tenseleyflow/shithub / 105eb12

+// SPDX-License-Identifier: AGPL-3.0-or-later

+

+// Package lifecycle owns user-visible Actions run/job lifecycle mutations:

+// cancellation now, with re-runs and retention following in later S41g slices.

+package lifecycle

+

+import (

+	"context"

+	"errors"

+	"fmt"

+	"log/slog"

+	"strings"

+	"time"

+

+	"github.com/jackc/pgx/v5"

+	"github.com/jackc/pgx/v5/pgtype"

+	"github.com/jackc/pgx/v5/pgxpool"

+

+	actionsdb "github.com/tenseleyFlow/shithub/internal/actions/sqlc"

+	"github.com/tenseleyFlow/shithub/internal/checks"

+	checksdb "github.com/tenseleyFlow/shithub/internal/checks/sqlc"

+	"github.com/tenseleyFlow/shithub/internal/infra/metrics"

+)

+

+const (

+	CancelReasonUser        = "user"

+	CancelReasonConcurrency = "concurrency"

+	CancelReasonTimeout     = "timeout"

+)

+

+// Deps wires lifecycle operations to postgres and optional warning logs.

+type Deps struct {

+	Pool   *pgxpool.Pool

+	Logger *slog.Logger

+}

+

+// CancelResult summarizes the durable state changes from a cancel request.

+type CancelResult struct {

+	RunID         int64

+	ChangedJobs   []actionsdb.WorkflowJob

+	RunCompleted  bool

+	RunConclusion actionsdb.CheckConclusion

+}

+

+// CancelRun requests cancellation for every queued/running job in a workflow

+// run. Queued jobs become terminal immediately; running jobs keep running with

+// cancel_requested=true so the runner's cancel-check loop can kill them.

+func CancelRun(ctx context.Context, deps Deps, runID int64, reason string) (CancelResult, error) {

+	if deps.Pool == nil {

+		return CancelResult{}, errors.New("actions lifecycle: nil Pool")

+	}

+	q := actionsdb.New()

+	tx, err := deps.Pool.Begin(ctx)

+	if err != nil {

+		return CancelResult{}, err

+	}

+	committed := false

+	defer func() {

+		if !committed {

+			_ = tx.Rollback(ctx)

+		}

+	}()

+

+	if _, err := q.GetWorkflowRunByID(ctx, tx, runID); err != nil {

+		return CancelResult{}, err

+	}

+	changed, err := q.RequestWorkflowRunCancel(ctx, tx, runID)

+	if err != nil {

+		return CancelResult{}, err

+	}

+	for _, job := range changed {

+		if job.Status == actionsdb.WorkflowJobStatusCancelled {

+			if _, err := q.CancelOpenWorkflowStepsForJob(ctx, tx, job.ID); err != nil {

+				return CancelResult{}, err

+			}

+		}

+	}

+	var (

+		runCompleted  bool

+		runConclusion actionsdb.CheckConclusion

+	)

+	if len(changed) > 0 {

+		runCompleted, runConclusion, err = rollupRunAfterCancel(ctx, q, tx, runID)

+		if err != nil {

+			return CancelResult{}, err

+		}

+	}

+	if err := tx.Commit(ctx); err != nil {

+		return CancelResult{}, err

+	}

+	committed = true

+

+	recordCancelledJobs(changed, reason)

+	syncChangedJobChecks(ctx, deps, changed)

+	return CancelResult{

+		RunID:         runID,

+		ChangedJobs:   changed,

+		RunCompleted:  runCompleted,

+		RunConclusion: runConclusion,

+	}, nil

+}

+

+// CancelJob requests cancellation for one queued/running job. Terminal jobs are

+// a successful no-op so a cancel/complete race does not surface as an error.

+func CancelJob(ctx context.Context, deps Deps, jobID int64, reason string) (CancelResult, error) {

+	if deps.Pool == nil {

+		return CancelResult{}, errors.New("actions lifecycle: nil Pool")

+	}

+	q := actionsdb.New()

+	tx, err := deps.Pool.Begin(ctx)

+	if err != nil {

+		return CancelResult{}, err

+	}

+	committed := false

+	defer func() {

+		if !committed {

+			_ = tx.Rollback(ctx)

+		}

+	}()

+

+	changedJob, err := q.RequestWorkflowJobCancel(ctx, tx, jobID)

+	var changed []actionsdb.WorkflowJob

+	var runID int64

+	switch {

+	case err == nil:

+		changed = []actionsdb.WorkflowJob{changedJob}

+		runID = changedJob.RunID

+		if changedJob.Status == actionsdb.WorkflowJobStatusCancelled {

+			if _, err := q.CancelOpenWorkflowStepsForJob(ctx, tx, changedJob.ID); err != nil {

+				return CancelResult{}, err

+			}

+		}

+	case errors.Is(err, pgx.ErrNoRows):

+		existing, getErr := q.GetWorkflowJobByID(ctx, tx, jobID)

+		if getErr != nil {

+			return CancelResult{}, getErr

+		}

+		runID = existing.RunID

+	default:

+		return CancelResult{}, err

+	}

+

+	var (

+		runCompleted  bool

+		runConclusion actionsdb.CheckConclusion

+	)

+	if len(changed) > 0 {

+		runCompleted, runConclusion, err = rollupRunAfterCancel(ctx, q, tx, runID)

+		if err != nil {

+			return CancelResult{}, err

+		}

+	}

+	if err := tx.Commit(ctx); err != nil {

+		return CancelResult{}, err

+	}

+	committed = true

+

+	recordCancelledJobs(changed, reason)

+	syncChangedJobChecks(ctx, deps, changed)

+	return CancelResult{

+		RunID:         runID,

+		ChangedJobs:   changed,

+		RunCompleted:  runCompleted,

+		RunConclusion: runConclusion,

+	}, nil

+}

+

+func rollupRunAfterCancel(

+	ctx context.Context,

+	q *actionsdb.Queries,

+	tx pgx.Tx,

+	runID int64,

+) (bool, actionsdb.CheckConclusion, error) {

+	jobs, err := q.ListJobsForRun(ctx, tx, runID)

+	if err != nil {

+		return false, "", err

+	}

+	runConclusion, complete := deriveWorkflowRunConclusion(jobs)

+	if complete {

+		if _, err := q.CompleteWorkflowRun(ctx, tx, actionsdb.CompleteWorkflowRunParams{

+			ID:         runID,

+			Conclusion: runConclusion,

+		}); err != nil {

+			return false, "", err

+		}

+		return true, runConclusion, nil

+	}

+	if err := q.MarkWorkflowRunRunning(ctx, tx, runID); err != nil {

+		return false, "", err

+	}

+	return false, "", nil

+}

+

+func deriveWorkflowRunConclusion(jobs []actionsdb.ListJobsForRunRow) (actionsdb.CheckConclusion, bool) {

+	if len(jobs) == 0 {

+		return actionsdb.CheckConclusionFailure, true

+	}

+	worst := actionsdb.CheckConclusionSuccess

+	for _, job := range jobs {

+		switch job.Status {

+		case actionsdb.WorkflowJobStatusCompleted, actionsdb.WorkflowJobStatusCancelled, actionsdb.WorkflowJobStatusSkipped:

+		default:

+			return "", false

+		}

+		if job.Status == actionsdb.WorkflowJobStatusCancelled {

+			worst = actionsdb.CheckConclusionCancelled

+			continue

+		}

+		if !job.Conclusion.Valid {

+			return actionsdb.CheckConclusionFailure, true

+		}

+		c := job.Conclusion.CheckConclusion

+		if c == actionsdb.CheckConclusionFailure ||

+			c == actionsdb.CheckConclusionTimedOut ||

+			c == actionsdb.CheckConclusionActionRequired {

+			return c, true

+		}

+		if c == actionsdb.CheckConclusionCancelled {

+			worst = actionsdb.CheckConclusionCancelled

+		}

+	}

+	return worst, true

+}

+

+func recordCancelledJobs(jobs []actionsdb.WorkflowJob, reason string) {

+	if len(jobs) == 0 {

+		return

+	}

+	metrics.ActionsJobsCancelledTotal.WithLabelValues(cancelReason(reason)).Add(float64(len(jobs)))

+}

+

+func cancelReason(reason string) string {

+	switch strings.TrimSpace(reason) {

+	case CancelReasonUser:

+		return CancelReasonUser

+	case CancelReasonConcurrency:

+		return CancelReasonConcurrency

+	case CancelReasonTimeout:

+		return CancelReasonTimeout

+	default:

+		return CancelReasonUser

+	}

+}

+

+func syncChangedJobChecks(ctx context.Context, deps Deps, jobs []actionsdb.WorkflowJob) {

+	for _, job := range jobs {

+		if job.Status != actionsdb.WorkflowJobStatusRunning &&

+			job.Status != actionsdb.WorkflowJobStatusCompleted &&

+			job.Status != actionsdb.WorkflowJobStatusCancelled {

+			continue

+		}

+		if err := SyncCheckRunForJob(ctx, deps, job); err != nil && deps.Logger != nil {

+			deps.Logger.WarnContext(ctx, "actions lifecycle: sync check_run", "job_id", job.ID, "error", err)

+		}

+	}

+}

+

+// SyncCheckRunForJob mirrors an Actions workflow_job row into its check_run

+// row. Missing check rows are non-fatal because check creation is already

+// best-effort in the trigger path and can be reconciled independently.

+func SyncCheckRunForJob(ctx context.Context, deps Deps, job actionsdb.WorkflowJob) error {

+	if deps.Pool == nil {

+		return errors.New("actions lifecycle: nil Pool")

+	}

+	run, err := actionsdb.New().GetWorkflowRunByID(ctx, deps.Pool, job.RunID)

+	if err != nil {

+		return err

+	}

+	name := strings.TrimSpace(job.JobName)

+	if name == "" {

+		name = job.JobKey

+	}

+	checkRun, err := checksdb.New().GetCheckRunByExternalID(ctx, deps.Pool, checksdb.GetCheckRunByExternalIDParams{

+		RepoID:     run.RepoID,

+		HeadSha:    run.HeadSha,

+		Name:       name,

+		ExternalID: pgtype.Text{String: fmt.Sprintf("workflow_run:%d:job:%s", job.RunID, job.JobKey), Valid: true},

+	})

+	if err != nil {

+		if errors.Is(err, pgx.ErrNoRows) {

+			return nil

+		}

+		return err

+	}

+	params := checks.UpdateParams{

+		RunID:        checkRun.ID,

+		HasStatus:    true,

+		HasStartedAt: true,

+		StartedAt:    timeFromPg(job.StartedAt),

+	}

+	switch job.Status {

+	case actionsdb.WorkflowJobStatusRunning:

+		params.Status = "in_progress"

+	case actionsdb.WorkflowJobStatusCompleted, actionsdb.WorkflowJobStatusCancelled:

+		params.Status = "completed"

+		params.HasConclusion = true

+		if job.Conclusion.Valid {

+			params.Conclusion = string(job.Conclusion.CheckConclusion)

+		} else if job.Status == actionsdb.WorkflowJobStatusCancelled {

+			params.Conclusion = string(actionsdb.CheckConclusionCancelled)

+		}

+		params.HasCompletedAt = true

+		params.CompletedAt = timeFromPg(job.CompletedAt)

+	default:

+		return nil

+	}

+	_, err = checks.Update(ctx, checks.Deps{Pool: deps.Pool, Logger: deps.Logger}, params)

+	return err

+}

+

+func timeFromPg(ts pgtype.Timestamptz) time.Time {

+	if !ts.Valid {

+		return time.Time{}

+	}

+	return ts.Time

+}

+// SPDX-License-Identifier: AGPL-3.0-or-later

+

+package lifecycle

+

+import (

+	"context"

+	"strings"

+	"testing"

+

+	"github.com/jackc/pgx/v5/pgtype"

+

+	actionsdb "github.com/tenseleyFlow/shithub/internal/actions/sqlc"

+	reposdb "github.com/tenseleyFlow/shithub/internal/repos/sqlc"

+	"github.com/tenseleyFlow/shithub/internal/testing/dbtest"

+	usersdb "github.com/tenseleyFlow/shithub/internal/users/sqlc"

+)

+

+const fixtureHash = "$argon2id$v=19$m=16384,t=1,p=1$" +

+	"AAAAAAAAAAAAAAAA$" +

+	"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"

+

+func TestCancelRunCancelsQueuedJobsAndCompletesRun(t *testing.T) {

+	ctx := context.Background()

+	pool := dbtest.NewTestDB(t)

+	repoID, userID := setupLifecycleRepo(t, pool)

+	q := actionsdb.New()

+	run := insertLifecycleRun(t, pool, repoID, userID, 1)

+	job, err := q.InsertWorkflowJob(ctx, pool, actionsdb.InsertWorkflowJobParams{

+		RunID:          run.ID,

+		JobIndex:       0,

+		JobKey:         "build",

+		JobName:        "Build",

+		RunsOn:         "ubuntu-latest",

+		NeedsJobs:      []string{},

+		TimeoutMinutes: 30,

+		Permissions:    []byte(`{}`),

+		JobEnv:         []byte(`{}`),

+	})

+	if err != nil {

+		t.Fatalf("InsertWorkflowJob: %v", err)

+	}

+	step, err := q.InsertWorkflowStep(ctx, pool, actionsdb.InsertWorkflowStepParams{

+		JobID:      job.ID,

+		StepIndex:  0,

+		RunCommand: "go test ./...",

+		StepEnv:    []byte(`{}`),

+		StepWith:   []byte(`{}`),

+	})

+	if err != nil {

+		t.Fatalf("InsertWorkflowStep: %v", err)

+	}

+

+	result, err := CancelRun(ctx, Deps{Pool: pool}, run.ID, CancelReasonUser)

+	if err != nil {

+		t.Fatalf("CancelRun: %v", err)

+	}

+	if len(result.ChangedJobs) != 1 || !result.RunCompleted || result.RunConclusion != actionsdb.CheckConclusionCancelled {

+		t.Fatalf("result: %+v", result)

+	}

+	gotJob, err := q.GetWorkflowJobByID(ctx, pool, job.ID)

+	if err != nil {

+		t.Fatalf("GetWorkflowJobByID: %v", err)

+	}

+	if gotJob.Status != actionsdb.WorkflowJobStatusCancelled || !gotJob.CancelRequested ||

+		!gotJob.Conclusion.Valid || gotJob.Conclusion.CheckConclusion != actionsdb.CheckConclusionCancelled {

+		t.Fatalf("job: %+v", gotJob)

+	}

+	gotStep, err := q.GetWorkflowStepByID(ctx, pool, step.ID)

+	if err != nil {

+		t.Fatalf("GetWorkflowStepByID: %v", err)

+	}

+	if gotStep.Status != actionsdb.WorkflowStepStatusCancelled ||

+		!gotStep.Conclusion.Valid || gotStep.Conclusion.CheckConclusion != actionsdb.CheckConclusionCancelled {

+		t.Fatalf("step: %+v", gotStep)

+	}

+	gotRun, err := q.GetWorkflowRunByID(ctx, pool, run.ID)

+	if err != nil {

+		t.Fatalf("GetWorkflowRunByID: %v", err)

+	}

+	if gotRun.Status != actionsdb.WorkflowRunStatusCompleted ||

+		!gotRun.Conclusion.Valid || gotRun.Conclusion.CheckConclusion != actionsdb.CheckConclusionCancelled {

+		t.Fatalf("run: %+v", gotRun)

+	}

+}

+

+func TestCancelJobRequestsRunningJobWithoutTerminalOverwrite(t *testing.T) {

+	ctx := context.Background()

+	pool := dbtest.NewTestDB(t)

+	repoID, userID := setupLifecycleRepo(t, pool)

+	q := actionsdb.New()

+	run := insertLifecycleRun(t, pool, repoID, userID, 2)

+	job, err := q.InsertWorkflowJob(ctx, pool, actionsdb.InsertWorkflowJobParams{

+		RunID:          run.ID,

+		JobIndex:       0,

+		JobKey:         "test",

+		JobName:        "Test",

+		RunsOn:         "ubuntu-latest",

+		NeedsJobs:      []string{},

+		TimeoutMinutes: 30,

+		Permissions:    []byte(`{}`),

+		JobEnv:         []byte(`{}`),

+	})

+	if err != nil {

+		t.Fatalf("InsertWorkflowJob: %v", err)

+	}

+	runner, err := q.InsertRunner(ctx, pool, actionsdb.InsertRunnerParams{

+		Name:     "runner-1",

+		Labels:   []string{"ubuntu-latest"},

+		Capacity: 1,

+	})

+	if err != nil {

+		t.Fatalf("InsertRunner: %v", err)

+	}

+	if _, err := pool.Exec(ctx, `UPDATE workflow_jobs SET runner_id = $1, status = 'running', started_at = now() WHERE id = $2`, runner.ID, job.ID); err != nil {

+		t.Fatalf("mark job running: %v", err)

+	}

+

+	result, err := CancelJob(ctx, Deps{Pool: pool}, job.ID, CancelReasonUser)

+	if err != nil {

+		t.Fatalf("CancelJob: %v", err)

+	}

+	if len(result.ChangedJobs) != 1 || result.RunCompleted {

+		t.Fatalf("result: %+v", result)

+	}

+	gotJob, err := q.GetWorkflowJobByID(ctx, pool, job.ID)

+	if err != nil {

+		t.Fatalf("GetWorkflowJobByID: %v", err)

+	}

+	if gotJob.Status != actionsdb.WorkflowJobStatusRunning || !gotJob.CancelRequested || gotJob.Conclusion.Valid {

+		t.Fatalf("job: %+v", gotJob)

+	}

+	gotRun, err := q.GetWorkflowRunByID(ctx, pool, run.ID)

+	if err != nil {

+		t.Fatalf("GetWorkflowRunByID: %v", err)

+	}

+	if gotRun.Status != actionsdb.WorkflowRunStatusRunning || gotRun.Conclusion.Valid {

+		t.Fatalf("run: %+v", gotRun)

+	}

+

+	again, err := CancelJob(ctx, Deps{Pool: pool}, job.ID, CancelReasonUser)

+	if err != nil {

+		t.Fatalf("CancelJob repeat: %v", err)

+	}

+	if len(again.ChangedJobs) != 0 {

+		t.Fatalf("repeat was not idempotent: %+v", again)

+	}

+}

+

+func setupLifecycleRepo(t *testing.T, db actionsdb.DBTX) (repoID, userID int64) {

+	t.Helper()

+	ctx := context.Background()

+	user, err := usersdb.New().CreateUser(ctx, db, usersdb.CreateUserParams{

+		Username:     "alice",

+		DisplayName:  "Alice",

+		PasswordHash: fixtureHash,

+	})

+	if err != nil {

+		t.Fatalf("CreateUser: %v", err)

+	}

+	repo, err := reposdb.New().CreateRepo(ctx, db, reposdb.CreateRepoParams{

+		OwnerUserID:   pgtype.Int8{Int64: user.ID, Valid: true},

+		Name:          "demo",

+		DefaultBranch: "trunk",

+		Visibility:    reposdb.RepoVisibilityPublic,

+	})

+	if err != nil {

+		t.Fatalf("CreateRepo: %v", err)

+	}

+	return repo.ID, user.ID

+}

+

+func insertLifecycleRun(t *testing.T, db actionsdb.DBTX, repoID, userID, runIndex int64) actionsdb.WorkflowRun {

+	t.Helper()

+	run, err := actionsdb.New().InsertWorkflowRun(context.Background(), db, actionsdb.InsertWorkflowRunParams{

+		RepoID:       repoID,

+		RunIndex:     runIndex,

+		WorkflowFile: ".shithub/workflows/ci.yml",

+		WorkflowName: "CI",

+		HeadSha:      strings.Repeat("a", 40),

+		HeadRef:      "trunk",

+		Event:        actionsdb.WorkflowRunEventPush,

+		EventPayload: []byte(`{}`),

+		ActorUserID:  pgtype.Int8{Int64: userID, Valid: true},

+	})

+	if err != nil {

+		t.Fatalf("InsertWorkflowRun: %v", err)

+	}

+	return run

+}

+-- name: RequestWorkflowJobCancel :one

+UPDATE workflow_jobs

+SET cancel_requested = true,

+    status = CASE

+        WHEN status = 'queued' THEN 'cancelled'::workflow_job_status

+        ELSE status

+    END,

+    conclusion = CASE

+        WHEN status = 'queued' THEN 'cancelled'::check_conclusion

+        ELSE conclusion

+    END,

+    started_at = CASE

+        WHEN status = 'queued' THEN COALESCE(started_at, now())

+        ELSE started_at

+    END,

+    completed_at = CASE

+        WHEN status = 'queued' THEN COALESCE(completed_at, now())

+        ELSE completed_at

+    END,

+    version = version + 1,

+    updated_at = now()

+WHERE id = $1

+  AND status IN ('queued', 'running')

+  AND (status = 'queued' OR cancel_requested = false)

+RETURNING id, run_id, job_index, job_key, job_name, runs_on,

+          runner_id, needs_jobs, if_expr, timeout_minutes, permissions,

+          job_env, status, conclusion, cancel_requested,

+          started_at, completed_at, version, created_at, updated_at;

+

+-- name: RequestWorkflowRunCancel :many

+UPDATE workflow_jobs

+SET cancel_requested = true,

+    status = CASE

+        WHEN status = 'queued' THEN 'cancelled'::workflow_job_status

+        ELSE status

+    END,

+    conclusion = CASE

+        WHEN status = 'queued' THEN 'cancelled'::check_conclusion

+        ELSE conclusion

+    END,

+    started_at = CASE

+        WHEN status = 'queued' THEN COALESCE(started_at, now())

+        ELSE started_at

+    END,

+    completed_at = CASE

+        WHEN status = 'queued' THEN COALESCE(completed_at, now())

+        ELSE completed_at

+    END,

+    version = version + 1,

+    updated_at = now()

+WHERE run_id = $1

+  AND status IN ('queued', 'running')

+  AND (status = 'queued' OR cancel_requested = false)

+RETURNING id, run_id, job_index, job_key, job_name, runs_on,

+          runner_id, needs_jobs, if_expr, timeout_minutes, permissions,

+          job_env, status, conclusion, cancel_requested,

+          started_at, completed_at, version, created_at, updated_at;

+

+      AND j.cancel_requested = false

+       conclusion, cancel_requested, needs_jobs, started_at, completed_at, created_at, updated_at

+-- name: CancelOpenWorkflowStepsForJob :many

+UPDATE workflow_steps

+SET status = 'cancelled',

+    conclusion = 'cancelled',

+    started_at = COALESCE(started_at, now()),

+    completed_at = COALESCE(completed_at, now()),

+    version = version + 1,

+    updated_at = now()

+WHERE job_id = $1

+  AND status IN ('queued', 'running')

+RETURNING id, job_id, step_index, step_id, step_name, if_expr,

+          run_command, uses_alias, working_directory, step_env,

+          continue_on_error, status, conclusion, log_object_key,

+          log_byte_count, started_at, completed_at, version,

+          created_at, updated_at, step_with;

+

+	CancelOpenWorkflowStepsForJob(ctx context.Context, db DBTX, jobID int64) ([]WorkflowStep, error)

+	RequestWorkflowJobCancel(ctx context.Context, db DBTX, id int64) (WorkflowJob, error)

+	RequestWorkflowRunCancel(ctx context.Context, db DBTX, runID int64) ([]WorkflowJob, error)

+      AND j.cancel_requested = false

+       conclusion, cancel_requested, needs_jobs, started_at, completed_at, created_at, updated_at

+	ID              int64

+	RunID           int64

+	JobIndex        int32

+	JobKey          string

+	JobName         string

+	RunsOn          string

+	Status          WorkflowJobStatus

+	Conclusion      NullCheckConclusion

+	CancelRequested bool

+	NeedsJobs       []string

+	StartedAt       pgtype.Timestamptz

+	CompletedAt     pgtype.Timestamptz

+	CreatedAt       pgtype.Timestamptz

+	UpdatedAt       pgtype.Timestamptz

+			&i.CancelRequested,

+const requestWorkflowJobCancel = `-- name: RequestWorkflowJobCancel :one

+UPDATE workflow_jobs

+SET cancel_requested = true,

+    status = CASE

+        WHEN status = 'queued' THEN 'cancelled'::workflow_job_status

+        ELSE status

+    END,

+    conclusion = CASE

+        WHEN status = 'queued' THEN 'cancelled'::check_conclusion

+        ELSE conclusion

+    END,

+    started_at = CASE

+        WHEN status = 'queued' THEN COALESCE(started_at, now())

+        ELSE started_at

+    END,

+    completed_at = CASE

+        WHEN status = 'queued' THEN COALESCE(completed_at, now())

+        ELSE completed_at

+    END,

+    version = version + 1,

+    updated_at = now()

+WHERE id = $1

+  AND status IN ('queued', 'running')

+  AND (status = 'queued' OR cancel_requested = false)

+RETURNING id, run_id, job_index, job_key, job_name, runs_on,

+          runner_id, needs_jobs, if_expr, timeout_minutes, permissions,

+          job_env, status, conclusion, cancel_requested,

+          started_at, completed_at, version, created_at, updated_at

+`

+

+func (q *Queries) RequestWorkflowJobCancel(ctx context.Context, db DBTX, id int64) (WorkflowJob, error) {

+	row := db.QueryRow(ctx, requestWorkflowJobCancel, id)

+	var i WorkflowJob

+	err := row.Scan(

+		&i.ID,

+		&i.RunID,

+		&i.JobIndex,

+		&i.JobKey,

+		&i.JobName,

+		&i.RunsOn,

+		&i.RunnerID,

+		&i.NeedsJobs,

+		&i.IfExpr,

+		&i.TimeoutMinutes,

+		&i.Permissions,

+		&i.JobEnv,

+		&i.Status,

+		&i.Conclusion,

+		&i.CancelRequested,

+		&i.StartedAt,

+		&i.CompletedAt,

+		&i.Version,

+		&i.CreatedAt,

+		&i.UpdatedAt,

+	)

+	return i, err

+}

+

+const requestWorkflowRunCancel = `-- name: RequestWorkflowRunCancel :many

+UPDATE workflow_jobs

+SET cancel_requested = true,

+    status = CASE

+        WHEN status = 'queued' THEN 'cancelled'::workflow_job_status

+        ELSE status

+    END,

+    conclusion = CASE

+        WHEN status = 'queued' THEN 'cancelled'::check_conclusion

+        ELSE conclusion

+    END,

+    started_at = CASE

+        WHEN status = 'queued' THEN COALESCE(started_at, now())

+        ELSE started_at

+    END,

+    completed_at = CASE

+        WHEN status = 'queued' THEN COALESCE(completed_at, now())

+        ELSE completed_at

+    END,

+    version = version + 1,

+    updated_at = now()

+WHERE run_id = $1

+  AND status IN ('queued', 'running')

+  AND (status = 'queued' OR cancel_requested = false)

+RETURNING id, run_id, job_index, job_key, job_name, runs_on,

+          runner_id, needs_jobs, if_expr, timeout_minutes, permissions,

+          job_env, status, conclusion, cancel_requested,

+          started_at, completed_at, version, created_at, updated_at

+`

+

+func (q *Queries) RequestWorkflowRunCancel(ctx context.Context, db DBTX, runID int64) ([]WorkflowJob, error) {

+	rows, err := db.Query(ctx, requestWorkflowRunCancel, runID)

+	if err != nil {

+		return nil, err

+	}

+	defer rows.Close()

+	items := []WorkflowJob{}

+	for rows.Next() {

+		var i WorkflowJob

+		if err := rows.Scan(

+			&i.ID,

+			&i.RunID,

+			&i.JobIndex,

+			&i.JobKey,

+			&i.JobName,

+			&i.RunsOn,

+			&i.RunnerID,

+			&i.NeedsJobs,

+			&i.IfExpr,

+			&i.TimeoutMinutes,

+			&i.Permissions,

+			&i.JobEnv,

+			&i.Status,

+			&i.Conclusion,

+			&i.CancelRequested,

+			&i.StartedAt,

+			&i.CompletedAt,

+			&i.Version,

+			&i.CreatedAt,

+			&i.UpdatedAt,

+		); err != nil {

+			return nil, err

+		}

+		items = append(items, i)

+	}

+	if err := rows.Err(); err != nil {

+		return nil, err

+	}

+	return items, nil

+}

+

+const cancelOpenWorkflowStepsForJob = `-- name: CancelOpenWorkflowStepsForJob :many

+UPDATE workflow_steps

+SET status = 'cancelled',

+    conclusion = 'cancelled',

+    started_at = COALESCE(started_at, now()),

+    completed_at = COALESCE(completed_at, now()),

+    version = version + 1,

+    updated_at = now()

+WHERE job_id = $1

+  AND status IN ('queued', 'running')

+RETURNING id, job_id, step_index, step_id, step_name, if_expr,

+          run_command, uses_alias, working_directory, step_env,

+          continue_on_error, status, conclusion, log_object_key,

+          log_byte_count, started_at, completed_at, version,

+          created_at, updated_at, step_with

+`

+

+func (q *Queries) CancelOpenWorkflowStepsForJob(ctx context.Context, db DBTX, jobID int64) ([]WorkflowStep, error) {

+	rows, err := db.Query(ctx, cancelOpenWorkflowStepsForJob, jobID)

+	if err != nil {

+		return nil, err

+	}

+	defer rows.Close()

+	items := []WorkflowStep{}

+	for rows.Next() {

+		var i WorkflowStep

+		if err := rows.Scan(

+			&i.ID,

+			&i.JobID,

+			&i.StepIndex,

+			&i.StepID,

+			&i.StepName,

+			&i.IfExpr,

+			&i.RunCommand,

+			&i.UsesAlias,

+			&i.WorkingDirectory,

+			&i.StepEnv,

+			&i.ContinueOnError,

+			&i.Status,

+			&i.Conclusion,

+			&i.LogObjectKey,

+			&i.LogByteCount,

+			&i.StartedAt,

+			&i.CompletedAt,

+			&i.Version,

+			&i.CreatedAt,

+			&i.UpdatedAt,

+			&i.StepWith,

+		); err != nil {

+			return nil, err

+		}

+		items = append(items, i)

+	}

+	if err := rows.Err(); err != nil {

+		return nil, err

+	}

+	return items, nil

+}

+

+	ActionsJobsCancelledTotal = prometheus.NewCounterVec(

+		prometheus.CounterOpts{

+			Name: "shithub_actions_jobs_cancelled_total",

+			Help: "Total Actions job cancellation requests by reason (user, concurrency, timeout).",

+		},

+		[]string{"reason"},

+	)

+		ActionsJobsCancelledTotal,