Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 13:37:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 91

add concurrency to ci (#8271)

Browse source 
* add concurrency to ci

* add readme for workflows
This commit is contained in:
Michal Nicpon 2022-10-24 14:01:00 -06:00 committed by GitHub
parent b2a9c78c92
commit 56f3cb62ef
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
30 changed files with 204 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

51
.github/workflows/README.md vendored Normal file
View file

@ -0,0 +1,51 @@
# Github Actions
Fleet uses Github Actions for continuous integration (CI). This document describes best practices
and at patterns for writing and maintaining Fleet's Github Actions workflows.
## Bash
By default, Github Actions sets the shell to `bash -e` for linux and MacOS runners. To help write
safer bash scripts in run jobs and avoid common issues, override the default by adding the following
to the workflow file
```
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
shell: bash
```
By specifying the default shell to `bash`, some extra flags are set. The option `pipefail` changes
the behaviour when using the pipe `|` operator such that if any command in a pipeline fails, that
commands return code will be used a the return code for the whole pipeline. Consider the following
example in `test-go.yaml`
```
- name: Run Go Tests
run: |
# omitted ...
make test-go 2>&1 | tee /tmp/gotest.log
```
If the `pipefail` option was *not* set, this job would always succeed because `tee` would always
return success. This is not the intended behavior. Instead, we want the job to fail if `make
test-go` fails.
## Concurrency
Github Action runners are limited. If a lot of workflows are queued, they will wait in pending until
a runner becomes available. This has caused issue in the past where workflows take an excessively long
time to start. To help with this issue, use the following in workflows
```
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
```
When a workflow is triggered via a pull request, it will cancel previous running workflows for that
pull request. This is especially useful when changes are pushed to a pull request frequently.
Manually triggered workflows, workflows that run on a schedule, and workflows triggered by pushes to
`main` are unaffected.

5
.github/workflows/build-and-push-fleetctl-docker.yml vendored
View file

@ -9,6 +9,11 @@ on:
required: true
type: string
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/build-binaries.yaml vendored
View file

@ -7,6 +7,11 @@ on:
pull_request:
workflow_dispatch:
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/codeql-analysis.yml vendored
View file

@ -14,6 +14,11 @@ on:
- '**.ts'
- '**.tsx'
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/deploy-fleet-website.yml vendored
View file

@ -10,6 +10,11 @@ on:
- 'articles/**'
- 'schema/**'
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/docs.yml vendored
View file

@ -9,6 +9,11 @@ on:
schedule:
- cron: '0 6 * * *' # Nightly 6AM UTC
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/dogfood-deploy.yml vendored
View file

@ -7,6 +7,11 @@ on:
description: 'The image tag wished to be deployed.'
required: true
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/fleet-and-orbit.yml vendored
View file

@ -18,6 +18,11 @@ on:
- '.github/workflows/fleet-and-orbit.yml'
workflow_dispatch: # Manual
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

12
.github/workflows/fleetctl-preview-latest.yml vendored
View file

@ -27,6 +27,16 @@ on:
- 'docs/01-Using-Fleet/standard-query-library/standard-query-library.yml'
workflow_dispatch: # Manual
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
shell: bash
permissions:
contents: read
@ -70,7 +80,6 @@ jobs:
run: make fleetctl
- name: Run fleetctl preview
shell: bash
run: |
./build/fleetctl preview --std-query-lib-file-path $(pwd)/docs/01-Using-Fleet/standard-query-library/standard-query-library.yml
sleep 10
@ -83,7 +92,6 @@ jobs:
# Copying logs, otherwise the upload-artifact action uploads the logs in a hidden folder (.fleet)
cp ~/.fleet/preview/orbit.log orbit.log
cp -r ~/.fleet/preview/logs osquery_result_status_logs
shell: bash
- name: Upload logs
if: always()

8
.github/workflows/fleetctl-preview.yml vendored
View file

@ -1,12 +1,16 @@
name: Test fleetctl preview
# Tests the `fleetctl preview` command with latest npm released version of fleetctl.
name: Test fleetctl preview
on:
workflow_dispatch: # Manual
schedule:
- cron: '0 2 * * *' # Nightly 2AM UTC
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
permissions:
contents: read

5
.github/workflows/generate-desktop-targets.yml vendored
View file

@ -13,6 +13,11 @@ on:
- '.github/workflows/generate-desktop-targets.yml'
workflow_dispatch:
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/generate-osqueryd-targets.yml vendored
View file

@ -13,6 +13,11 @@ on:
- '.github/workflows/generate-osqueryd-targets.yml'
workflow_dispatch:
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/golangci-lint.yml vendored
View file

@ -13,6 +13,11 @@ on:
- '.github/workflows/golangci-lint.yml'
workflow_dispatch: # Manual
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/goreleaser-fleet.yaml vendored
View file

@ -5,6 +5,11 @@ on:
tags:
- 'fleet-*'
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/goreleaser-orbit.yaml vendored
View file

@ -5,6 +5,11 @@ on:
tags:
- 'orbit-*'
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/goreleaser-snapshot-fleet.yaml vendored
View file

@ -2,6 +2,11 @@ name: Docker publish
on: push
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/integration.yml vendored
View file

@ -11,6 +11,11 @@ on:
schedule:
- cron: '0 2 * * *' # Nightly 2AM UTC
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/pr-helm.yaml vendored
View file

@ -8,6 +8,11 @@ on:
- '.github/scripts/helm-check-expected.sh'
- 'tools/ci/helm-values/**'
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/push-osquery-perf-to-ecr.yml vendored
View file

@ -18,6 +18,11 @@ on:
required: true
default: latest
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/release-helm.yaml vendored
View file

@ -5,6 +5,11 @@ on:
types: [released] # don't trigger on pre-releases
workflow_dispatch: # allow manual trigger
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/scorecards-analysis.yml vendored
View file

@ -9,6 +9,11 @@ on:
push:
branches: [ main ]
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

9
.github/workflows/test-db-changes.yml vendored
View file

@ -12,14 +12,19 @@ on:
- '.github/workflows/test-schema-changes.yml'
workflow_dispatch: # Manual
permissions:
contents: read
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
shell: bash
permissions:
contents: read
jobs:
test-db-changes:
runs-on: ubuntu-latest

5
.github/workflows/test-go.yaml vendored
View file

@ -19,6 +19,11 @@ on:
schedule:
- cron: '0 4 * * *'
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/test-native-tooling-packaging.yml vendored
View file

@ -21,6 +21,11 @@ on:
- '.github/workflows/test-native-tooling-packaging.yml'
workflow_dispatch: # Manual
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/test-packaging.yml vendored
View file

@ -23,6 +23,11 @@ on:
- '.github/workflows/test-packaging.yml'
workflow_dispatch: # Manual
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/test-website.yml vendored
View file

@ -8,6 +8,11 @@ on:
- 'handbook/**'
- 'schema/**'
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/test.yml vendored
View file

@ -22,6 +22,11 @@ on:
- webpack.config.js
- tsconfig.json
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/tfsec.yml vendored
View file

@ -11,6 +11,11 @@ on:
- '**.tf'
workflow_dispatch: # Manual dispatch
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/tfvalidate.yml vendored
View file

@ -11,6 +11,11 @@ on:
- '**.tf'
workflow_dispatch: # Manual dispatch
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference

5
.github/workflows/update-certs.yml vendored
View file

@ -5,6 +5,11 @@ on:
schedule:
- cron: '0 6 * * *' # Nightly 6AM UTC
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference