Conversation
When multiple callers invoke the same reusable workflow simultaneously,
static concurrency groups (e.g., 'bug-hunter') caused the second caller
to cancel the first. Fix by prefixing all concurrency groups with
${{ github.workflow }}, which resolves to the caller's workflow name
for reusable workflows.
This applies to both workflow-level and engine-level concurrency groups
across all workflows.
Co-authored-by: strawgate <6384545+strawgate@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Fix concurrency issue with reusable workflow calls
Prefix concurrency groups with Feb 28, 2026
github.workflow to prevent cross-caller cancellation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
|
Warning Rate limit exceeded
⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. 📒 Files selected for processing (62)
📝 WalkthroughWalkthroughThis PR updates GitHub Actions workflow concurrency groups across 80+ workflow files, changing from static group identifiers to dynamic ones prefixed with Possibly related PRs
🚥 Pre-merge checks | ✅ 2✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.github/workflows/gh-aw-agent-suggestions.md:
- Line 60: Replace the concurrency group that currently uses `${{
github.workflow }}` so parallel invocations from the same caller don't cancel
one another; update the group expression used in the concurrency stanza (the
line containing "group: ${{ github.workflow }}-agent-suggestions") to include a
per-run unique identifier such as `${{ github.run_id }}` (for example combine
`${{ github.workflow }}` and `${{ github.run_id }}`) so each workflow invocation
gets an isolated concurrency group.
ℹ️ Review info
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (119)
.github/workflows/agent-deep-dive.lock.yml.github/workflows/agent-deep-dive.md.github/workflows/agent-efficiency.lock.yml.github/workflows/agent-efficiency.md.github/workflows/downstream-users.lock.yml.github/workflows/downstream-users.md.github/workflows/gh-aw-agent-suggestions.lock.yml.github/workflows/gh-aw-agent-suggestions.md.github/workflows/gh-aw-autonomy-atomicity-analyzer.lock.yml.github/workflows/gh-aw-autonomy-atomicity-analyzer.md.github/workflows/gh-aw-branch-actions-detective.lock.yml.github/workflows/gh-aw-branch-actions-detective.md.github/workflows/gh-aw-breaking-change-detect.lock.yml.github/workflows/gh-aw-breaking-change-detector.lock.yml.github/workflows/gh-aw-breaking-change-detector.md.github/workflows/gh-aw-bug-exterminator.lock.yml.github/workflows/gh-aw-bug-exterminator.md.github/workflows/gh-aw-bug-hunter.lock.yml.github/workflows/gh-aw-bug-hunter.md.github/workflows/gh-aw-code-duplication-detector.lock.yml.github/workflows/gh-aw-code-duplication-detector.md.github/workflows/gh-aw-code-duplication-fixer.lock.yml.github/workflows/gh-aw-code-duplication-fixer.md.github/workflows/gh-aw-code-simplifier.lock.yml.github/workflows/gh-aw-code-simplifier.md.github/workflows/gh-aw-deep-research.lock.yml.github/workflows/gh-aw-deep-research.md.github/workflows/gh-aw-dependency-review.lock.yml.github/workflows/gh-aw-dependency-review.md.github/workflows/gh-aw-docs-drift.lock.yml.github/workflows/gh-aw-docs-patrol.lock.yml.github/workflows/gh-aw-docs-patrol.md.github/workflows/gh-aw-duplicate-issue-detector.lock.yml.github/workflows/gh-aw-duplicate-issue-detector.md.github/workflows/gh-aw-estc-actions-resource-not-accessible-detector.lock.yml.github/workflows/gh-aw-estc-actions-resource-not-accessible-detector.md.github/workflows/gh-aw-estc-docs-patrol-external.lock.yml.github/workflows/gh-aw-estc-docs-patrol-external.md.github/workflows/gh-aw-estc-docs-pr-review.lock.yml.github/workflows/gh-aw-estc-docs-pr-review.md.github/workflows/gh-aw-estc-downstream-health.lock.yml.github/workflows/gh-aw-estc-downstream-health.md.github/workflows/gh-aw-estc-newbie-contributor-patrol-external.lock.yml.github/workflows/gh-aw-estc-newbie-contributor-patrol-external.md.github/workflows/gh-aw-estc-pr-buildkite-detective.lock.yml.github/workflows/gh-aw-estc-pr-buildkite-detective.md.github/workflows/gh-aw-flaky-test-investigator.lock.yml.github/workflows/gh-aw-flaky-test-investigator.md.github/workflows/gh-aw-framework-best-practices.lock.yml.github/workflows/gh-aw-framework-best-practices.md.github/workflows/gh-aw-information-architecture.lock.yml.github/workflows/gh-aw-information-architecture.md.github/workflows/gh-aw-issue-fixer.lock.yml.github/workflows/gh-aw-issue-fixer.md.github/workflows/gh-aw-issue-triage.lock.yml.github/workflows/gh-aw-issue-triage.md.github/workflows/gh-aw-mention-in-issue-no-sandbox.lock.yml.github/workflows/gh-aw-mention-in-issue-no-sandbox.md.github/workflows/gh-aw-mention-in-issue.lock.yml.github/workflows/gh-aw-mention-in-issue.md.github/workflows/gh-aw-mention-in-pr-by-id.lock.yml.github/workflows/gh-aw-mention-in-pr-by-id.md.github/workflows/gh-aw-mention-in-pr-no-sandbox.lock.yml.github/workflows/gh-aw-mention-in-pr-no-sandbox.md.github/workflows/gh-aw-mention-in-pr.lock.yml.github/workflows/gh-aw-mention-in-pr.md.github/workflows/gh-aw-newbie-contributor-fixer.lock.yml.github/workflows/gh-aw-newbie-contributor-fixer.md.github/workflows/gh-aw-newbie-contributor-patrol.lock.yml.github/workflows/gh-aw-newbie-contributor-patrol.md.github/workflows/gh-aw-performance-profiler.lock.yml.github/workflows/gh-aw-performance-profiler.md.github/workflows/gh-aw-plan.lock.yml.github/workflows/gh-aw-plan.md.github/workflows/gh-aw-pr-actions-detective.lock.yml.github/workflows/gh-aw-pr-actions-detective.md.github/workflows/gh-aw-pr-actions-fixer.lock.yml.github/workflows/gh-aw-pr-actions-fixer.md.github/workflows/gh-aw-pr-ci-detective.lock.yml.github/workflows/gh-aw-pr-review-addresser.lock.yml.github/workflows/gh-aw-pr-review-addresser.md.github/workflows/gh-aw-pr-review.lock.yml.github/workflows/gh-aw-pr-review.md.github/workflows/gh-aw-product-manager-impersonator.lock.yml.github/workflows/gh-aw-product-manager-impersonator.md.github/workflows/gh-aw-project-summary.lock.yml.github/workflows/gh-aw-project-summary.md.github/workflows/gh-aw-refactor-opportunist.lock.yml.github/workflows/gh-aw-refactor-opportunist.md.github/workflows/gh-aw-release-update.lock.yml.github/workflows/gh-aw-release-update.md.github/workflows/gh-aw-scheduled-audit.lock.yml.github/workflows/gh-aw-scheduled-audit.md.github/workflows/gh-aw-scheduled-fix.lock.yml.github/workflows/gh-aw-scheduled-fix.md.github/workflows/gh-aw-small-problem-fixer.lock.yml.github/workflows/gh-aw-small-problem-fixer.md.github/workflows/gh-aw-stale-issues-investigator.lock.yml.github/workflows/gh-aw-stale-issues-investigator.md.github/workflows/gh-aw-stale-issues-remediator.lock.yml.github/workflows/gh-aw-stale-issues-remediator.md.github/workflows/gh-aw-stale-issues.lock.yml.github/workflows/gh-aw-test-coverage-detector.lock.yml.github/workflows/gh-aw-test-coverage-detector.md.github/workflows/gh-aw-test-improvement.lock.yml.github/workflows/gh-aw-test-improver.lock.yml.github/workflows/gh-aw-test-improver.md.github/workflows/gh-aw-text-auditor.lock.yml.github/workflows/gh-aw-text-auditor.md.github/workflows/gh-aw-text-beautifier.lock.yml.github/workflows/gh-aw-text-beautifier.md.github/workflows/gh-aw-update-pr-body.lock.yml.github/workflows/gh-aw-update-pr-body.md.github/workflows/gh-aw-ux-design-patrol.lock.yml.github/workflows/gh-aw-ux-design-patrol.md.github/workflows/upgrade-check.lock.yml.github/workflows/upgrade-check.md.github/workflows/workflow-patrol.lock.yml.github/workflows/workflow-patrol.md
| - "${{ inputs.allowed-bot-users }}" | ||
| concurrency: | ||
| group: agent-suggestions | ||
| group: ${{ github.workflow }}-agent-suggestions |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
find .github/workflows -name "*agent-suggestions*" -type fRepository: elastic/ai-github-actions
Length of output: 212
🏁 Script executed:
