Skip to content

Redesign Github workflows#59

Merged
FooBarWidget merged 11 commits into
mainfrom
pr_ci
May 15, 2026
Merged

Redesign Github workflows#59
FooBarWidget merged 11 commits into
mainfrom
pr_ci

Conversation

@FooBarWidget
Copy link
Copy Markdown
Member

@FooBarWidget FooBarWidget commented May 13, 2026
edited
Loading

  • Have a single test-and-build workflow for testing everything as well as building the API server. Get rid of the separate "build API server" workflow.
  • Have the deploy workflow trigger based on successful completion of API server build on the main branch.
  • Syntax check Ansible.
  • Security audit workflows using zizmor — thanks TanStack for the tip.
  • Make test-and-build workflow compatible with pull requests.
  • Enforce timeouts.

@FooBarWidget
Redesign Github workflows
fe4ab98 
- Have a single test workflow for testing everything, including the API server.
- Split the API server workflow into a build part and a deploy part. Get rid of test steps, since that's done by the test workflow.
- Syntax check Ansible.
- Make test and API server build workflows compatible with pull requests.
- Enforce timeouts.
@FooBarWidget FooBarWidget requested review from abtreece and rus-max May 13, 2026 16:01
@github-advanced-security
Copy link
Copy Markdown

github-advanced-security AI commented May 14, 2026

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

abtreece
abtreece reviewed May 15, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@abtreece abtreece left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Solid consolidation — security posture is meaningfully better than what it replaces. A few inline notes.

Comment thread .github/workflows/test-and-build.yml Outdated
Comment thread .github/workflows/test-and-build.yml
Comment thread .github/workflows/test-and-build.yml
Comment thread .github/workflows/deploy.yml Outdated
Comment thread apiserver/README.md
@FooBarWidget
Copy link
Copy Markdown
Member Author

FooBarWidget commented May 15, 2026

Addressed all feedback.

abtreece
abtreece approved these changes May 15, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@abtreece abtreece left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Verified the three fix commits:

  • 10f1ae72 — force-push skip now recovers changed files via merge-base instead of always over-building; fail-open guards on default branch and unresolvable merge-base. Nice.
  • 463a1f18restore-keys added.
  • 2a8bb460-f dropped from the deploy tag push.

Accepting your calls on zizmor (blocking is the right default) and the README wording. Approving.

@FooBarWidget FooBarWidget merged commit 5758dea into main May 15, 2026
13 checks passed
@FooBarWidget FooBarWidget deleted the pr_ci branch May 15, 2026 15:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@abtreece abtreece abtreece approved these changes

@rus-max rus-max Awaiting requested review from rus-max

@noahssarcastic noahssarcastic Awaiting requested review from noahssarcastic

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@FooBarWidget @github-advanced-security @abtreece