feat(INFRA-2932): add retry to yarn commands

bsgrigorov · bsgrigorov · commit b3e48cf393cd · 2025-09-10T22:27:02.000-07:00
diff --git a/.github/actions/checkout-and-setup/action.yml b/.github/actions/checkout-and-setup/action.yml
@@ -26,63 +26,69 @@ outputs:
 runs:
   using: composite
   steps:
-    # The "required: true" field is not enforced by GitHub, so we need to check it manually
-    - name: Enforce required input is either "true" or "false"
-      run: |
-        if [[ "${{ inputs.is-high-risk-environment }}" == "true" ]]; then
-          echo 'High-risk environment detected. Disabling cache for security.'
-        elif [[ "${{ inputs.is-high-risk-environment }}" == "false" ]]; then
-          echo 'Low-risk environment detected. Enabling cache for optimized performance.'
-        else
-          echo "::error::Invalid value for 'is-high-risk-environment'. Must be 'true' (secure, no cache) or 'false' (faster, cache enabled)."
-          exit 1
-        fi
-      shell: bash
+  # The "required: true" field is not enforced by GitHub, so we need to check it manually
+  - name: Enforce required input is either "true" or "false"
+    run: |
+      if [[ "${{ inputs.is-high-risk-environment }}" == "true" ]]; then
+        echo 'High-risk environment detected. Disabling cache for security.'
+      elif [[ "${{ inputs.is-high-risk-environment }}" == "false" ]]; then
+        echo 'Low-risk environment detected. Enabling cache for optimized performance.'
+      else
+        echo "::error::Invalid value for 'is-high-risk-environment'. Must be 'true' (secure, no cache) or 'false' (faster, cache enabled)."
+        exit 1
+      fi
+    shell: bash
 
-    # Checkout repository only if not already checked out
-    - name: Checkout repository
-      uses: actions/checkout@v4
-      if: ${{ hashFiles('.git') == '' }}
-      with:
-        fetch-depth: ${{ inputs.fetch-depth }}
-        ref: ${{ inputs.ref }}
+  # Checkout repository only if not already checked out
+  - name: Checkout repository
+    uses: actions/checkout@v4
+    if: ${{ hashFiles('.git') == '' }}
+    with:
+      fetch-depth: ${{ inputs.fetch-depth }}
+      ref: ${{ inputs.ref }}
 
-    - run: corepack enable
-      shell: bash
+  - run: corepack enable
+    shell: bash
 
-    # In a low-risk environment, try to download cache of node_modules, if it exists
-    # On failure, will run the yarn install instead
-    - name: Download node_modules cache
-      if: ${{ inputs.is-high-risk-environment == 'false' }}
-      id: download-node-modules
-      uses: actions/cache/restore@v4
-      with:
-        path: ./node_modules
-        key: node-modules-${{ github.sha }}
+  # In a low-risk environment, try to download cache of node_modules, if it exists
+  # On failure, will run the yarn install instead
+  - name: Download node_modules cache
+    if: ${{ inputs.is-high-risk-environment == 'false' }}
+    id: download-node-modules
+    uses: actions/cache/restore@v4
+    with:
+      path: ./node_modules
+      key: node-modules-${{ github.sha }}
 
-    - name: Set up Node.js
-      uses: actions/setup-node@v4
-      id: setup-node
-      with:
-        node-version-file: .nvmrc
-        # If the node_modules cache was not found, use setup-node cache to restore the '.yarn' folder
-        # Notes: if this is always set to 'yarn':
-        #   1) Will not be secure for high-risk environment
-        #   2) Self-hosted runners will fail to find this cache, and then fail on the 'Post Setup environment' step
-        #   3) This action will run a few seconds slower, because when we restore the 'node_modules' folder from cache, there's no need to download the '.yarn' folder too
-        # (GHA does not allow the : ? ternary operator, you must write && ||)
-        cache: ${{ ( inputs.is-high-risk-environment != 'true' && steps.download-node-modules.outputs.cache-hit != 'true' ) && 'yarn' || '' }}
+  - name: Set up Node.js
+    uses: actions/setup-node@v4
+    id: setup-node
+    with:
+      node-version-file: .nvmrc
+      # If the node_modules cache was not found, use setup-node cache to restore the '.yarn' folder
+      # Notes: if this is always set to 'yarn':
+      #   1) Will not be secure for high-risk environment
+      #   2) Self-hosted runners will fail to find this cache, and then fail on the 'Post Setup environment' step
+      #   3) This action will run a few seconds slower, because when we restore the 'node_modules' folder from cache, there's no need to download the '.yarn' folder too
+      # (GHA does not allow the : ? ternary operator, you must write && ||)
+      cache: ${{ ( inputs.is-high-risk-environment != 'true' && steps.download-node-modules.outputs.cache-hit != 'true' ) && 'yarn' || '' }}
 
-    # If the node_modules cache was not found (or it's a high-risk environment), run the yarn install
-    - name: Install dependencies
-      if: ${{ steps.download-node-modules.outputs.cache-hit != 'true'}}
-      run: yarn --immutable
+  # If the node_modules cache was not found (or it's a high-risk environment), run the yarn install
+  - name: Install dependencies with retry
+    if: ${{ steps.download-node-modules.outputs.cache-hit != 'true'}}
+    uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 #v3.0.2
+    with:
+      max_attempts: 2
+      timeout_minutes: 15
+      retry_wait_seconds: 30
+      retry_on: error
+      command: yarn --immutable
       shell: bash
 
-    # For the 'prep-deps' job, save the node_modules cache
-    - name: Cache workspace
-      if: ${{ inputs.is-high-risk-environment == 'false' && inputs.cache-node-modules == 'true' }}
-      uses: actions/cache/save@v4
-      with:
-        path: ./node_modules
-        key: node-modules-${{ github.sha }}
+  # For the 'prep-deps' job, save the node_modules cache
+  - name: Cache workspace
+    if: ${{ inputs.is-high-risk-environment == 'false' && inputs.cache-node-modules == 'true' }}
+    uses: actions/cache/save@v4
+    with:
+      path: ./node_modules
+      key: node-modules-${{ github.sha }}
diff --git a/.github/workflows/changelog-check.yml b/.github/workflows/changelog-check.yml
@@ -77,11 +77,18 @@ jobs:
           cache-dependency-path: ./github-tools/yarn.lock
           cache: yarn
 
-      - name: Install dependencies
+      - name: Install dependencies with retry
         if: ${{ steps.label-check.outputs.skip_check != 'true' }}
-        run: yarn --immutable
-        shell: bash
-        working-directory: ./github-tools
+        uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 #v3.0.2
+        with:
+          max_attempts: 2
+          timeout_minutes: 15
+          retry_wait_seconds: 30
+          retry_on: error
+          shell: bash
+          command: |
+            cd ./github-tools
+            yarn --immutable
 
       - name: Check Changelog
         if: ${{ steps.label-check.outputs.skip_check != 'true' }}
diff --git a/.github/workflows/flaky-test-report.yml b/.github/workflows/flaky-test-report.yml
@@ -40,9 +40,16 @@ jobs:
         run: corepack enable
         working-directory: ./github-tools
 
-      - name: Install dependencies
-        working-directory: ./github-tools
-        run: yarn --immutable
+      - name: Install dependencies with retry
+        uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 #v3.0.2
+        with:
+          max_attempts: 2
+          timeout_minutes: 15
+          retry_wait_seconds: 30
+          retry_on: error
+          command: |
+            cd ./github-tools
+            yarn --immutable
 
       - name: Run flaky test report script
         env:
diff --git a/.github/workflows/post-merge-validation.yml b/.github/workflows/post-merge-validation.yml
@@ -50,9 +50,16 @@ jobs:
         run: corepack enable
         working-directory: ./github-tools
 
-      - name: Install dependencies
-        working-directory: ./github-tools
-        run: yarn --immutable
+      - name: Install dependencies with retry
+        uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 #v3.0.2
+        with:
+          max_attempts: 2
+          timeout_minutes: 15
+          retry_wait_seconds: 30
+          retry_on: error
+          command: |
+            cd ./github-tools
+            yarn --immutable
 
       - name: Run post-merge-validation script
         working-directory: ./github-tools
diff --git a/.github/workflows/publish-slack-release-testing-status.yml b/.github/workflows/publish-slack-release-testing-status.yml
@@ -49,10 +49,17 @@ jobs:
         shell: bash
         working-directory: ./github-tools
 
-      - name: Install dependencies
-        run: yarn --immutable
-        shell: bash
-        working-directory: ./github-tools
+      - name: Install dependencies with retry
+        uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 #v3.0.2
+        with:
+          max_attempts: 2
+          timeout_minutes: 15
+          retry_wait_seconds: 30
+          retry_on: error
+          shell: bash
+          command: |
+            cd ./github-tools
+            yarn --immutable
 
       # Step 4: Run Script
       - name: Publish Slack Release Testing Status
