Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-17 05:58:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 47
fleet/.github/workflows
History
Scott Gress caf5e6f3b0
Allow patch release of fleetd via releaser script (#27448) 
For #21396

# Details

This PR updates the automated release cycle for Orbit desktop, so that
it triggers based on a pushed _tag_ rather than a pushed PR. This has
the following benefits:

* The release can be based off of any branch, rather than always using
`main` as the base, so we can safely do patch release of desktop without
including in-progress code from main
* It brings the desktop release process more in line with the main Orbit
release process -- both are now triggered by a tag push.

We still create a PR for the release, to include a changelog.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.
- [ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).

## Testing

To do -- will discuss with @lucasmrod

---------

Co-authored-by: Luke Heath <luke@fleetdm.com>
2025-04-04 09:47:16 -05:00
..
config Speculative fix for flaky TestVPPApps. (#25385) 2025-01-13 16:28:48 -06:00
build-and-check-fleetctl-docker-and-deps.yml Fix trivy fleetctl workflow (#23643) 2024-11-12 14:58:41 -03:00
build-binaries.yaml bump action/cache to version 4.2.0 (#25508) 2025-01-17 15:01:27 +00:00
build-fleetd-base-msi.yml Address code scanning permissions warnings (#27250) 2025-03-20 12:07:41 -05:00
build-fleetd-base-pkg.yml Update deprecated actions/upload-artifact to v4.5.0 (#25295) 2025-01-09 12:08:02 -06:00
build-fleetd_tables.yaml Update deprecated actions/upload-artifact missed in previous PR. (#25724) 2025-01-23 10:50:55 -06:00
build-orbit.yaml Update deprecated actions/upload-artifact missed in previous PR. (#25724) 2025-01-23 10:50:55 -06:00
check-automated-doc.yml Add help system to Makefile + FDM command (#25028) 2025-02-28 07:42:32 -06:00
check-tuf-timestamps.yml Check for timestamps on the new TUF repository (#26638) 2025-02-27 17:59:11 -03:00
check-updates-timestamps.yml Check for timestamps on the new TUF repository (#26638) 2025-02-27 17:59:11 -03:00
close-stale-eng-initiated-issues.yml Add stale issues workflow (#27047) 2025-03-14 16:11:43 -05:00
code-sign-windows.yml Windows orbit.exe and fleet-desktop.exe are now signed. (#18201) 2024-04-26 12:46:23 -05:00
codeql-analysis.yml Attempt to use go.mod version instead of hidden Github var (#21768) 2024-09-03 20:49:50 -03:00
db-upgrade-test.yml Simplify DB test/upgrade tool (#27141) 2025-03-14 17:07:41 -03:00
dependency-review.yml [StepSecurity] Apply security best practices (#17811) 2024-03-22 16:19:11 -05:00
deploy-fleet-website.yml Update node version used in website workflows. (#25605) 2025-01-20 14:33:43 -06:00
deploy-vulnerability-dashboard.yml Change Ubuntu version in Heroku deploy workflows (#22939) 2024-10-15 16:20:12 -05:00
docs.yml [StepSecurity] ci: Harden GitHub Actions (#17780) 2024-03-22 15:32:23 -05:00
dogfood-automated-policy-updates.yml Added policy automation and new Windows installer (#27244) 2025-03-19 13:54:25 -05:00
dogfood-deploy.yml Add cloudfront to dogfood (#26962) 2025-03-12 10:59:39 -05:00
dogfood-gitops.yml Switched from metadata_url to metadata for end user authentication (#26042) 2025-02-20 10:02:24 -06:00
fleet-and-orbit.yml Cleanup scripts (#27307) 2025-03-27 16:43:53 -05:00
fleetctl-preview-latest.yml Update deprecated actions/upload-artifact to v4.5.0 (#25295) 2025-01-09 12:08:02 -06:00
fleetctl-preview.yml Update ubuntu-20.04 to ubuntu-22.04 on CI actions due to deprecation (#26466) 2025-02-21 13:11:50 -03:00
fleetd-tuf.yml Update TUF status generation to use new TUF repository (#26099) 2025-02-07 08:30:07 -03:00
generate-desktop-targets.yml Allow patch release of fleetd via releaser script (#27448) 2025-04-04 09:47:16 -05:00
generate-nudge-targets.yml Update deprecated actions/upload-artifact to v4.5.0 (#25295) 2025-01-09 12:08:02 -06:00
generate-osqueryd-targets.yml Release osqueryd 5.16.0 (#26394) 2025-02-18 16:59:09 -03:00
golangci-lint.yml Update to Go 1.24.1 (#27506) 2025-03-31 11:14:09 -05:00
goreleaser-fleet.yaml Update goreleaser-fleet workflow to use ubuntu-22.04-4-cores runner (#26930) 2025-03-10 10:01:36 -05:00
goreleaser-orbit.yaml Build orbit on ubuntu-20.04 (#27156) 2025-03-14 16:17:38 -03:00
goreleaser-snapshot-fleet.yaml Update ubuntu-20.04 to ubuntu-22.04 on CI actions due to deprecation (#26466) 2025-02-21 13:11:50 -03:00
ingest-maintained-apps.yml Fix path for go-version-file in FMA ingest job (#27744) 2025-04-01 16:19:21 -05:00
integration.yml Cleanup scripts (#27307) 2025-03-27 16:43:53 -05:00
pr-helm.yaml Update ubuntu-20.04 to ubuntu-22.04 on CI actions due to deprecation (#26466) 2025-02-21 13:11:50 -03:00
randokiller-go.yml Address code scanning permissions warnings (#27250) 2025-03-20 12:07:41 -05:00
README.md add concurrency to ci (#8271) 2022-10-24 14:01:00 -06:00
release-fleetctl-docker-deps.yaml Attempt to use go.mod version instead of hidden Github var (#21768) 2024-09-03 20:49:50 -03:00
release-fleetd-base.yml Add retry to fleetd base pkg build. (#24489) 2024-12-09 13:24:38 -06:00
release-fleetd-chrome-beta.yml Keep all fleetd-base and fleetd-chrome artifacts. (#19749) 2024-06-17 15:49:06 -05:00
release-fleetd-chrome.yml Keep all fleetd-base and fleetd-chrome artifacts. (#19749) 2024-06-17 15:49:06 -05:00
release-helm.yaml Update ubuntu-20.04 to ubuntu-22.04 on CI actions due to deprecation (#26466) 2025-02-21 13:11:50 -03:00
render-deploy.yml Added Render deploy workflow for fleet-gitops CI. (#23190) 2024-10-25 15:55:42 -05:00
scorecards-analysis.yml Update deprecated actions/upload-artifact to v4.5.0 (#25295) 2025-01-09 12:08:02 -06:00
test-bulk-operations-dashboard-changes.yml Add app to manage scripts and profiles. (#21450) 2024-08-22 14:59:15 -06:00
test-db-changes.yml Auto-generate and check Android schema.sql (#26720) 2025-02-28 16:30:40 -06:00
test-fleetd-chrome.yml bump action/cache to version 4.2.0 (#25508) 2025-01-17 15:01:27 +00:00
test-go.yaml Fix code scanning alerts (#27074) 2025-03-27 10:01:20 -03:00
test-js.yml update storybook to 8.4.7 (#25451) 2025-01-20 16:17:33 +00:00
test-native-tooling-packaging.yml Add CI check to detect issues with pushed fleetdm/fleetctl docker image (#22020) 2024-09-16 13:05:28 -03:00
test-packaging-build-docker-deps.yml Add CI check to detect issues with pushed fleetdm/fleetctl docker image (#22020) 2024-09-16 13:05:28 -03:00
test-packaging.yml Remove default EXE install/uninstall scripts, require entering install/uninstall scripts on EXE upload (#27268) 2025-03-31 13:52:06 -05:00
test-puppet.yml [StepSecurity] ci: Harden GitHub Actions (#17780) 2024-03-22 15:32:23 -05:00
test-vulnerability-dashboard-changes.yml [StepSecurity] ci: Harden GitHub Actions (#17780) 2024-03-22 15:32:23 -05:00
test-website.yml Update node version used in website workflows. (#25605) 2025-01-20 14:33:43 -06:00
test-yml-specs.yml Attempt to use go.mod version instead of hidden Github var (#21768) 2024-09-03 20:49:50 -03:00
tfvalidate.yml Update terraform version used in tfvalidate (#24699) 2024-12-12 11:25:26 -06:00
trivy-scan.yml Fix rate limiting issue in Trivy workflow scan (#23634) 2024-11-07 15:06:17 -06:00
update-certs.yml Add reviewers to automated PRs (#18390) 2024-04-18 10:51:07 -03:00
update-old-tuf-timestamp-signature.yaml Add workflow to update timestamp on new repository (#26635) 2025-02-27 18:02:42 -03:00
update-osquery-versions.yml [StepSecurity] ci: Harden GitHub Actions (#25985) 2025-02-03 12:25:18 -06:00
update-tuf-timestamp-signature.yaml Fix code scanning alerts (#27074) 2025-03-27 10:01:20 -03:00
verify-fleetd-base.yml Increase sleep time in verify-fleetd-base.yml (#27763) 2025-04-02 14:30:04 -03:00

README.md

Github Actions

Fleet uses Github Actions for continuous integration (CI). This document describes best practices and at patterns for writing and maintaining Fleet's Github Actions workflows.

Bash

By default, Github Actions sets the shell to bash -e for linux and MacOS runners. To help write safer bash scripts in run jobs and avoid common issues, override the default by adding the following to the workflow file

defaults:
  run:
    # fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
    shell: bash

By specifying the default shell to bash, some extra flags are set. The option pipefail changes the behaviour when using the pipe | operator such that if any command in a pipeline fails, that commands return code will be used a the return code for the whole pipeline. Consider the following example in test-go.yaml

    - name: Run Go Tests
      run: |
        # omitted ...
          make test-go 2>&1 | tee /tmp/gotest.log

If the pipefail option was not set, this job would always succeed because tee would always return success. This is not the intended behavior. Instead, we want the job to fail if make test-go fails.

Concurrency

Github Action runners are limited. If a lot of workflows are queued, they will wait in pending until a runner becomes available. This has caused issue in the past where workflows take an excessively long time to start. To help with this issue, use the following in workflows

# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
  cancel-in-progress: true

When a workflow is triggered via a pull request, it will cancel previous running workflows for that pull request. This is especially useful when changes are pushed to a pull request frequently. Manually triggered workflows, workflows that run on a schedule, and workflows triggered by pushes to main are unaffected.