From 9efc5116515729dc9904f119fc14e369db3a4419 Mon Sep 17 00:00:00 2001 From: Nathan Miller Date: Tue, 13 Feb 2024 11:22:09 -0800 Subject: [PATCH 1/3] allow manual start for scorecard workflow --- .github/workflows/scorecard.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index a3811e0c..d25ad0c7 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -15,6 +15,7 @@ on: # branches: [ "development" ] pull_request: branches: [ "development" ] + workflow_dispatch: # Declare default permissions as read only. permissions: read-all From 4129d7c103b133c7b33a699f538f036278fcccd9 Mon Sep 17 00:00:00 2001 From: Nathan Miller Date: Tue, 13 Feb 2024 11:22:35 -0800 Subject: [PATCH 2/3] add name for SBOM workflow --- .github/workflows/sbom-generate-submit.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/sbom-generate-submit.yml b/.github/workflows/sbom-generate-submit.yml index a89ece22..1d841f48 100644 --- a/.github/workflows/sbom-generate-submit.yml +++ b/.github/workflows/sbom-generate-submit.yml @@ -10,6 +10,7 @@ permissions: jobs: build: + name: Generate-Submit-SBOM runs-on: ubuntu-22.04 permissions: id-token: write From acfeee43dedd1b6fd1cf0ade00403dcadfb5d3d5 Mon Sep 17 00:00:00 2001 From: Nathan Miller Date: Wed, 14 Feb 2024 10:51:41 -0800 Subject: [PATCH 3/3] add concurrency group to deploy-eks workflow so that only one in-progress run is allowed at a time --- .github/workflows/deploy-eks.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy-eks.yml b/.github/workflows/deploy-eks.yml index 3bd94c1a..5ce60f42 100644 --- a/.github/workflows/deploy-eks.yml +++ b/.github/workflows/deploy-eks.yml @@ -8,8 +8,14 @@ on: repository_dispatch: types: [ "trigger_deploy_release_event" ] +# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. +# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. +concurrency: + group: ${{ github.workflow }}-${{ github.ref_name }} + cancel-in-progress: false + env: - AWS_REGION: us-west-2 # set this to your preferred AWS region, e.g. us-west-1 + AWS_REGION: us-west-2 permissions: contents: read