Publishing benchmarks #7019
Publishing benchmarks #7019
Conversation
|
Warning Rate limit exceeded@ausias-armesto has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 9 minutes and 20 seconds before requesting another review. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. 📒 Files selected for processing (2)
📝 WalkthroughWalkthroughThis set of changes introduces a comprehensive overhaul of the project's benchmarking infrastructure. The GitHub Actions workflow for benchmarks is renamed and enhanced with Nix and Cachix setup steps. Benchmark execution is refactored to use environment variables and Nix shell invocation, with updated threshold parameters. The Nix flake and package definitions are extended to support a benchmarking build variant. Several benchmarking Rust source files are updated to standardize benchmark IDs and naming conventions, primarily replacing spaces with underscores. Additional dependencies and tools, such as Changes
Sequence Diagram(s)sequenceDiagram
participant GitHub Actions
participant Nix Installer
participant Cachix Auth
participant Nix Shell
participant Bencher
GitHub Actions->>Nix Installer: Install Nix via cachix/install-nix-action
GitHub Actions->>Cachix Auth: Authenticate with Cachix via cachix/cachix-action
GitHub Actions->>Nix Shell: Enter shell with nix develop
Nix Shell->>Bencher: Run bencher with environment variables
Bencher->>Bencher: Execute benchmarks and report results
Possibly related PRs
Suggested labels
Suggested reviewers
✨ Finishing Touches
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
Documentation and Community
|
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (1)
flake.nix (1)
532-554: Consider finalizing the commented-out benchmark appThe commented-out
run-benchapplication contains environment setup that would be valuable for running benchmarks directly. Consider finalizing this implementation to provide a convenient way to execute benchmarks.You could also add documentation about how to run benchmarks using the new
hoprd-benchpackage until this app is finalized.
📜 Review details
Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (5)
.github/workflows/bencher.yaml(3 hunks)flake.nix(4 hunks)nix/cargo-bench.nix(1 hunks)nix/rust-package.nix(2 hunks)nix/shell.nix(1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms (3)
- GitHub Check: hoprd / docker
- GitHub Check: hopli / docker
- GitHub Check: Docs / Rust docs
🔇 Additional comments (13)
nix/shell.nix (1)
33-33: LGTM: Added gnuplot package to support data visualizationThe addition of gnuplot to the development shell is a good choice to support visualization of benchmark results. This aligns well with the PR objective of publishing benchmarks.
nix/rust-package.nix (3)
23-23: Good addition to support benchmarkingAdding the optional
runBenchparameter follows the existing pattern for other build modes such asrunTestsandrunClippy.
125-127: Well-structured benchmarking implementationThe implementation of the
mkBenchvariable that imports from the new cargo-bench.nix file is clean and consistent with the project's architecture.
132-132: LGTM: Proper integration with existing build optionsThe additional condition in the builder section is correctly implemented to use the benchmark builder when
runBenchis true.nix/cargo-bench.nix (1)
1-21: Excellent benchmark derivation implementationThis new file creates a specialized Cargo derivation for benchmarking, with:
- Proper inheritance of artifacts
- Appropriate naming with
-benchsuffix- Correct build command for benchmarking with testing features
The implementation is aligned with the project's approach to other build types and effectively supports the benchmarking workflow.
flake.nix (3)
148-148: LGTM: New benchmark package definitionThe addition of
hoprd-benchpackage leverages the benchmarking capabilities added to the rust-package.nix file, enabling benchmark execution through the Nix build system.
677-677: Consistent with commented-out app implementationThis line properly comments out the bench app reference since the implementation is not yet active.
693-693: Well-integrated new package exportThe
hoprd-benchpackage is correctly added to the exported packages, making it available for users to build and run benchmarks..github/workflows/bencher.yaml (5)
5-5: Workflow Name Update: "Benchmarks"
The workflow name has been updated from "Bencher" to "Benchmarks" which clearly aligns with the PR objective of publishing benchmark results. Ensure that any downstream documentation or references to this workflow are updated accordingly.
54-58: Nix Installation Step Added
The new step to install Nix using thecachix/install-nix-actionis correctly implemented, including the secure usage of the GitHub access token from secrets. The pinned commit hash provides stability; just confirm that it meets your update policy.
59-65: Cachix Authentication Step
The addition of the Cachix authentication step usingcachix/cachix-actionis properly configured with the token and sets theUSERenvironment variable to "runner". This ensures that cached dependencies are correctly managed.
69-72: Addition of "Execute benchmarks" Step
The new step that executes benchmarks via the commandnix develop -c cargo bench -F testingis in line with publishing the benchmark results. Ensure that the environment and dependencies in the development shell support this command and that the benchmarks produce results at the expected location.
73-90: Enhanced Benchmark Tracking Configuration
In the "Track base branch benchmarks with Bencher" step, the modifications include:
- The addition of
--dir target/criterion(line 82) to explicitly designate the directory containing benchmark outputs.- The inclusion of the
--github-actions '${{ secrets.GITHUB_TOKEN }}'flag (line 84) which helps integrate Bencher with the GitHub Actions environment.These changes should improve benchmark result tracking. Verify that the specified directory exists and contains the expected outputs, and that the Bencher tool correctly processes the GitHub token.
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (1)
.github/workflows/bencher-nightly.yaml (1)
3-3: Remove trailing whitespace
Line 3 ends with an extra space, which triggers YAMLlint’strailing-spaceserror. Please trim the trailing space after “results”.🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 3-3: trailing spaces
(trailing-spaces)
📜 Review details
Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (3)
.github/workflows/bencher-nightly.yaml(1 hunks).github/workflows/bencher.yaml(3 hunks).github/workflows/merge.yaml(1 hunks)
🧰 Additional context used
🪛 YAMLlint (1.35.1)
.github/workflows/bencher-nightly.yaml
[error] 3-3: trailing spaces
(trailing-spaces)
⏰ Context from checks skipped due to timeout of 90000ms (9)
- GitHub Check: Bencher
- GitHub Check: hoprd / docker
- GitHub Check: hopli / docker
- GitHub Check: Docs / Rust docs
- GitHub Check: tests-unit-nightly
- GitHub Check: tests-unit
- GitHub Check: tests-smoke-websocket
- GitHub Check: zizmor
- GitHub Check: Linter
🔇 Additional comments (11)
.github/workflows/merge.yaml (1)
294-295:❓ Verification inconclusive
Ensure all callers supply the new
typeinput
You’ve added the requiredtype: mergeparameter to the reusablebencher.yamlinvocation. Please verify that every other workflow invokingbencher.yaml(e.g., manual dispatch, scheduled) passes a validtype(merge,scheduled, ormanual) so the conditional logic inbencher.yamldoesn’t exit early.Here’s a snippet you can run to list all invocations and inspect their inputs:
🏁 Script executed:
#!/bin/bash rg -n "uses: \.\/\.github\/workflows\/bencher.yaml" -A2Length of output: 175
#!/bin/bash # List all workflow invocations of bencher.yaml and show 2 lines of context rg -F "uses: ./.github/workflows/bencher.yaml" -n .github/workflows -A2
#!/bin/bash # List all workflow invocations of bencher.yaml with surrounding context to check for 'type' rg -F "uses: ./.github/workflows/bencher.yaml" -n .github/workflows -A5
Confirm all bencher.yaml calls include the new
typeinput
I searched through .github/workflows and only found the reusable-workflow invocation in merge.yaml. Please double-check any other workflows (e.g. manual dispatch or scheduled runs) that call bencher.yaml and ensure they pass a validtype(merge,scheduled, ormanual) so its conditional logic doesn’t exit early..github/workflows/bencher-nightly.yaml (2)
15-17: Concurrency scope is correct
Usinggroup: ${{ github.ref }}-bencher-nightlyeffectively prevents overlapping nightly runs per branch. This matches the intended design.
20-28: Nightly workflow invocations look good
Bothbencher-nightly-masterandbencher-nightly-release-singaporereuse the updatedbencher.yamlwithtype: scheduled. Confirm thatrelease/singaporealigns with your branch naming policy or parameterize additional release branches as needed..github/workflows/bencher.yaml (8)
5-5: Workflow renamed for clarity
Renaming toBenchmarksaccurately reflects its role as a reusable benchmarking pipeline.
11-19: Added requiredtypeinput
You’ve extended theworkflow_callblock to include a mandatorytypeparameter. This is essential for distinguishing merge, scheduled, and manual contexts. Ensure all callers are updated accordingly.
29-30: Increased timeout for long‐running benchmarks
Benchmark runs can be lengthy; bumping to 150 minutes seems reasonable. Please confirm that this upper limit covers your worst-case runs without unnecessarily blocking runner capacity.
40-48: Sanitize branch name safely
TheSet environment variablesstep guards against template injection and normalizes slashes to dashes. This is a solid approach for subsequent environment and Nix derivations.
53-57: Pinned checkout of target branch
Switching toactions/checkout@v4and usingref: ${{ steps.vars.outputs.BRANCH_NAME }}is correct. Verify that the checkout still has access to any required submodules or credentials if needed.
59-63: Nix installation step is sound
Installing Nix via the Cachix action sets up your reproducible environment. Ensure the GitHub token used here has minimal privileges.
64-68: Authenticate with Cachix
Authenticating to Cachix withsecrets.CACHIX_AUTH_TOKENlooks good. Confirm that the token scope is correct and doesn’t grant more access than necessary.
71-93: Dynamic testbed selection is robust
YourSet Bencher Testbedlogic cleanly handles merge, scheduled, and manual triggers and skips other branches. This ensures benchmarks run only where intended.
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (2)
.github/workflows/bencher.yaml (2)
100-104:⚠️ Potential issueAvoid overriding
GITHUB_ACTIONSenv var: You exportGITHUB_ACTIONS=${GITHUB_ACTIONS}, setting it to the secret token. Overwriting the built-in flag can break runner detection and leak credentials. UseGITHUB_TOKENinstead:- export GITHUB_ACTIONS=${GITHUB_ACTIONS} + export GITHUB_TOKEN=${GITHUB_TOKEN}
114-118:⚠️ Potential issueCorrect environment variable for GitHub token: In the step’s
envblock, replaceGITHUB_ACTIONS: ${{ secrets.GITHUB_TOKEN }}with:- GITHUB_ACTIONS: ${{ secrets.GITHUB_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}This aligns with the export change above.
🧹 Nitpick comments (1)
.github/workflows/bencher.yaml (1)
46-49: Quote$GITHUB_OUTPUTfor consistency: For robustness, consider quoting all expansions of$GITHUB_OUTPUT:- echo "FORMATTED_BRANCH=$FORMATTED_BRANCH" >> $GITHUB_OUTPUT + echo "FORMATTED_BRANCH=$FORMATTED_BRANCH" >> "$GITHUB_OUTPUT"
📜 Review details
Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
.github/workflows/bencher.yaml(2 hunks)crypto/packet/benches/packet_benches.rs(7 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
- crypto/packet/benches/packet_benches.rs
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/bencher.yaml
28-28: label "self-hosted-hoprnet-bigger" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file
(runner-label)
⏰ Context from checks skipped due to timeout of 90000ms (10)
- GitHub Check: hoprd / docker
- GitHub Check: hopli / docker
- GitHub Check: Docs / Rust docs
- GitHub Check: tests-smoke-websocket
- GitHub Check: tests-unit-nightly
- GitHub Check: tests-smart-contracts
- GitHub Check: Linter
- GitHub Check: zizmor
- GitHub Check: tests-unit
- GitHub Check: Cargo Audit
🔇 Additional comments (10)
.github/workflows/bencher.yaml (10)
5-5: Rename workflow for clarity: The workflow name has been updated to "Benchmarks" to better reflect its purpose.
11-18: Ensure callers supply the newtypeinput: You’ve added a requiredtypeinput forworkflow_call. Verify that all invoking workflows (e.g.,merge.yaml,bencher-nightly.yaml) pass this parameter correctly.
22-23: Review concurrency settings: Disablingcancel-in-progresswill queue all runs under the "bencher" group. Ensure this aligns with your expectations, as it may lead to concurrent long-running jobs piling up.
29-29: Increase job timeout: Thetimeout-minuteshas been extended to 150 to accommodate lengthy benchmarks. LGTM if your slowest benchmarks fit within this window.
40-45: Secure branch name extraction: Good use ofINPUT_BRANCHfallback to avoid template injection via refs. This ensures safe branch detection acrossworkflow_callandworkflow_dispatchevents.
51-53: Environment variable mapping: MappingINPUT_BRANCHandGITHUB_REF_NAMEinto the script environment looks correct.
57-57: Checkout by sanitized ref: Usingsteps.vars.outputs.BRANCH_NAMEensures you checkout the intended branch.
60-64: Install Nix securely: Leveragingcachix/install-nix-actionwith a GitHub token is correct for multi-user environments.
65-71: Authenticate Cachix: Thecachix/cachix-actionconfiguration (withUSER: runner) is valid for populating the Nix binary cache. Confirm thatCACHIX_AUTH_TOKENhas appropriate scopes.
73-79: Validatetype-based testbed logic: You deriveIS_MERGEandIS_SCHEDULEDfrom inputs andIS_MANUALfrom dispatch. Confirm that no other event types slip through and that callers only passmergeorscheduled.
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
.github/workflows/bencher.yaml (1)
102-108:⚠️ Potential issueCorrect environment variable export for GitHub token
You’re currently exportingGITHUB_ACTIONS=${GITHUB_TOKEN}, which overrides a built-in flag and leads to confusing behavior. Update to:-export GITHUB_ACTIONS=${GITHUB_TOKEN} +export GITHUB_TOKEN=${GITHUB_TOKEN}
🧹 Nitpick comments (3)
.github/workflows/bencher-nightly.yaml (2)
3-3: Remove trailing whitespace in header comment
The comment line has trailing spaces that may trigger lint errors.🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 3-3: trailing spaces
(trailing-spaces)
15-16: Use sanitized branch name for concurrency group
github.refincludes the full ref (e.g.refs/heads/master), which can fragment your concurrency keys. Consider using${{ github.ref_name }}for a cleaner group:-group: ${{ github.ref }}-bencher-nightly +group: ${{ github.ref_name }}-bencher-nightly.github/workflows/bencher.yaml (1)
11-19: Consider renaming thetypeinput
Usingtypemay conflict with YAML or be confusing. A more descriptive key liketrigger_typeorrun_typewould improve clarity.
📜 Review details
Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
.github/workflows/bencher-nightly.yaml(1 hunks).github/workflows/bencher.yaml(2 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/bencher.yaml
28-28: label "self-hosted-hoprnet-bigger" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file
(runner-label)
🪛 YAMLlint (1.35.1)
.github/workflows/bencher-nightly.yaml
[error] 3-3: trailing spaces
(trailing-spaces)
⏰ Context from checks skipped due to timeout of 90000ms (9)
- GitHub Check: tests-smoke-websocket
- GitHub Check: tests-unit
- GitHub Check: tests-unit-nightly
- GitHub Check: tests-smart-contracts
- GitHub Check: hoprd / docker
- GitHub Check: hopli / docker
- GitHub Check: Docs / Rust docs
- GitHub Check: Linter
- GitHub Check: zizmor
🔇 Additional comments (13)
.github/workflows/bencher-nightly.yaml (2)
19-25: Master nightly job configuration looks good
Reusing thebencher.yamlworkflow withbranch: masterandtype: scheduledis correct, andsecrets: inheritensures credentials are passed.
26-33: Release Singapore nightly job configuration looks good
Chainingneeds: bencher-nightly-masterto avoid overload and reusing the workflow is a solid approach..github/workflows/bencher.yaml (11)
5-5: Workflow renamed appropriately
Updating the name to “Benchmarks” aligns with the multi-branch and nightly usage.
22-23: Concurrency settings simplified correctly
Groupbencherwithcancel-in-progress: falsefits the new schedule—multiple runs won’t cancel each other.
29-29: Verify custom runner label
self-hosted-hoprnet-biggerisn’t in the default GitHub hosted runners. Confirm this label exists on your self-hosted pool or update youractionlintconfig to allow it.
30-30: Extended timeout is appropriate
Increasingtimeout-minutesto 150 accommodates longer benchmark runs.
40-49: Environment extraction step is solid
Safely obtaining branch, formatting it, and capturingCOMMIT_HASHavoids template injection and preserves downstream logic.
51-52: Input environment variables mapping is correct
Mapping${{ inputs.branch }}and${{ github.ref_name }}to shell variables ensures consistency.
57-57: Checkout ref matches configured branch
Usingref: ${{ steps.vars.outputs.BRANCH_NAME }}is the right approach to replay on the triggered branch.
60-64: Installing Nix with Cachix token is correct
Auth setup viasecrets.GITHUB_TOKENand subsequent Cachix steps follow best practices.
65-71: Cachix action usage looks good
Caching the Nix store ensures faster subsequent runs, andUSER: runneris a valid workaround if needed.
72-95: Confirm exit codes in testbed setup
The branch filterexit 0for unsupported branches is correct, butexit 1in the “else” of allowed branches will fail the workflow on benign trigger types. If the goal is to skip benchmarks (not error), considerexit 0instead.
115-118: Passed-in environment variables for benchmarks are correct
Mapping secrets and outputs toBENCHER_API_TOKEN,GITHUB_TOKEN,BRANCH_NAME,COMMIT_HASH, andBENCHER_TESTBEDis consistent with earlier steps.
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (1)
.github/workflows/bencher.yaml (1)
98-109:⚠️ Potential issueCritical security fix: Do not override GITHUB_ACTIONS
On line 104 you’re exportingGITHUB_ACTIONS=${GITHUB_TOKEN}, which overrides the built-in flag and risks leaking the token. It should be:-export GITHUB_ACTIONS=${GITHUB_TOKEN} +export GITHUB_TOKEN=${GITHUB_TOKEN}Please correct this immediately.
🧹 Nitpick comments (4)
.github/workflows/bencher.yaml (4)
35-35: Track TODO: Egress policy adjustment
The comment at line 35 indicates changingegress-policyfromaudittoblockafter a few runs. It’s best to schedule this as a tracked task (e.g., GitHub issue) or remove the TODO once complete to avoid overlooking it.
5-5: Inconsistent naming: Workflow vs. job
The workflow is namedBenchmarksbut the job block below usesname: Bencher. For clarity and consistency, consider renaming the job toBenchmarks(or a similarly aligned name).
22-23: Consider branch-specific concurrency
Currentgroup: bencherwill serialize all benchmark runs globally. If you want independent concurrency per branch, include branch context (e.g.,${{ inputs.branch }}or${{ github.ref }}) in the group name.
71-93: Testbed selection logic
The logic to deriveBENCHER_TESTBEDacross merge, scheduled, and manual runs on different branch patterns is comprehensive. Consider adding a guard (e.g., an explicit warning orexit 1) ifinputs.typeis outside the expected set to catch misconfigurations early.
📜 Review details
Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
.github/workflows/bencher.yaml(2 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/bencher.yaml
28-28: label "self-hosted-hoprnet-bigger" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file
(runner-label)
⏰ Context from checks skipped due to timeout of 90000ms (6)
- GitHub Check: tests-smoke-websocket
- GitHub Check: tests-unit-nightly
- GitHub Check: tests-unit
- GitHub Check: hoprd / docker
- GitHub Check: Linter
- GitHub Check: zizmor
🔇 Additional comments (8)
.github/workflows/bencher.yaml (8)
11-18: Verify workflow inputs usage
You’ve added a requiredtypeinput. Please confirm that all callers (e.g.,.github/workflows/merge.yaml,.github/workflows/bencher-nightly.yaml) invoke this workflow with the correcttypevalues (merge,scheduled, etc.).
29-29: Extended job timeout
The job timeout has been increased to 150 minutes. Ensure this aligns with your longest benchmark runs and isn’t set excessively high.
40-46: Branch name sanitization
Good use of conditional checks andsedto escape slashes and prevent template injection when forming branch-based outputs.
50-52: Explicit step environment
PassingINPUT_BRANCHandGITHUB_REF_NAMEexplicitly into the step ensures reproducible behavior. Nicely done.
56-57: Checkout branch by computed output
Using theBRANCH_NAMEoutput from the vars step to driveactions/checkoutensures you pull the correct ref.
59-63: Secure Nix installation
Pinningcachix/install-nix-actionto a commit SHA and securely passingsecrets.GITHUB_TOKENaligns with best practices.
64-70: Cachix action configuration
You’ve setUSER: runnerin the Cachix action’s environment. Please verify this is required for your self-hosted runner context and doesn’t override other important env vars.
111-116: Benchmark step environment
Explicitly mapping secrets and outputs into the environment for the benchmark run is correct and clear.
This pipeline fixes the benchmarks and publishes the results in https://bencher.dev/console/projects/hoprnet/plots