add hybrid idle detection (ssh connections + marker file)#1
add hybrid idle detection (ssh connections + marker file)#1aayushshah15 merged 1 commit intomainfrom
Conversation
instead of relying solely on the marker file, the idle loop now checks for active ssh connections to the runner port first. this catches interactive sessions and long-running commands generically. the marker file remains as a fallback for short-lived cli commands. Co-authored-by: Cursor <cursoragent@cursor.com>
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
| if [ -f ~/.testbox-last-activity ]; then | ||
| LAST_ACTIVITY=$(stat -c %Y ~/.testbox-last-activity) | ||
| # Check for active SSH connections to the runner's SSH port | ||
| if ss -tnp 2>/dev/null | grep -q ":${RUNNER_SSH_PORT}\b" ; then |
There was a problem hiding this comment.
🔴 SSH port grep matches outgoing connections, not just incoming ones
The ss output grep pattern :${RUNNER_SSH_PORT}\b matches the port number anywhere on the line, including in the Peer Address:Port column. This means outgoing connections from the runner to remote port 22 (e.g., git clone git@github.com:..., ssh to another host) are falsely detected as incoming SSH activity.
Root cause and impact
ss -tnp output has this format:
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
ESTAB 0 0 172.16.9.2:54321 1.2.3.4:22 users:(("ssh"...))
The grep pattern grep -q ":${RUNNER_SSH_PORT}\b" scans the entire line, so it matches :22 in the Peer Address column too. For the default port 22, any outgoing SSH connection from the runner (git over SSH, scp, ssh tunnels) will keep LAST_ACTIVITY pinned to $NOW on every polling cycle, preventing the idle timeout from ever triggering.
Impact: Runners using the default SSH port 22 that have any outgoing SSH connection will never idle-timeout, staying alive until the GitHub Actions job-level timeout (typically 6 hours). This wastes compute resources and money.
The fix should constrain the match to the local address column only. For example, by checking that the port appears as a local listening port:
if ss -tnp state established 2>/dev/null | awk '{print $4}' | grep -q ":${RUNNER_SSH_PORT}$" ; then| if ss -tnp 2>/dev/null | grep -q ":${RUNNER_SSH_PORT}\b" ; then | |
| if ss -tnp 2>/dev/null | awk '{print $4}' | grep -q ":${RUNNER_SSH_PORT}$" ; then |
Was this helpful? React with 👍 or 👎 to provide feedback.
1 participant
Summary
~/.testbox-last-activitymarker file for short-lived CLI commandsMade with Cursor