storybookjs/storybook - GitHub Actions cost & CI smells
Workflows
15
Per-run $ (modeled)
$2.05
Monthly $ @ 30/day
$1,843.2
ci-doctor findings
67
Numbers are modeled: 8 minutes per priced job, 30 runs per day per workflow, 30-day month, GitHub-hosted runner rate sheet. storybookjs/storybook's real run frequency is unknown to me. Smells, however, are real - they come from parsing the actual YAML.
Findings by rule
| Rule | Hits |
|---|---|
missing-timeout | 31 |
artifact-no-retention | 12 |
missing-permissions | 7 |
pinned-action-sha | 6 |
missing-concurrency | 3 |
wide-trigger | 3 |
missing-cache | 2 |
fetch-depth-zero | 2 |
Per-workflow breakdown
| Workflow | Jobs | Per-run $ | Findings |
|---|---|---|---|
handle-release-branches.yml |
6 | $0.38 | 11 |
code-simplifier.lock.yml |
5 | $0.32 | 10 |
duplicate-code-detector.lock.yml |
4 | $0.26 | 9 |
trigger-circle-ci-workflow.yml |
3 | $0.19 | 5 |
fork-checks.yml |
3 | $0.13 | 7 |
generate-sandboxes.yml |
2 | $0.13 | 5 |
publish.yml |
2 | $0.13 | 3 |
copilot-setup-steps.yml |
1 | $0.06 | 3 |
cron-weekly.yml |
1 | $0.06 | 2 |
danger-js.yml |
1 | $0.06 | 2 |
nx.yml |
1 | $0.06 | 3 |
prepare-non-patch-release.yml |
1 | $0.06 | 2 |
prepare-patch-release.yml |
1 | $0.06 | 2 |
stale.yml |
1 | $0.06 | 1 |
triage.yml |
1 | $0.06 | 2 |
Examples of what ci-doctor reports
handle-release-branches.yml ·
WARN
pinned-action-shanotiz-dev/github-action-json-property@release is not SHA-pinned. Mutable refs let upstream replace the action under you. Pin to a 40-char commit SHA and add a comment with the version. Run `npx pin-actions` to do all pins automatically.
handle-release-branches.yml ·
WARN
missing-concurrencyNo top-level concurrency block. New pushes will not cancel in-flight runs of stale commits, doubling spend on rapid-push branches.
handle-release-branches.yml ·
INFO
wide-triggerpush trigger has no branches filter. Workflow fires on every branch push.
code-simplifier.lock.yml ·
WARN
missing-timeoutJob 'activation' has no timeout-minutes. Default is 360 (6h). A hung job can drain your CI budget.
code-simplifier.lock.yml ·
WARN
missing-timeoutJob 'agent' has no timeout-minutes. Default is 360 (6h). A hung job can drain your CI budget.
code-simplifier.lock.yml ·
WARN
missing-timeoutJob 'conclusion' has no timeout-minutes. Default is 360 (6h). A hung job can drain your CI budget.
What you can do
If you maintain storybookjs/storybook or a similar workflow shape, three patterns probably move the most dollars per minute of work:
- Add a
concurrency:block withcancel-in-progress: trueon every PR-triggered workflow. - Set
timeout-minuteson every job (default is 6 hours). - Make sure every
setup-*action setscache: <ecosystem>.
Free CLIs that automate the audit and the pin step:
npx ci-doctor # 14-rule audit
npx ci-doctor --fix # auto-apply the four safe fixes
npx pin-actions # pin every uses: ref to a SHA
npx gha-budget # estimate per-run $ + monthlyWant the full pattern set?
The Cut Your CI Bill cookbook is 30 paste-ready GitHub Actions patterns plus 5 hardened workflow templates. $19, one-time, MIT-licensed templates.
Get the cookbookAbout this dataset
Methodology and code: /blog/oss-ci-cost-benchmarks.html. Compare with all 20 repos: /benchmarks.html. This page is regenerated when the benchmark dataset is refreshed.