From e8ba1eade3655ce64e4ce0301e1d83b1cfd34795 Mon Sep 17 00:00:00 2001 From: aidan garske Date: Fri, 22 May 2026 23:24:45 -0700 Subject: [PATCH] ci: pause non-smoke workflows on draft PRs, add smoke preflight --- .github/actions/wait-for-smoke/action.yml | 95 +++++++++++++++++++++++ .github/workflows/bind9.yml | 3 + .github/workflows/cjose.yml | 3 + .github/workflows/cmdline.yml | 2 + .github/workflows/codespell.yml | 2 + .github/workflows/curl.yml | 3 + .github/workflows/debian-package.yml | 3 + .github/workflows/fips-ready.yml | 2 + .github/workflows/git-ssh-dr.yml | 3 + .github/workflows/grpc.yml | 3 + .github/workflows/hostap.yml | 3 + .github/workflows/iperf.yml | 3 + .github/workflows/krb5.yml | 3 + .github/workflows/libcryptsetup.yml | 3 + .github/workflows/libeac3.yml | 3 + .github/workflows/libfido2.yml | 3 + .github/workflows/libhashkit2.yml | 3 + .github/workflows/libnice.yml | 3 + .github/workflows/liboauth2.yml | 3 + .github/workflows/librelp.yml | 3 + .github/workflows/libssh2.yml | 3 + .github/workflows/libtss2.yml | 2 + .github/workflows/libwebsockets.yml | 3 + .github/workflows/multi-compiler.yml | 2 + .github/workflows/net-snmp.yml | 3 + .github/workflows/nginx.yml | 3 + .github/workflows/openldap.yml | 3 + .github/workflows/opensc.yml | 3 + .github/workflows/openssh.yml | 3 + .github/workflows/openssl-version.yml | 2 + .github/workflows/openvpn.yml | 3 + .github/workflows/pam-pkcs11.yml | 3 + .github/workflows/ppp.yml | 3 + .github/workflows/python3-ntp.yml | 3 + .github/workflows/qt5network5.yml | 3 + .github/workflows/rsync.yml | 3 + .github/workflows/seed-src.yml | 2 + .github/workflows/simple.yml | 2 + .github/workflows/smoke-test.yml | 59 ++++++++++++++ .github/workflows/socat.yml | 3 + .github/workflows/sscep.yml | 3 + .github/workflows/sssd.yml | 2 + .github/workflows/stunnel.yml | 3 + .github/workflows/systemd.yml | 3 + .github/workflows/tcpdump.yml | 3 + .github/workflows/tnftp.yml | 3 + .github/workflows/tpm2-tools.yml | 3 + .github/workflows/x11vnc.yml | 3 + 48 files changed, 283 insertions(+) create mode 100644 .github/actions/wait-for-smoke/action.yml create mode 100644 .github/workflows/smoke-test.yml diff --git a/.github/actions/wait-for-smoke/action.yml b/.github/actions/wait-for-smoke/action.yml new file mode 100644 index 00000000..b16f9de3 --- /dev/null +++ b/.github/actions/wait-for-smoke/action.yml @@ -0,0 +1,95 @@ +name: 'Wait for Smoke Test' +description: 'Polls the Smoke Test workflow for the current commit and fails if it failed.' + +# Designed to be the leading job in pull_request-triggered workflows so that +# expensive integration CI does not run unless the smoke build passes. +# +# Push events bypass the wait entirely (we still get smoke results for those +# pushes, but other CI is not gated on push). For drafts, callers should +# skip dependent jobs via `if: github.event.pull_request.draft == false` - +# this action will still pass through if smoke is skipped or absent. + +inputs: + workflow: + description: 'Name of the smoke workflow file to wait on' + required: false + default: 'smoke-test.yml' + timeout-seconds: + description: 'Maximum time to wait for smoke to complete' + required: false + default: '1800' + poll-seconds: + description: 'Polling interval' + required: false + default: '20' + github-token: + description: 'GITHUB_TOKEN with actions:read permission' + required: true + +runs: + using: 'composite' + steps: + - name: Wait for smoke + shell: bash + env: + GH_TOKEN: ${{ inputs.github-token }} + SMOKE_WORKFLOW: ${{ inputs.workflow }} + TIMEOUT: ${{ inputs.timeout-seconds }} + POLL: ${{ inputs.poll-seconds }} + REPO: ${{ github.repository }} + run: | + set -u + # Only gate pull_request events. Push events are not gated. + if [ "${{ github.event_name }}" != "pull_request" ]; then + echo "Not a pull_request event - skipping smoke gate." + exit 0 + fi + + HEAD_SHA="${{ github.event.pull_request.head.sha }}" + echo "Waiting for $SMOKE_WORKFLOW on $HEAD_SHA (timeout ${TIMEOUT}s)" + + START=$(date +%s) + while :; do + NOW=$(date +%s) + ELAPSED=$((NOW - START)) + if [ "$ELAPSED" -ge "$TIMEOUT" ]; then + echo "::error::Timed out after ${TIMEOUT}s waiting for $SMOKE_WORKFLOW on $HEAD_SHA" + exit 1 + fi + + # Look up the latest run for this workflow + head SHA. + RUN_JSON=$(gh api \ + "repos/${REPO}/actions/workflows/${SMOKE_WORKFLOW}/runs?head_sha=${HEAD_SHA}&per_page=1" \ + 2>/dev/null || echo '{}') + + STATUS=$(echo "$RUN_JSON" | jq -r '.workflow_runs[0].status // "missing"') + CONCLUSION=$(echo "$RUN_JSON" | jq -r '.workflow_runs[0].conclusion // ""') + RUN_URL=$(echo "$RUN_JSON" | jq -r '.workflow_runs[0].html_url // ""') + + case "$STATUS" in + completed) + case "$CONCLUSION" in + success) + echo "Smoke test passed: $RUN_URL" + exit 0 + ;; + skipped|neutral) + echo "Smoke test was $CONCLUSION - treating as pass: $RUN_URL" + exit 0 + ;; + *) + echo "::error::Smoke test concluded as '$CONCLUSION': $RUN_URL" + exit 1 + ;; + esac + ;; + missing) + echo "[$ELAPSED s] No smoke run yet for $HEAD_SHA" + ;; + *) + echo "[$ELAPSED s] Smoke status=$STATUS ($RUN_URL)" + ;; + esac + + sleep "$POLL" + done diff --git a/.github/workflows/bind9.yml b/.github/workflows/bind9.yml index 264bf1f7..4ae71e63 100644 --- a/.github/workflows/bind9.yml +++ b/.github/workflows/bind9.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_bind: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/cjose.yml b/.github/workflows/cjose.yml index 3d593a89..78261fdc 100644 --- a/.github/workflows/cjose.yml +++ b/.github/workflows/cjose.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_cjose: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider # Run inside Debian Bookworm to match packaging environment diff --git a/.github/workflows/cmdline.yml b/.github/workflows/cmdline.yml index 7183fcaf..78c99fbd 100644 --- a/.github/workflows/cmdline.yml +++ b/.github/workflows/cmdline.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: cmdtest_test: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false name: Command line test runs-on: ubuntu-22.04 timeout-minutes: 20 diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index 374e61bc..576df4ca 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: codespell: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false name: Check for spelling errors runs-on: ubuntu-22.04 timeout-minutes: 5 diff --git a/.github/workflows/curl.yml b/.github/workflows/curl.yml index 5f49d55f..042f6764 100644 --- a/.github/workflows/curl.yml +++ b/.github/workflows/curl.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_curl: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/debian-package.yml b/.github/workflows/debian-package.yml index 2be668d5..0cc1db88 100644 --- a/.github/workflows/debian-package.yml +++ b/.github/workflows/debian-package.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true, false ] libwolfprov-replace-default: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false name: libwolfprov ${{ matrix.replace_default && 'replace-default' || 'standalone' }} ${{ matrix.fips_ref }} runs-on: ubuntu-22.04 needs: build_wolfprovider diff --git a/.github/workflows/fips-ready.yml b/.github/workflows/fips-ready.yml index d5d0d1e1..fb2b65ca 100644 --- a/.github/workflows/fips-ready.yml +++ b/.github/workflows/fips-ready.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: fips_ready_test: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false name: FIPS Ready Bundle Test runs-on: ubuntu-22.04 timeout-minutes: 20 diff --git a/.github/workflows/git-ssh-dr.yml b/.github/workflows/git-ssh-dr.yml index 881f5b33..5fbc09c8 100644 --- a/.github/workflows/git-ssh-dr.yml +++ b/.github/workflows/git-ssh-dr.yml @@ -5,6 +5,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -12,6 +13,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -26,6 +28,7 @@ jobs: replace_default: [ true ] git-ssh-default-replace-test: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 container: image: debian:bookworm diff --git a/.github/workflows/grpc.yml b/.github/workflows/grpc.yml index 1761a66c..8a92c257 100644 --- a/.github/workflows/grpc.yml +++ b/.github/workflows/grpc.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_grpc: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/hostap.yml b/.github/workflows/hostap.yml index 370709f7..79c05f61 100644 --- a/.github/workflows/hostap.yml +++ b/.github/workflows/hostap.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**'] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_hostap: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider # Run inside Debian Bookworm with privileged access for UML diff --git a/.github/workflows/iperf.yml b/.github/workflows/iperf.yml index 5f9c3c3d..ec0dc4e7 100644 --- a/.github/workflows/iperf.yml +++ b/.github/workflows/iperf.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_iperf: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/krb5.yml b/.github/workflows/krb5.yml index 05f0d7be..2e0e4c2f 100644 --- a/.github/workflows/krb5.yml +++ b/.github/workflows/krb5.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_krb5: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/libcryptsetup.yml b/.github/workflows/libcryptsetup.yml index 6727bf5e..64d66e70 100644 --- a/.github/workflows/libcryptsetup.yml +++ b/.github/workflows/libcryptsetup.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_cryptsetup: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/libeac3.yml b/.github/workflows/libeac3.yml index 3c53ff21..1521ccd8 100644 --- a/.github/workflows/libeac3.yml +++ b/.github/workflows/libeac3.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_libeac3: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/libfido2.yml b/.github/workflows/libfido2.yml index cf375313..a26b0eef 100644 --- a/.github/workflows/libfido2.yml +++ b/.github/workflows/libfido2.yml @@ -4,12 +4,14 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -24,6 +26,7 @@ jobs: replace_default: [ true ] test_libfido2: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/libhashkit2.yml b/.github/workflows/libhashkit2.yml index db5844c9..627c6710 100644 --- a/.github/workflows/libhashkit2.yml +++ b/.github/workflows/libhashkit2.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_libhashkit2: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/libnice.yml b/.github/workflows/libnice.yml index e82a4ee0..c6519f73 100644 --- a/.github/workflows/libnice.yml +++ b/.github/workflows/libnice.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_libnice: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/liboauth2.yml b/.github/workflows/liboauth2.yml index 6a294be5..ffc217ad 100644 --- a/.github/workflows/liboauth2.yml +++ b/.github/workflows/liboauth2.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_liboauth2: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/librelp.yml b/.github/workflows/librelp.yml index 002c4fd8..d771b65b 100644 --- a/.github/workflows/librelp.yml +++ b/.github/workflows/librelp.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_librelp: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider # Run inside Debian Bookworm to match packaging environment diff --git a/.github/workflows/libssh2.yml b/.github/workflows/libssh2.yml index f5c59177..ae48c88c 100644 --- a/.github/workflows/libssh2.yml +++ b/.github/workflows/libssh2.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_libssh2: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/libtss2.yml b/.github/workflows/libtss2.yml index aaf434b0..d53302ea 100644 --- a/.github/workflows/libtss2.yml +++ b/.github/workflows/libtss2.yml @@ -4,12 +4,14 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: test_tpm2_tss: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 timeout-minutes: 30 strategy: diff --git a/.github/workflows/libwebsockets.yml b/.github/workflows/libwebsockets.yml index c471fce2..499e6a30 100644 --- a/.github/workflows/libwebsockets.yml +++ b/.github/workflows/libwebsockets.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_libwebsockets: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/multi-compiler.yml b/.github/workflows/multi-compiler.yml index 8619977f..46c4ab33 100644 --- a/.github/workflows/multi-compiler.yml +++ b/.github/workflows/multi-compiler.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false name: Build with compiler ${{ matrix.CC }}, wolfssl ${{ matrix.wolfssl_ref }}, OpenSSL ${{ matrix.openssl_ref }} runs-on: ${{ matrix.OS }} timeout-minutes: 20 diff --git a/.github/workflows/net-snmp.yml b/.github/workflows/net-snmp.yml index dcb806b3..5e2cfaac 100644 --- a/.github/workflows/net-snmp.yml +++ b/.github/workflows/net-snmp.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_net_snmp: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/nginx.yml b/.github/workflows/nginx.yml index 1159b765..04cad097 100644 --- a/.github/workflows/nginx.yml +++ b/.github/workflows/nginx.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_nginx: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/openldap.yml b/.github/workflows/openldap.yml index 5b85854a..b67926d9 100644 --- a/.github/workflows/openldap.yml +++ b/.github/workflows/openldap.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_openldap: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/opensc.yml b/.github/workflows/opensc.yml index f8b44d12..07c9161e 100644 --- a/.github/workflows/opensc.yml +++ b/.github/workflows/opensc.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_opensc: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/openssh.yml b/.github/workflows/openssh.yml index b4b2e835..f35c0e8a 100644 --- a/.github/workflows/openssh.yml +++ b/.github/workflows/openssh.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_openssh: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/openssl-version.yml b/.github/workflows/openssl-version.yml index 90e6a77d..c8f34783 100644 --- a/.github/workflows/openssl-version.yml +++ b/.github/workflows/openssl-version.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: openssl_version_test: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false continue-on-error: true name: OpenSSL Version Test runs-on: ubuntu-22.04 diff --git a/.github/workflows/openvpn.yml b/.github/workflows/openvpn.yml index de421158..a2498f8e 100644 --- a/.github/workflows/openvpn.yml +++ b/.github/workflows/openvpn.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_openvpn: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider # This should be a safe limit for the tests to run. diff --git a/.github/workflows/pam-pkcs11.yml b/.github/workflows/pam-pkcs11.yml index a3666bba..f2ee7939 100644 --- a/.github/workflows/pam-pkcs11.yml +++ b/.github/workflows/pam-pkcs11.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_pam_pkcs11: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/ppp.yml b/.github/workflows/ppp.yml index 457f81c5..400dfecd 100644 --- a/.github/workflows/ppp.yml +++ b/.github/workflows/ppp.yml @@ -5,6 +5,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -12,6 +13,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -26,6 +28,7 @@ jobs: replace_default: [ true ] test_ppp: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/python3-ntp.yml b/.github/workflows/python3-ntp.yml index 21881f32..61484b9f 100644 --- a/.github/workflows/python3-ntp.yml +++ b/.github/workflows/python3-ntp.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_python3-ntp: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider # This should be a safe limit for the tests to run. diff --git a/.github/workflows/qt5network5.yml b/.github/workflows/qt5network5.yml index f12581d0..2b226f66 100644 --- a/.github/workflows/qt5network5.yml +++ b/.github/workflows/qt5network5.yml @@ -4,6 +4,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -11,6 +12,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -25,6 +27,7 @@ jobs: replace_default: [ true ] test_qtbase_network: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/rsync.yml b/.github/workflows/rsync.yml index 57f64e20..6f6e793a 100644 --- a/.github/workflows/rsync.yml +++ b/.github/workflows/rsync.yml @@ -4,6 +4,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -11,6 +12,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -25,6 +27,7 @@ jobs: replace_default: [ true ] test_rsync: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider timeout-minutes: 15 diff --git a/.github/workflows/seed-src.yml b/.github/workflows/seed-src.yml index 37e89703..7155b45f 100644 --- a/.github/workflows/seed-src.yml +++ b/.github/workflows/seed-src.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: seed_src_test: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false name: SEED-SRC Test runs-on: ubuntu-22.04 timeout-minutes: 20 diff --git a/.github/workflows/simple.yml b/.github/workflows/simple.yml index 19c30ab4..3430a1aa 100644 --- a/.github/workflows/simple.yml +++ b/.github/workflows/simple.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: simple_test: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false name: Simple Test runs-on: ubuntu-22.04 timeout-minutes: 20 diff --git a/.github/workflows/smoke-test.yml b/.github/workflows/smoke-test.yml new file mode 100644 index 00000000..4d800d6f --- /dev/null +++ b/.github/workflows/smoke-test.yml @@ -0,0 +1,59 @@ +name: Smoke Test + +# Fast pre-flight build + test for wolfProvider against a single +# wolfSSL/OpenSSL combo. Intentionally runs on drafts too: this is the +# gate that protects the rest of CI from broken commits. Other PR +# workflows can `uses:` the companion .github/actions/wait-for-smoke +# action to require this to pass before their expensive build matrices +# kick off. + +on: + push: + branches: [ 'master', 'main', 'release/**' ] + pull_request: + branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] + +concurrency: + group: smoke-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + +permissions: + contents: read + +jobs: + smoke: + name: Smoke build (${{ matrix.config.name }}) + runs-on: ubuntu-22.04 + timeout-minutes: 20 + strategy: + fail-fast: false + matrix: + config: + - name: master/openssl-3.5 + wolfssl_ref: master + openssl_ref: openssl-3.5.4 + extra: "" + - name: stable/openssl-3.5 + wolfssl_ref: v5.8.4-stable + openssl_ref: openssl-3.5.4 + extra: "" + + steps: + - name: Checkout wolfProvider + uses: actions/checkout@v4 + with: + fetch-depth: 1 + + - name: Build and test wolfProvider + run: | + OPENSSL_TAG=${{ matrix.config.openssl_ref }} \ + WOLFSSL_TAG=${{ matrix.config.wolfssl_ref }} \ + ./scripts/build-wolfprovider.sh ${{ matrix.config.extra }} + + - name: Print errors + if: ${{ failure() }} + run: | + if [ -f test-suite.log ] ; then + cat test-suite.log + fi diff --git a/.github/workflows/socat.yml b/.github/workflows/socat.yml index 1abeadfe..df9bdbeb 100644 --- a/.github/workflows/socat.yml +++ b/.github/workflows/socat.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_socat: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider continue-on-error: true diff --git a/.github/workflows/sscep.yml b/.github/workflows/sscep.yml index 4ea28a9b..68d7b622 100644 --- a/.github/workflows/sscep.yml +++ b/.github/workflows/sscep.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_sscep: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider timeout-minutes: 10 diff --git a/.github/workflows/sssd.yml b/.github/workflows/sssd.yml index ceb6d80f..cfc6d5a8 100644 --- a/.github/workflows/sssd.yml +++ b/.github/workflows/sssd.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: test_sssd: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 timeout-minutes: 20 container: diff --git a/.github/workflows/stunnel.yml b/.github/workflows/stunnel.yml index cae41223..bccfada9 100644 --- a/.github/workflows/stunnel.yml +++ b/.github/workflows/stunnel.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_stunnel: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/systemd.yml b/.github/workflows/systemd.yml index 4ae223fd..887c0191 100644 --- a/.github/workflows/systemd.yml +++ b/.github/workflows/systemd.yml @@ -6,6 +6,7 @@ on: branches: ['master', 'main', 'release/**'] pull_request: branches: ['*'] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_systemd: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider # This should be a safe limit for the tests to run. diff --git a/.github/workflows/tcpdump.yml b/.github/workflows/tcpdump.yml index 295a4b09..336d1654 100644 --- a/.github/workflows/tcpdump.yml +++ b/.github/workflows/tcpdump.yml @@ -5,12 +5,14 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -25,6 +27,7 @@ jobs: replace_default: [ true ] test_tcpdump: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider continue-on-error: true diff --git a/.github/workflows/tnftp.yml b/.github/workflows/tnftp.yml index 6beaf3e8..5a4ab210 100644 --- a/.github/workflows/tnftp.yml +++ b/.github/workflows/tnftp.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_tnftp: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/tpm2-tools.yml b/.github/workflows/tpm2-tools.yml index 76e71b00..8479dc9c 100644 --- a/.github/workflows/tpm2-tools.yml +++ b/.github/workflows/tpm2-tools.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_tpm2_tools: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: diff --git a/.github/workflows/x11vnc.yml b/.github/workflows/x11vnc.yml index 40c3cb44..5cdd7316 100644 --- a/.github/workflows/x11vnc.yml +++ b/.github/workflows/x11vnc.yml @@ -6,6 +6,7 @@ on: branches: [ 'master', 'main', 'release/**' ] pull_request: branches: [ '*' ] + types: [opened, synchronize, reopened, ready_for_review] concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -14,6 +15,7 @@ concurrency: jobs: build_wolfprovider: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false uses: ./.github/workflows/build-wolfprovider.yml with: wolfssl_ref: ${{ matrix.wolfssl_ref }} @@ -28,6 +30,7 @@ jobs: replace_default: [ true ] test_x11vnc: + if: github.event_name != 'pull_request' || github.event.pull_request.draft == false runs-on: ubuntu-22.04 needs: build_wolfprovider container: