Skip to content

Roadmap: capability wave — cost (spot/Graviton/warm pools), reliability (fallback/reaper/diagnostics), reach (matrix/disk/distros) #49

Description

@kurok

Where the 10x is

The Hardening & Modernization plan (#15, phases 1–8, plus #20) is done: aws-sdk v3, OIDC, IMDSv2, encrypted EBS, ephemeral non-root runners, structured logging, retries, unit tests. The action is now solid — the next multiplier is capable. A codebase review shows the ceilings:

  1. Cost: on-demand only (src/aws.js builds plain RunInstances — no spot), x64 only (runner-checksums.js pins one arch), full cold boot every job. Spot + Graviton + warm pools compound to a 3–5× cost/latency improvement for the same CI minutes.
  2. Reliability: one subnet, one instance type — any capacity hiccup fails the workflow; bootstrap failures "fail silently inside cloud-init, and the action will eventually time out" (README's own words); leaked instances (cancelled workflows, stop-job failures) bill until a human notices.
  3. Reach: one runner per invocation (matrix builds need hand-wired duplicates), 8 GiB default disk kills Docker jobs, non-yum distros are told to fork.
  4. Toil: runner-version bumps are a documented manual multi-file ritual (fix: bump default actions/runner to 2.335.1 #36 being the latest performance of it).

Phase 1 — Reliability first

Phase 2 — Cost

Phase 3 — Capability & toil

Sequencing & dependencies

#41 diagnostics ─▶ #45 count (N-way wait visibility) · #46 templates (failure attribution) · #48 reuse (re-registration debugging)
#42 reaper ─▶ #48 warm pools (drain semantics extend the reaper)
#40 capacity ↔ #39 spot (independent, multiply together; spot makes capacity errors common, fallback makes them survivable)
#43 arm64 ─▶ #47 automation maintains both checksum sets (either order works; #47 is forward-compatible)
#44 volume · #47 automation — independent, can ship anytime

Suggested order: #41#42#44#40#39#47#43#45#46#48.

Considered and deferred

Cross-cutting rules (apply to every item)

  • Back-compat: existing inputs keep working with byte-identical default behavior (regression tests on generated params/user-data are the standard); new inputs optional with safe defaults.
  • No new leak paths: every launched resource is tagged with the action's signature, covered by TTL + reaper, and DeleteOnTermination where applicable.
  • Secrets: registration tokens never appear in logs or captured console output (redaction tests extend with each feature).
  • Repo standards: npm ci && npm run package with dist committed (verify-dist green), unit tests per the existing jest patterns, SHA-pinned workflow actions, IAM examples updated per feature (least-privilege with tag-scoped conditions), README inputs/outputs tables + action.yml descriptions in the same PR.

Individual issues carry full designs and acceptance criteria — review and adjust priorities there.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestepicTracking issueroadmapRoadmap item

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions