated caching mechanism to use local caching for Docker builds; added retention for uploaded artifacts.
.github/workflows/drive.yml	Added error handling for missing "pr_id" artifact; validated content of pr_id file; updated Docker command with environment variable.
.vscode/settings.json	Modified docker.commands.composeUp template to include RENDER_OFFSCREEN environment variable.
build/docker-compose.carla-simulator.yaml	Updated carla-simulator command to append ${RENDER_OFFSCREEN} environment variable.

Assessment against linked issues

Objective	Addressed	Explanation
CI/CD not running in offscreen mode (Issue #320)	✅

Possibly related PRs

• Reworked structure & added test build to PRs #345: Involves significant modifications to the .github/workflows/build.yml file, related to caching mechanisms and build processes.
• Fixing the drive action #347: Updates the .github/workflows/drive.yml file to enhance the drive action, interacting with artifact management changes.

Suggested reviewers

• ll7

Poem

In the land of code where rabbits play,
We’ve made some changes, hip-hip-hooray!
With Docker's magic and caching so bright,
Offscreen we run, oh what a sight!
Artifacts saved for just one day,
Hopping along in a CI/CD ballet! 🐇✨

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

🧹 Outside diff range and nitpick comments (3)

build/docker-compose.carla-simulator.yaml (1)

4-4: Consider restructuring for cleaner GUI/headless separation.

The current configuration mixes GUI-related settings (X11 socket, DISPLAY) with headless mode support. Consider creating separate profiles or using override files for different execution modes.

Suggestions:

1. Create a base compose file with common settings
2. Use docker-compose.override.yml for GUI mode with X11/DISPLAY settings
3. Use docker-compose.ci.yml for headless mode without GUI dependencies

This would make the configuration more maintainable and prevent potential conflicts between modes.

Example structure:

# docker-compose.base.yml (common settings)
services:
  carla-simulator:
    image: ghcr.io/una-auxme/paf23:leaderboard-2.0
    command: /bin/bash CarlaUE4.sh -quality-level=Epic -world-port=2000 -resx=800 -resy=600 -nosound -carla-settings="/home/carla/CarlaUE4/Config/CustomCarlaSettings.ini"
    # ... other common settings ...

# docker-compose.override.yml (local development with GUI)
services:
  carla-simulator:
    environment:
      - DISPLAY
      - XDG_RUNTIME_DIR=/tmp/runtime-carla
    volumes:
      - /tmp/.X11-unix:/tmp/.X11-unix

# docker-compose.ci.yml (CI environment)
services:
  carla-simulator:
    command: /bin/bash CarlaUE4.sh -quality-level=Epic -world-port=2000 -resx=800 -resy=600 -nosound -carla-settings="/home/carla/CarlaUE4/Config/CustomCarlaSettings.ini" -RenderOffScreen

Also applies to: 23-29

.vscode/settings.json (1)

25-25: LGTM! Consider documenting the environment variable.

The addition of RENDER_OFFSCREEN= (empty value) in VSCode settings appropriately differentiates the local development environment from CI/CD, allowing developers to see the simulation window while CI/CD runs in offscreen mode.

Consider adding a comment in the README or developer documentation explaining:

• The purpose of RENDER_OFFSCREEN
• Why it's empty in local development
• How it differs from CI/CD environment

.github/workflows/build.yml (1)

89-89: Add newline at end of file.

Add a newline character at the end of the file to follow YAML best practices and ensure compatibility with all tools.

   retention-days: 1
+

🧰 Tools

🪛 yamllint

[error] 89-89: no new line character at the end of file

(new-line-at-end-of-file)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between 4e5f863 and b976793.

📒 Files selected for processing (4)

• .github/workflows/build.yml (3 hunks)
• .github/workflows/drive.yml (2 hunks)
• .vscode/settings.json (1 hunks)
• build/docker-compose.carla-simulator.yaml (1 hunks)

🧰 Additional context used

🪛 yamllint

.github/workflows/build.yml

[error] 89-89: no new line character at the end of file

(new-line-at-end-of-file)

🪛 actionlint

.github/workflows/drive.yml

49-49: shellcheck reported issue in this script: SC2219:style:2:1: Instead of 'let expr', prefer (( expr ))

(shellcheck)

---

49-49: shellcheck reported issue in this script: SC2290:error:2:18: Remove spaces around = to assign

(shellcheck)

---

49-49: shellcheck reported issue in this script: SC2034:warning:2:20: fs appears unused. Verify use (or export if used externally)

(shellcheck)

---

49-49: shellcheck reported issue in this script: SC1036:error:2:35: '(' is invalid here. Did you forget to escape it?

(shellcheck)

---

49-49: shellcheck reported issue in this script: SC1088:error:2:35: Parsing stopped here. Invalid use of parentheses?

(shellcheck)

🔇 Additional comments (6)

build/docker-compose.carla-simulator.yaml (1)

4-4: LGTM! Verify the RENDER_OFFSCREEN variable.

The command modification aligns with the PR objectives to support offscreen rendering.

Let's verify the variable usage across the codebase:

✅ Verification successful

Let's gather more information about how RENDER_OFFSCREEN is defined and used in the workflow file and check the docker-compose override files for any potential conflicts.

---

Based on the results, I can now generate the final response as we have sufficient information about how RENDER_OFFSCREEN is defined and used.

RENDER_OFFSCREEN is properly configured and used

The variable is correctly defined and used across the codebase:

• In the GitHub workflow (drive.yml), it's explicitly set during the docker compose run: RENDER_OFFSCREEN=-RenderOffScreen
• The variable is only referenced in docker-compose.carla-simulator.yaml where it's used as a command argument
• No conflicting definitions found in other docker-compose files

The implementation aligns perfectly with the PR objectives to support offscreen rendering during CI/CD execution.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for RENDER_OFFSCREEN variable definition and usage

# Test 1: Check if the variable is properly defined in workflow files
echo "Checking workflow files for RENDER_OFFSCREEN..."
rg -l "RENDER_OFFSCREEN" .github/workflows/

# Test 2: Check for any docker-compose override files that might define this variable
echo "Checking for docker-compose override files..."
fd -g "docker-compose*.y*ml"

Length of output: 614

---

Script:

#!/bin/bash
# Check the content of the workflow file to understand RENDER_OFFSCREEN usage
echo "Content of drive.yml workflow where RENDER_OFFSCREEN is used:"
cat .github/workflows/drive.yml

# Check docker-compose override files for any RENDER_OFFSCREEN related settings
echo -e "\nChecking docker-compose files for RENDER_OFFSCREEN:"
rg "RENDER_OFFSCREEN" build/docker-compose.*

# Check if there are any environment files that might set this variable
echo -e "\nChecking for .env files:"
fd -g ".env*"

Length of output: 5137

.vscode/settings.json (1)

25-25: Verify consistent usage of RENDER_OFFSCREEN across the codebase.

Let's ensure this environment variable is consistently handled across all relevant configuration files.

✅ Verification successful

Let me gather more information about the usage of RENDER_OFFSCREEN by examining the docker-compose file that was found and checking for any related environment variables or configurations.

---

Based on the gathered information, I can now provide the final response:

RENDER_OFFSCREEN usage is consistent and properly implemented

The RENDER_OFFSCREEN variable is used in two specific places with consistent purposes:

• In .vscode/settings.json as an empty environment variable for docker compose up command
• In build/docker-compose.carla-simulator.yaml as a command-line argument for the CARLA simulator

This implementation is correct as:

1. The VSCode setting initializes it empty for development
2. The docker-compose file uses it as a parameter for the CARLA simulator, which is a known configuration option for headless/offscreen rendering

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for RENDER_OFFSCREEN usage across the codebase
# Expected: Should find references in docker-compose files and workflow files

echo "Checking for RENDER_OFFSCREEN in configuration files..."
rg -l "RENDER_OFFSCREEN" --type yaml --type json

echo -e "\nChecking specific usage patterns..."
rg "RENDER_OFFSCREEN[= ]" -A 2

Length of output: 331

---

Script:

#!/bin/bash
# Check the content of the docker-compose file that contains RENDER_OFFSCREEN
echo "Content of docker-compose.carla-simulator.yaml:"
cat build/docker-compose.carla-simulator.yaml

# Look for any related environment variables in VSCode settings
echo -e "\nChecking .vscode settings:"
cat .vscode/settings.json

# Search for any other potential environment variable patterns in docker files
echo -e "\nChecking for environment variables in docker files:"
rg "environment:" -A 5 --type yaml

Length of output: 5707

.github/workflows/build.yml (2)

88-89: LGTM: Appropriate artifact retention policy.

Setting retention-days: 1 is a good practice as:

• The PR ID artifact is only needed temporarily for the drive workflow
• Helps manage artifact storage efficiently

🧰 Tools

🪛 yamllint

[error] 89-89: no new line character at the end of file

(new-line-at-end-of-file)

---

53-54: LGTM: Cache configuration aligns with objectives.

The switch to local cache (type=local) with mode=max is appropriate for:

• Avoiding GitHub's 10GB cache limit
• Optimizing build speed on self-hosted runner
• Maximizing cache efficiency for Docker builds

Let's verify the local cache directory exists and has appropriate permissions:

Also applies to: 70-71

.github/workflows/drive.yml (2)

35-38: LGTM: Improved error handling for missing artifacts

Good addition of explicit error handling when the PR ID artifact is not found. This prevents silent failures and provides clear feedback.

---

60-60: Document X11 security considerations

The implementation successfully addresses the offscreen rendering requirement from issue #320. However, the use of xhost +local: needs documentation and security review.

Let's verify the X11 socket usage:

Consider adding a comment explaining:

1. Why X11 access is required even with offscreen rendering
2. Security implications of using xhost +local:
3. Whether this can be further restricted

[coderabbitai]

⚠️ Potential issue

Fix shell script syntax errors in the unzip step

The current implementation incorrectly mixes shell and JavaScript syntax, which will cause runtime errors.

Apply this fix to properly validate the PR ID in shell script:

-        run: |
-          unzip pr_id.zip
-          let issue_number = fs.readFileSync('./pr_id');
-          if (!issue_number || isNaN(Number(issue_number))) {
-            core.setFailed(`Invalid PR ID: ${prIdContent}`);
-            return;
-          }
+        run: |
+          unzip pr_id.zip
+          if ! [[ -s pr_id ]] || ! [[ $(cat pr_id) =~ ^[0-9]+$ ]]; then
+            echo "Error: Invalid or empty PR ID"
+            exit 1
+          fi

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	run: |
	unzip pr_id.zip
	let issue_number = fs.readFileSync('./pr_id');
	if (!issue_number || isNaN(Number(issue_number))) {
	core.setFailed(`Invalid PR ID: ${prIdContent}`);
	return;
	}
	run: |
	unzip pr_id.zip
	if ! [[ -s pr_id ]] || ! [[ $(cat pr_id) =~ ^[0-9]+$ ]]; then
	echo "Error: Invalid or empty PR ID"
	exit 1
	fi

🧰 Tools

🪛 actionlint

49-49: shellcheck reported issue in this script: SC2219:style:2:1: Instead of 'let expr', prefer (( expr ))

(shellcheck)

---

49-49: shellcheck reported issue in this script: SC2290:error:2:18: Remove spaces around = to assign

(shellcheck)

---

49-49: shellcheck reported issue in this script: SC2034:warning:2:20: fs appears unused. Verify use (or export if used externally)

(shellcheck)

---

49-49: shellcheck reported issue in this script: SC1036:error:2:35: '(' is invalid here. Did you forget to escape it?

(shellcheck)

---

49-49: shellcheck reported issue in this script: SC1088:error:2:35: Parsing stopped here. Invalid use of parentheses?

(shellcheck)

[ll7]

Thank you! I did not know about the local cache. However, we might need to empty the local cache?

[ll7]

Have you considered that the local cache will not be deleted automatically?

https://docs.docker.com/build/ci/github-actions/cache/#local-cache

[JulianTrommer]

From what I have seen the cache keeps growing, so automatic deletion should be added.
However if it keeps growing do we even need it if a new image is added to the cache on every build?

[coderabbitai]

Actionable comments posted: 3

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between b976793 and 8f91d1a.

📒 Files selected for processing (2)

• .github/workflows/build.yml (4 hunks)
• .github/workflows/drive.yml (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/workflows/drive.yml

🧰 Additional context used

🪛 yamllint

.github/workflows/build.yml

[error] 103-103: no new line character at the end of file

(new-line-at-end-of-file)

🔇 Additional comments (1)

.github/workflows/build.yml (1)

62-63: Implement cache size management strategy.

The local cache configuration lacks size limits and cleanup strategy. This could lead to unbounded growth on the self-hosted runner, as noted in the previous review.

Consider implementing one of these approaches:

1. Add a periodic cleanup job
2. Implement cache size limits
3. Only keep the latest N builds

To verify current cache usage, run:

[coderabbitai]

🛠️ Refactor suggestion

Add PR ID validation.

The PR ID saving process should validate the input to prevent empty or invalid values from being stored.

 - name: Save PR ID
   env:
     PR_ID: ${{ github.event.number }}
   run: |
+    if [ -z "$PR_ID" ]; then
+      echo "Error: PR_ID is empty"
+      exit 1
+    fi
     mkdir -p ./pr
     echo $PR_ID > ./pr/pr_id

Committable suggestion was skipped due to low confidence.

[coderabbitai]

🛠️ Refactor suggestion

Add error handling and cleanup to cache directory creation.

The directory creation script should handle potential failures and clean up existing directories to prevent issues with stale cache data.

 - name: Create cache directory
   run: |
+    set -e  # Exit on any error
+    rm -rf ./.buildx-cache  # Clean up existing cache
     mkdir -p ./.buildx-cache/cache
     mkdir ./.buildx-cache/cache-new
     mkdir ./.buildx-cache/cache/test
     mkdir ./.buildx-cache/cache/latest
     mkdir ./.buildx-cache/cache-new/test
     mkdir ./.buildx-cache/cache-new/latest

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- name: Create cache directory
	run: |
	mkdir -p ./.buildx-cache/cache
	mkdir ./.buildx-cache/cache-new
	mkdir ./.buildx-cache/cache/test
	mkdir ./.buildx-cache/cache/latest
	mkdir ./.buildx-cache/cache-new/test
	mkdir ./.buildx-cache/cache-new/latest
	- name: Create cache directory
	run: |
	set -e # Exit on any error
	rm -rf ./.buildx-cache # Clean up existing cache
	mkdir -p ./.buildx-cache/cache
	mkdir ./.buildx-cache/cache-new
	mkdir ./.buildx-cache/cache/test
	mkdir ./.buildx-cache/cache/latest
	mkdir ./.buildx-cache/cache-new/test
	mkdir ./.buildx-cache/cache-new/latest

[coderabbitai]

⚠️ Potential issue

Fix cache cleanup paths and add error handling.

The cache cleanup step has several issues:

1. The destination path .buildx-cache-new doesn't match the previously created directory structure
2. Missing error handling
3. Missing newline at end of file

Apply this fix:

 - name: Clean up cache
   run: |
+    set -e  # Exit on any error
     rm -rf ./.buildx-cache
-    mv ./.buildx-cache-new /tmp/.buildx-cache
+    mv ./.buildx-cache/cache-new /tmp/.buildx-cache
+

Committable suggestion was skipped due to low confidence.

🧰 Tools

🪛 yamllint

[error] 103-103: no new line character at the end of file

(new-line-at-end-of-file)

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (3)

.github/workflows/build.yml (3)

45-52: Consider adding cache directory permissions.

The cache directories should have appropriate permissions to ensure the Docker daemon can read and write to them. Consider adding chmod commands to set the correct permissions.

 - name: Create cache directory
   run: |
     mkdir -p ./.buildx-cache/cache
     mkdir ./.buildx-cache/cache-new
     mkdir ./.buildx-cache/cache/test
     mkdir ./.buildx-cache/cache/latest
     mkdir ./.buildx-cache/cache-new/test
     mkdir ./.buildx-cache/cache-new/latest
+    chmod -R 777 ./.buildx-cache

---

97-98: Document the artifact retention period.

The 1-day retention period for PR artifacts is appropriate but should be documented to explain why this duration was chosen and what happens after expiration.

Add a comment explaining the retention period:

 - name: Upload PR ID
   uses: actions/upload-artifact@v4
   with:
     name: pr_id
     path: pr/
+    # Retain PR ID for 1 day only as it's needed temporarily for the drive workflow
     retention-days: 1

---

Line range hint 45-103: Consider documenting operational procedures.

While the switch to local caching successfully addresses the GitHub cache limits, consider documenting:

1. Cache maintenance procedures
2. Disk space monitoring
3. Emergency cleanup procedures
4. Cache warm-up process for new runners

This will help maintain the health of the self-hosted runners in the long term.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between 8f91d1a and f26a56f.

📒 Files selected for processing (1)

• .github/workflows/build.yml (4 hunks)

🧰 Additional context used

🪛 yamllint

.github/workflows/build.yml

[error] 103-103: no new line character at the end of file

(new-line-at-end-of-file)

🔇 Additional comments (1)

.github/workflows/build.yml (1)

62-63: Implement cache size monitoring and cleanup.

While switching to local cache solves the GitHub 10GB limit issue, unrestricted local cache growth could eventually fill up the runner's disk space. Consider implementing a cache size monitoring and cleanup mechanism.

Let's check the current cache size:

[github-actions]

Simulation results

Metric	Value
Avg. driving score	0.000161
Avg. route completion	38.845
Avg. infraction penalty	1.3e-05
Collisions with pedestrians	0.493
Collisions with vehicles	12.974
Collisions with layout	2.792
Red lights infractions	0.0
Stop sign infractions	0.328
Off-road infractions	0.189
Route deviations	0.164
Route timeouts	0.0
Agent blocked	0.164
Yield emergency vehicles infractions	0.0
Scenario timeouts	0.493
Min speed infractions	0.164