From 5b31cf49190f95af6bb393896c49a17afbf1e62e Mon Sep 17 00:00:00 2001 From: Amaury Chamayou Date: Tue, 9 Jul 2024 16:06:49 +0100 Subject: [PATCH] Update CI triggers (#6348) --- .github/workflows/README.md | 6 +++--- .github/workflows/ci.yml | 8 ++++++-- .github/workflows/codeql-analysis.yml | 9 ++++++--- .github/workflows/tlaplus.yml | 8 ++++++-- 4 files changed, 21 insertions(+), 10 deletions(-) diff --git a/.github/workflows/README.md b/.github/workflows/README.md index 215994d46347..390e7091342c 100644 --- a/.github/workflows/README.md +++ b/.github/workflows/README.md @@ -30,21 +30,21 @@ File: `ci-containers-ghcr.yml` # CI -Main continuous integration job. Builds CCF for all target platforms, runs unit, end to end and partition tests for SGX and Virtual. Run on every commit, including PRs from forks, gates merging. +Main continuous integration job. Builds CCF for all target platforms, runs unit, end to end and partition tests for SGX and Virtual. Run on every commit, including PRs from forks, gates merging. Also runs once a week, regardless of commits. File: `ci.yml` 3rd party dependencies: None # CodeQL analysis -Builds CCF with CodeQL, and runs the security-extended checks. Triggered on every commit on main, plus PRs that affect ".github/workflows/codeql-analysis.yml". +Builds CCF with CodeQL, and runs the security-extended checks. Triggered on PRs that affect ".github/workflows/codeql-analysis.yml", and once a week on main. File: `codeql-analysis.yml` 3rd party dependencies: None # Release -Produces CCF release artefacts from 5.0.0-rc0 onwards, for all languages and platforms. Triggered on tag matching "ccf-5.\*". The output of the job is a draft release, which needs to be published manually. Publishing triggers the downstream jobs listed below. +Produces CCF release artefacts from 5.0.0-rc0 onwards, for all languages and platforms. Triggered on tags matching "ccf-5.\*". The output of the job is a draft release, which needs to be published manually. Publishing triggers the downstream jobs listed below. File: `release.yml` 3rd party dependencies: None diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b8ae4aba3bf2..267b3db04da3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,12 +1,16 @@ name: CI on: - push: - branches: [main] + schedule: + - cron: "0 0 * * 0" pull_request: workflow_dispatch: merge_group: +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + permissions: contents: read actions: read diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index b3ecc8a9f747..ce89186d55c9 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -6,14 +6,17 @@ name: "CodeQL" on: - push: - branches: [main] + schedule: + - cron: "0 0 * * 0" pull_request: - branches: [main] paths: - ".github/workflows/codeql-analysis.yml" workflow_dispatch: +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + permissions: read-all jobs: diff --git a/.github/workflows/tlaplus.yml b/.github/workflows/tlaplus.yml index f561f76a7e07..de42cf1dd728 100644 --- a/.github/workflows/tlaplus.yml +++ b/.github/workflows/tlaplus.yml @@ -1,13 +1,17 @@ name: "TLA+ Spec Verification" on: - push: - branches: [main] + schedule: + - cron: "0 0 * * 0" pull_request: paths: - "tla/**" workflow_dispatch: +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + permissions: actions: read contents: read