Merge pull request #3906 from Agenta-AI/fix/railway-preview-build-cache

fix(ci): speed up Railway preview image builds with shared cache

Author: mmabrouk

.github/workflows/06-railway-preview-build.yml

@@ -27,24 +27,78 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  build-and-push:
+  prepare:
     if: github.event_name == 'workflow_dispatch' || !github.event.pull_request.draft
     runs-on: ubuntu-latest
     outputs:
-      image_tag: ${{ steps.tag.outputs.image_tag }}
-      pr_number: ${{ steps.tag.outputs.pr_number }}
+      image_tag: ${{ steps.meta.outputs.image_tag }}
+      pr_number: ${{ steps.meta.outputs.pr_number }}
+      cache_scope: ${{ steps.meta.outputs.cache_scope }}
     steps:
       - uses: actions/checkout@v4
 
-      - name: Determine image tag
-        id: tag
+      - name: Determine build metadata
+        id: meta
         run: |
           PR="${{ github.event.pull_request.number || inputs.pr_number }}"
           SHA="$(git rev-parse --short HEAD)"
-          TAG="pr-${PR}-${SHA}"
+
+          if [ -n "$PR" ]; then
+            TAG="pr-${PR}-${SHA}"
+          else
+            TAG="manual-${SHA}"
+          fi
+
+          if [ -n "$PR" ]; then
+            CACHE_SCOPE="pr-${PR}"
+          else
+            REF="$(printf "%s" "${GITHUB_REF_NAME}" | tr '[:upper:]' '[:lower:]' | tr -cs 'a-z0-9._-' '-')"
+            REF="${REF#-}"
+            REF="${REF%-}"
+            CACHE_SCOPE="${REF:-manual}"
+          fi
+
+          CACHE_SCOPE="${CACHE_SCOPE:0:80}"
+
           echo "image_tag=${TAG}" >> "$GITHUB_OUTPUT"
           echo "pr_number=${PR}" >> "$GITHUB_OUTPUT"
+          echo "cache_scope=${CACHE_SCOPE}" >> "$GITHUB_OUTPUT"
           echo "Image tag: ${TAG}"
+          echo "Cache scope: ${CACHE_SCOPE}"
+
+      - name: Summary
+        run: |
+          TAG="${{ steps.meta.outputs.image_tag }}"
+          echo "### Railway Preview Images" >> "$GITHUB_STEP_SUMMARY"
+          echo "" >> "$GITHUB_STEP_SUMMARY"
+          echo "| Image | Tag |" >> "$GITHUB_STEP_SUMMARY"
+          echo "|-------|-----|" >> "$GITHUB_STEP_SUMMARY"
+          echo "| agenta-api | \`${TAG}\` |" >> "$GITHUB_STEP_SUMMARY"
+          echo "| agenta-web | \`${TAG}\` |" >> "$GITHUB_STEP_SUMMARY"
+          echo "| agenta-services | \`${TAG}\` |" >> "$GITHUB_STEP_SUMMARY"
+          echo "" >> "$GITHUB_STEP_SUMMARY"
+          echo "- Cache scope: \`${{ steps.meta.outputs.cache_scope }}\`" >> "$GITHUB_STEP_SUMMARY"
+          echo "- Shared cache: \`buildcache-shared\`" >> "$GITHUB_STEP_SUMMARY"
+
+  build-and-push:
+    needs: prepare
+    if: needs.prepare.outputs.image_tag != ''
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - image_name: agenta-api
+            context: api
+            dockerfile: api/oss/docker/Dockerfile.gh
+          - image_name: agenta-web
+            context: web
+            dockerfile: web/oss/docker/Dockerfile.gh
+          - image_name: agenta-services
+            context: services
+            dockerfile: services/oss/docker/Dockerfile.gh
+    steps:
+      - uses: actions/checkout@v4
 
       - name: Log in to GHCR
         uses: docker/login-action@v3
@@ -56,52 +110,29 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
-      - name: Build and push API image
-        uses: docker/build-push-action@v6
-        with:
-          context: api
-          file: api/oss/docker/Dockerfile.gh
-          push: true
-          tags: ghcr.io/agenta-ai/agenta-api:${{ steps.tag.outputs.image_tag }}
-          cache-from: type=gha,scope=api
-          cache-to: type=gha,mode=max,scope=api
-
-      - name: Build and push Web image
-        uses: docker/build-push-action@v6
-        with:
-          context: web
-          file: web/oss/docker/Dockerfile.gh
-          push: true
-          tags: ghcr.io/agenta-ai/agenta-web:${{ steps.tag.outputs.image_tag }}
-          cache-from: type=gha,scope=web
-          cache-to: type=gha,mode=max,scope=web
-
-      - name: Build and push Services image
+      - name: Build and push image
         uses: docker/build-push-action@v6
         with:
-          context: services
-          file: services/oss/docker/Dockerfile.gh
+          context: ${{ matrix.context }}
+          file: ${{ matrix.dockerfile }}
           push: true
-          tags: ghcr.io/agenta-ai/agenta-services:${{ steps.tag.outputs.image_tag }}
-          cache-from: type=gha,scope=services
-          cache-to: type=gha,mode=max,scope=services
+          tags: ghcr.io/agenta-ai/${{ matrix.image_name }}:${{ needs.prepare.outputs.image_tag }}
+          cache-from: |
+            type=registry,ref=ghcr.io/agenta-ai/${{ matrix.image_name }}:buildcache-shared
+            type=registry,ref=ghcr.io/agenta-ai/${{ matrix.image_name }}:buildcache-${{ needs.prepare.outputs.cache_scope }}
+          cache-to: |
+            type=registry,ref=ghcr.io/agenta-ai/${{ matrix.image_name }}:buildcache-shared,mode=max
+            type=registry,ref=ghcr.io/agenta-ai/${{ matrix.image_name }}:buildcache-${{ needs.prepare.outputs.cache_scope }},mode=max
 
       - name: Summary
         run: |
-          TAG="${{ steps.tag.outputs.image_tag }}"
-          echo "### Railway Preview Images" >> "$GITHUB_STEP_SUMMARY"
-          echo "" >> "$GITHUB_STEP_SUMMARY"
-          echo "| Image | Tag |" >> "$GITHUB_STEP_SUMMARY"
-          echo "|-------|-----|" >> "$GITHUB_STEP_SUMMARY"
-          echo "| agenta-api | \`${TAG}\` |" >> "$GITHUB_STEP_SUMMARY"
-          echo "| agenta-web | \`${TAG}\` |" >> "$GITHUB_STEP_SUMMARY"
-          echo "| agenta-services | \`${TAG}\` |" >> "$GITHUB_STEP_SUMMARY"
+          echo "- Built \`${{ matrix.image_name }}:${{ needs.prepare.outputs.image_tag }}\`" >> "$GITHUB_STEP_SUMMARY"
 
   deploy:
-    needs: build-and-push
-    if: needs.build-and-push.outputs.pr_number != ''
+    needs: [prepare, build-and-push]
+    if: needs.prepare.outputs.pr_number != '' && needs.build-and-push.result == 'success'
     uses: ./.github/workflows/07-railway-preview-deploy.yml
     with:
-      image_tag: ${{ needs.build-and-push.outputs.image_tag }}
-      pr_number: ${{ needs.build-and-push.outputs.pr_number }}
+      image_tag: ${{ needs.prepare.outputs.image_tag }}
+      pr_number: ${{ needs.prepare.outputs.pr_number }}
     secrets: inherit

.github/workflows/07-railway-preview-deploy.yml

@@ -55,25 +55,115 @@ jobs:
         env:
           PR_NUMBER: ${{ inputs.pr_number }}
           IMAGE_TAG: ${{ inputs.image_tag }}
+          RAILWAY_POST_BOOTSTRAP_SLEEP: "2"
+          RAILWAY_INFRA_SETTLE_SECONDS: "20"
+          RAILWAY_APP_SETTLE_SECONDS: "0"
+          RAILWAY_ALEMBIC_MAX_ATTEMPTS: "5"
+          RAILWAY_RETRY_MAX: "7"
+          RAILWAY_RETRY_DELAY: "5"
           SMOKE_AUTO_REPAIR: "false"
           SMOKE_MAX_RETRIES: "20"
-          SMOKE_SLEEP_SECONDS: "10"
+          SMOKE_SLEEP_SECONDS: "5"
+          SMOKE_MAX_WAIT_SECONDS: "300"
+          SMOKE_DOMAIN_MAX_WAIT_SECONDS: "180"
         run: |
           chmod +x hosting/railway/oss/scripts/*.sh
-          output="$(hosting/railway/oss/scripts/preview-create-or-update.sh 2>&1)" || {
-            echo "$output"
-            echo "deploy_failed=true" >> "$GITHUB_OUTPUT"
-            exit 1
+          # shellcheck source=/dev/null
+          source hosting/railway/oss/scripts/lib.sh
+
+          log_file="$(mktemp)"
+          cleanup() {
+            rm -f "$log_file"
           }
-          echo "$output"
+          trap cleanup EXIT
+
+          set +e
+          hosting/railway/oss/scripts/preview-create-or-update.sh 2>&1 | tee "$log_file"
+          deploy_status=${PIPESTATUS[0]}
+          set -e
+
+          deploy_failed=false
+          if [ "$deploy_status" -ne 0 ]; then
+            deploy_failed=true
+          fi
 
           # Extract preview URL from output
-          url="$(echo "$output" | grep -oP 'Preview URL: \K.*' || true)"
-          echo "preview_url=${url}" >> "$GITHUB_OUTPUT"
+          url="$(grep -oP 'Preview URL: \K.*' "$log_file" || true)"
+          url="${url%%$'\n'*}"
+          url="${url//$'\r'/}"
 
           # Extract project name from output
-          project="$(echo "$output" | grep -oP "Preview deploy completed for '\K[^']*" || true)"
+          project="$(grep -oP "Preview deploy completed for '\K[^']*" "$log_file" || true)"
+          if [ -z "$project" ]; then
+            project="$(grep -oP "Bootstrap completed for project '\K[^']*" "$log_file" || true)"
+          fi
+          project="${project%%$'\n'*}"
+          project="${project//$'\r'/}"
+
+          environment_name="$(grep -oP "Preview deploy completed for '[^']+' \(\K[^)]*" "$log_file" || true)"
+          if [ -z "$environment_name" ]; then
+            environment_name="$(grep -oP "Bootstrap completed for project '[^']*' environment '\K[^']*" "$log_file" || true)"
+          fi
+          environment_name="${environment_name%%$'\n'*}"
+          environment_name="${environment_name//$'\r'/}"
+          if [ -z "$environment_name" ]; then
+            environment_name="production"
+          fi
+
+          railway_logs_url="$(grep -oP 'Build Logs:\s*\Khttps://railway\.com\S+' "$log_file" | head -n 1 || true)"
+          railway_logs_url="${railway_logs_url%%$'\n'*}"
+          railway_logs_url="${railway_logs_url%%&}"
+
+          if [ -n "$project" ]; then
+            set +e
+            railway_call link --project "$project" --environment "$environment_name" --json >/dev/null 2>&1
+            status_json="$(railway_call status --json 2>/dev/null)"
+
+            if [ -z "$url" ]; then
+              domain="$(railway_call variable list -k --service gateway --environment "$environment_name" 2>/dev/null | grep '^RAILWAY_PUBLIC_DOMAIN=' | cut -d= -f2- || true)"
+              if [ -n "$domain" ]; then
+                url="https://${domain}/w"
+              fi
+            fi
+
+            project_id="$(printf "%s" "$status_json" | jq -r '.project.id // .projectId // empty' 2>/dev/null || true)"
+            environment_id="$(printf "%s" "$status_json" | jq -r '.environment.id // .environmentId // empty' 2>/dev/null || true)"
+
+            if [ -z "$project_id" ] || [ -z "$environment_id" ]; then
+              projects_json="$(railway_call list --json 2>/dev/null)"
+              project_id="$(printf "%s" "$projects_json" | jq -r --arg name "$project" '.[] | select(.name == $name) | .id' 2>/dev/null | head -n 1)"
+
+              environment_json="$(railway_call environment "$environment_name" --json 2>/dev/null)"
+              environment_id="$(printf "%s" "$environment_json" | jq -r '.id // .environment.id // .environmentId // empty' 2>/dev/null | head -n 1)"
+            fi
+            set -e
+
+            if [ "$project_id" = "null" ]; then
+              project_id=""
+            fi
+            if [ "$environment_id" = "null" ]; then
+              environment_id=""
+            fi
+
+            if [ -n "$project_id" ] && [ -n "$environment_id" ]; then
+              railway_logs_url="https://railway.com/project/${project_id}/logs?environmentId=${environment_id}"
+            elif [ -n "$project_id" ]; then
+              railway_logs_url="https://railway.com/project/${project_id}/logs"
+            fi
+          fi
+
+          echo "preview_url=${url}" >> "$GITHUB_OUTPUT"
           echo "project_name=${project}" >> "$GITHUB_OUTPUT"
+          echo "environment_name=${environment_name}" >> "$GITHUB_OUTPUT"
+          echo "railway_logs_url=${railway_logs_url}" >> "$GITHUB_OUTPUT"
+
+          trap - EXIT
+          cleanup
+
+          if [ "$deploy_failed" = "true" ]; then
+            echo "deploy_failed=true" >> "$GITHUB_OUTPUT"
+            exit 1
+          fi
 
       - name: Post preview URL as PR comment
         if: inputs.pr_number != '' && steps.deploy.outputs.preview_url != ''
@@ -85,6 +175,8 @@ jobs:
             const projectName = '${{ steps.deploy.outputs.project_name }}';
             const imageTag = '${{ inputs.image_tag }}';
             const marker = '<!-- railway-preview-bot -->';
+            const runUrl = `${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}`;
+            const railwayLogsUrl = '${{ steps.deploy.outputs.railway_logs_url }}';
 
             const body = [
               marker,
@@ -96,9 +188,11 @@ jobs:
               `| **Project** | \`${projectName}\` |`,
               `| **Image tag** | \`${imageTag}\` |`,
               `| **Status** | Deployed |`,
+              railwayLogsUrl ? `| **Railway logs** | [Open logs](${railwayLogsUrl}) |` : null,
+              `| **Workflow logs** | [View workflow run](${runUrl}) |`,
               '',
               `_Updated at ${new Date().toISOString()}_`,
-            ].join('\n');
+            ].filter(Boolean).join('\n');
 
             // Find existing comment from this bot
             const { data: comments } = await github.rest.issues.listComments({
@@ -134,19 +228,23 @@ jobs:
             const imageTag = '${{ inputs.image_tag }}';
             const marker = '<!-- railway-preview-bot -->';
             const runUrl = `${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${context.runId}`;
+            const previewUrl = '${{ steps.deploy.outputs.preview_url }}';
+            const railwayLogsUrl = '${{ steps.deploy.outputs.railway_logs_url }}';
 
             const body = [
               marker,
               '### Railway Preview Environment',
               '',
               `| | |`,
               `|---|---|`,
+              previewUrl ? `| **Preview URL** | ${previewUrl} |` : null,
               `| **Image tag** | \`${imageTag}\` |`,
               `| **Status** | Failed |`,
+              railwayLogsUrl ? `| **Railway logs** | [Open logs](${railwayLogsUrl}) |` : null,
               `| **Logs** | [View workflow run](${runUrl}) |`,
               '',
               `_Updated at ${new Date().toISOString()}_`,
-            ].join('\n');
+            ].filter(Boolean).join('\n');
 
