From 85de0d31c6f2d71824003239ca1dd71c7339be57 Mon Sep 17 00:00:00 2001
From: Mark Stacey <markjstacey@gmail.com>
Date: Tue, 27 Jun 2023 09:25:50 -0230
Subject: [PATCH] Fail policy update on cache miss (#19775)

If there is a cache miss during the policy update workflow, the result
would be invalid (either a partial update or a misleading "no policy
changes" message). To prevent this, the cache step will now fail if it
is not able to restore the cache.
---
 .github/workflows/update-lavamoat-policies.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/update-lavamoat-policies.yml b/.github/workflows/update-lavamoat-policies.yml
index 291ecc35f..eb649555e 100644
--- a/.github/workflows/update-lavamoat-policies.yml
+++ b/.github/workflows/update-lavamoat-policies.yml
@@ -130,6 +130,7 @@ jobs:
         with:
           path: lavamoat/build-system
           key: cache-build-${{ github.run_id }}-${{ github.run_attempt }}
+          fail-on-cache-miss: true
       # One restore step per build type: [main, beta, flask, mmi, desktop]
       # Ensure this is synchronized with the list above in the "update-lavamoat-webapp-policy" job
       # and with the build type list in `builds.yml`
@@ -138,27 +139,31 @@ jobs:
         with:
           path: lavamoat/browserify/main
           key: cache-main-${{ github.run_id }}-${{ github.run_attempt }}
+          fail-on-cache-miss: true
       - name: Restore beta application policy
         uses: actions/cache/restore@v3
         with:
           path: lavamoat/browserify/beta
           key: cache-beta-${{ github.run_id }}-${{ github.run_attempt }}
+          fail-on-cache-miss: true
       - name: Restore flask application policy
         uses: actions/cache/restore@v3
         with:
           path: lavamoat/browserify/flask
           key: cache-flask-${{ github.run_id }}-${{ github.run_attempt }}
+          fail-on-cache-miss: true
       - name: Restore mmi application policy
         uses: actions/cache/restore@v3
         with:
           path: lavamoat/browserify/mmi
           key: cache-mmi-${{ github.run_id }}-${{ github.run_attempt }}
+          fail-on-cache-miss: true
       - name: Restore desktop application policy
         uses: actions/cache/restore@v3
         with:
           path: lavamoat/browserify/desktop
           key: cache-desktop-${{ github.run_id }}-${{ github.run_attempt }}
-
+          fail-on-cache-miss: true
       - name: Check whether there are policy changes
         id: policy-changes
         run: |