ls -la .github/workflows/ | grep -i agentRepository: elastic/ai-github-actions
Length of output: 681
🏁 Script executed:
# Check if the .md file exists and its content
cat -n .github/workflows/gh-aw-agent-suggestions.md 2>/dev/null || echo "File not found as .md"
# Try alternative extensions
ls -la .github/workflows/gh-aw-agent-suggestions.* 2>/dev/null || echo "No matching files found"Repository: elastic/ai-github-actions
Length of output: 7047
🌐 Web query:
GitHub Actions github.workflow variable behavior in reusable workflows workflow_call multiple parallel invocations
💡 Result:
In a reusable workflow triggered via workflow_call, the github context in the called workflow is associated with the caller workflow, not the called file. As a result:
github.workflowin the called workflow is the caller workflow’s name (or its path if unnamed), so multiple parallel invocations of the same reusable workflow from one caller will all see the samegithub.workflowvalue. [1][2]- The called workflow also receives the same event payload as the caller (it’s not a distinct “new” event payload for the called workflow). [3]
Implications / what to do instead (common patterns):
- If you need a per-invocation identifier inside the reusable workflow, use something that differs per calling job, such as:
github.job(job id) /jobname, or- pass an explicit
inputfrom the caller (e.g.,with: invocation_id: ...). [1]
- Don’t use
${{ github.workflow }}as a sharedconcurrency.groupin both caller and called workflows; GitHub explicitly warns this can cause cancellation due to group collisions because the called workflow sees the caller’sgithub.workflow. [1]
Sources: GitHub reusable workflows docs (including the github.workflow/concurrency warning and github context behavior) [1], GitHub contexts reference (github.workflow) [2], GitHub event docs (workflow_call payload behavior) [3].
Add concurrency isolation for parallel invocations from the same caller workflow.
Line 60's concurrency group uses ${{ github.workflow }} which reflects the caller's workflow name in reusable workflows (workflow_call). Multiple parallel invocations from the same caller (e.g., via matrix or separate jobs with different inputs) will share an identical group and cancel each other.
Suggested fix
on:
workflow_call:
inputs:
+ concurrency-key:
+ description: "Optional suffix to isolate concurrent invocations from the same caller workflow"
+ type: string
+ required: false
+ default: "default"
concurrency:
- group: ${{ github.workflow }}-agent-suggestions
+ group: ${{ github.workflow }}-agent-suggestions-${{ inputs.concurrency-key }}
cancel-in-progress: true🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.github/workflows/gh-aw-agent-suggestions.md at line 60, Replace the
concurrency group that currently uses `${{ github.workflow }}` so parallel
invocations from the same caller don't cancel one another; update the group
expression used in the concurrency stanza (the line containing "group: ${{
github.workflow }}-agent-suggestions") to include a per-run unique identifier
such as `${{ github.run_id }}` (for example combine `${{ github.workflow }}` and
`${{ github.run_id }}`) so each workflow invocation gets an isolated concurrency
group.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR fixes concurrency collisions between different caller workflows that invoke the same reusable workflow.
The issue was that static concurrency groups (for example,
bug-hunter) were shared across callers, so one caller run could cancel another. Inworkflow_callcontext,$\{\{ github.workflow }}resolves to the caller workflow name, so this change uses it to isolate concurrency by caller.What changed
concurrency.groupvalues to include a$\{\{ github.workflow }}-prefix in workflow source definitions.concurrency.groupvalues to include$\{\{ github.workflow }}where engine concurrency is configured..lock.ymlworkflow files so compiled outputs match source changes.Example
Before
After