             const { data: comments } = await github.rest.issues.listComments({
               owner: context.repo.owner,
@@ -182,4 +280,8 @@ jobs:
           if [ -n "${{ steps.deploy.outputs.preview_url }}" ]; then
             echo "- **Preview URL:** ${{ steps.deploy.outputs.preview_url }}" >> "$GITHUB_STEP_SUMMARY"
           fi
+          if [ -n "${{ steps.deploy.outputs.railway_logs_url }}" ]; then
+            echo "- **Railway logs:** ${{ steps.deploy.outputs.railway_logs_url }}" >> "$GITHUB_STEP_SUMMARY"
+          fi
+          echo "- **Workflow logs:** ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" >> "$GITHUB_STEP_SUMMARY"
           echo "- **Project:** \`${{ steps.deploy.outputs.project_name }}\`" >> "$GITHUB_STEP_SUMMARY"

hosting/railway/oss/README.md

@@ -197,15 +197,21 @@ The API image defaults to docker-compose hostnames for Redis (`redis-durable:638
 
 ### Build times on first deploy
 
-First deploys on Railway take longer because Docker layer caches are cold. The app settle window (`RAILWAY_APP_SETTLE_SECONDS`, default 60) may not be enough on very slow builds. If smoke fails because services are still DEPLOYING, wait and re-run smoke manually.
+First deploys on Railway take longer because Docker layer caches are cold. Deploy now relies mostly on readiness polling in smoke checks instead of fixed sleeps, so slower starts are less likely to fail prematurely.
+
+For GitHub preview builds, CI now uses shared BuildKit registry cache tags (`buildcache-shared`) plus PR-scoped tags (`buildcache-pr-<number>`). It also builds API, web, and services images in parallel matrix jobs. This keeps repeated PR builds fast and also improves first builds on new PRs by reusing layers from previous runs. Manual workflow dispatches without a PR number use `manual-<sha>` image tags and skip deploy.
 
 ### Smoke check options
 
 The smoke script supports these environment variables:
 
-- `SMOKE_MAX_RETRIES` (default `30`) - retries per endpoint
-- `SMOKE_SLEEP_SECONDS` (default `10`) - sleep between retries
-- `SMOKE_AUTO_REPAIR` (default `true`) - redeploy failing services automatically
+- `SMOKE_MAX_RETRIES` (default `10`) - legacy retry count used to derive timeout when `SMOKE_MAX_WAIT_SECONDS` is not set
+- `SMOKE_SLEEP_SECONDS` (default `5`) - poll interval between readiness checks
+- `SMOKE_MAX_WAIT_SECONDS` (default `SMOKE_MAX_RETRIES * SMOKE_SLEEP_SECONDS`) - max wait time per endpoint before failing
+- `SMOKE_DOMAIN_MAX_WAIT_SECONDS` (default `SMOKE_MAX_WAIT_SECONDS`) - max wait time for gateway domain resolution
+- `SMOKE_CURL_CONNECT_TIMEOUT` (default `5`) - per-request TCP/TLS connect timeout in seconds
+- `SMOKE_CURL_MAX_TIME` (default `10`) - max duration per health request in seconds
+- `SMOKE_AUTO_REPAIR` (default `false`) - redeploy failing services automatically
 
 For CI, consider `SMOKE_AUTO_REPAIR=false` to get clean pass/fail signals without side effects.
 
@@ -252,7 +258,8 @@ the deploy flow grows or back-to-back deploys hit the 1,000 RPH Hobby ceiling.
 
 ## Notes
 
-- This fast-start flow keeps auth minimal (`AGENTA_LICENSE=oss`) and does not wire CI yet.
+- This fast-start flow keeps auth minimal (`AGENTA_LICENSE=oss`).
+- CI is wired for Railway preview environments via `.github/workflows/06-railway-preview-build.yml`, `.github/workflows/07-railway-preview-deploy.yml`, and `.github/workflows/08-railway-preview-cleanup.yml`.
 - Postgres and Redis are provisioned as image-backed services with explicit volume mounts.
 - Redis now gets a `/data` volume during bootstrap for persistence.
 - `configure.sh` sets `RAILWAY_RUN_UID=0` and `RAILWAY_RUN_GID=0` on the Redis