From 8e22b667445cbb31cccb3d0edbad95551428807c Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Fri, 6 Feb 2026 05:36:35 +0000 Subject: [PATCH] fix: correct ci concurrency and checkout configuration - Remove sparse-checkout from supply-chain-pr workflow to allow local docker builds - Update concurrency groups in docker-build, quality-checks, and codeql to use strict branch refs - Remove SHA component from integration test concurrency groups to enable proper cancellation of stale runs - Ensures rapid pushes now correctly cancel previous in-progress CI jobs instead of queuing indefinitely --- .github/workflows/cerberus-integration.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/crowdsec-integration.yml | 2 +- .github/workflows/docker-build.yml | 2 +- .github/workflows/quality-checks.yml | 2 +- .github/workflows/rate-limit-integration.yml | 2 +- .github/workflows/waf-integration.yml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/cerberus-integration.yml b/.github/workflows/cerberus-integration.yml index 2d58d62d..943ee06f 100644 --- a/.github/workflows/cerberus-integration.yml +++ b/.github/workflows/cerberus-integration.yml @@ -22,7 +22,7 @@ on: # Prevent race conditions when PR is updated mid-test # Cancels old test runs when new build completes with different SHA concurrency: - group: ${{ github.workflow }}-${{ github.event.workflow_run.head_branch || github.ref }}-${{ github.event.workflow_run.head_sha || github.sha }} + group: ${{ github.workflow }}-${{ github.event.workflow_run.head_branch || github.ref }} cancel-in-progress: true jobs: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f130a8ef..ee4dbfdb 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -17,7 +17,7 @@ on: - cron: '0 3 * * 1' concurrency: - group: ${{ github.workflow }}-${{ github.ref }} + group: ${{ github.workflow }}-${{ github.head_ref || github.ref_name }} cancel-in-progress: true env: diff --git a/.github/workflows/crowdsec-integration.yml b/.github/workflows/crowdsec-integration.yml index b899def2..d54355b2 100644 --- a/.github/workflows/crowdsec-integration.yml +++ b/.github/workflows/crowdsec-integration.yml @@ -22,7 +22,7 @@ on: # Prevent race conditions when PR is updated mid-test # Cancels old test runs when new build completes with different SHA concurrency: - group: ${{ github.workflow }}-${{ github.event.workflow_run.head_branch || github.ref }}-${{ github.event.workflow_run.head_sha || github.sha }} + group: ${{ github.workflow }}-${{ github.event.workflow_run.head_branch || github.ref }} cancel-in-progress: true jobs: diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index b1e3b4e3..7abf0829 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -38,7 +38,7 @@ on: workflow_call: concurrency: - group: ${{ github.workflow }}-${{ github.ref }} + group: ${{ github.workflow }}-${{ github.head_ref || github.ref_name }} cancel-in-progress: true env: diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml index 2e5a3139..bd0a6e98 100644 --- a/.github/workflows/quality-checks.yml +++ b/.github/workflows/quality-checks.yml @@ -15,7 +15,7 @@ on: - 'hotfix/**' concurrency: - group: ${{ github.workflow }}-${{ github.ref }} + group: ${{ github.workflow }}-${{ github.head_ref || github.ref_name }} cancel-in-progress: true permissions: diff --git a/.github/workflows/rate-limit-integration.yml b/.github/workflows/rate-limit-integration.yml index 0d3375d0..f62b87ec 100644 --- a/.github/workflows/rate-limit-integration.yml +++ b/.github/workflows/rate-limit-integration.yml @@ -22,7 +22,7 @@ on: # Prevent race conditions when PR is updated mid-test # Cancels old test runs when new build completes with different SHA concurrency: - group: ${{ github.workflow }}-${{ github.event.workflow_run.head_branch || github.ref }}-${{ github.event.workflow_run.head_sha || github.sha }} + group: ${{ github.workflow }}-${{ github.event.workflow_run.head_branch || github.ref }} cancel-in-progress: true jobs: diff --git a/.github/workflows/waf-integration.yml b/.github/workflows/waf-integration.yml index bda6b8d2..1ad91ef6 100644 --- a/.github/workflows/waf-integration.yml +++ b/.github/workflows/waf-integration.yml @@ -22,7 +22,7 @@ on: # Prevent race conditions when PR is updated mid-test # Cancels old test runs when new build completes with different SHA concurrency: - group: ${{ github.workflow }}-${{ github.event.workflow_run.head_branch || github.ref }}-${{ github.event.workflow_run.head_sha || github.sha }} + group: ${{ github.workflow }}-${{ github.event.workflow_run.head_branch || github.ref }} cancel-in-progress: true jobs: