Description
I recently added the permissions monitor to most of the CI jobs in the smithy-lang/smithy-rs repo in smithy-lang/smithy-rs#4084. This led to a substantial increase in checkout times. For the (admittedly huge) awslabs/aws-sdk-rust repo this led to both an increase in time and frequent failures. For the two repos we checkout the time diffs were:
smithy-lang/smithy-rs: ~6s -> ~2 minutesawslabs/aws-sdk-rust: ~2 minutes -> ~1 hour
Checking out the aws-sdk-rust repo would often fail (example run) with the following error:
/usr/bin/git -c protocol.version=2 fetch --prune --no-recurse-submodules origin +refs/heads/*:refs/remotes/origin/* +refs/tags/*:refs/tags/*
Error: error: RPC failed; HTTP 502 curl 22 The requested URL returned error: 502
Error: fatal: expected 'packfile'
Error: The process '/usr/bin/git' failed with exit code 128Removing the permissions monitor in smithy-lang/smithy-rs#4088 took the checkout times back to normal.
Potentially I could have gotten around this by moving the monitor action after the checkout actions, but the documentation for the monitor specifically says:
Include the Monitor action in every job of your workflow. The actions should be the first step in the job, even before the checkout action.