Skip to content

chore: add concurrent workflow rules #4855

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
npalm merged 3 commits into from
Nov 3, 2025
Merged

chore: add concurrent workflow rules #4855

npalm merged 3 commits into from
Nov 3, 2025

Conversation

@npalm
Copy link
Member

@npalm npalm commented Oct 30, 2025

This pull request updates several GitHub Actions workflow files to add concurrency controls. The main goal is to prevent multiple runs of the same workflow from executing simultaneously on the same branch or ref, which helps reduce unnecessary resource usage and ensures that only the latest workflow run is active. Most workflows now use a concurrency group based on the workflow name and branch/ref, with cancel-in-progress set to true so that in-progress runs are canceled when a new run is triggered. Two workflows (release.yml and stale.yml) use a different concurrency configuration.

Concurrency configuration added to workflows:

General concurrency improvements

  • Added concurrency blocks to .github/workflows/codeql.yml, .github/workflows/dependency-review.yml, .github/workflows/lambda.yml, .github/workflows/ossf-scorecard.yml, .github/workflows/ovs.yml, .github/workflows/packer-build.yml, .github/workflows/semantic-check.yml, .github/workflows/terraform.yml, .github/workflows/update-docs.yml, and .github/workflows/zizmor.yml to group runs by workflow name and branch/ref and cancel in-progress runs (cancel-in-progress: true). [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]

Special concurrency configuration

  • For .github/workflows/release.yml, added a concurrency group by workflow name and branch/ref, but set cancel-in-progress: false to allow multiple runs to proceed.
  • For .github/workflows/stale.yml, added a concurrency group by workflow name only, with cancel-in-progress: false.

@npalm npalm requested a review from a team as a code owner October 30, 2025 15:16
@npalm npalm requested a review from rjaegers October 30, 2025 15:17
@github-actions
Copy link
Contributor

github-actions bot commented Oct 30, 2025
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 30, 2025
View reviewed changes
@npalm npalm requested a review from Copilot October 30, 2025 15:18
@npalm npalm marked this pull request as draft October 30, 2025 15:18
Copilot AI reviewed Oct 30, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds concurrency controls to 12 GitHub Actions workflow files to prevent multiple runs of the same workflow on the same branch/ref from executing simultaneously.

  • Adds concurrency groups using ${{ github.workflow }}-${{ github.ref }} pattern to most workflows
  • Sets cancel-in-progress: true for CI/validation workflows to save resources
  • Sets cancel-in-progress: false for release and stale workflows to ensure completion

Reviewed Changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
.github/workflows/zizmor.yml Adds concurrency control with auto-cancellation
.github/workflows/update-docs.yml Adds concurrency control with auto-cancellation
.github/workflows/terraform.yml Adds concurrency control with auto-cancellation
.github/workflows/stale.yml Adds concurrency control without auto-cancellation; uses workflow-only group
.github/workflows/semantic-check.yml Adds concurrency control with auto-cancellation
.github/workflows/release.yml Adds concurrency control without auto-cancellation
.github/workflows/packer-build.yml Adds concurrency control with auto-cancellation
.github/workflows/ovs.yml Adds concurrency control with auto-cancellation
.github/workflows/ossf-scorecard.yml Adds concurrency control with auto-cancellation
.github/workflows/lambda.yml Adds concurrency control with auto-cancellation
.github/workflows/dependency-review.yml Adds concurrency control with auto-cancellation
.github/workflows/codeql.yml Adds concurrency control with auto-cancellation

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@npalm npalm requested a review from Copilot October 30, 2025 15:28
@npalm npalm marked this pull request as ready for review October 30, 2025 15:28
Copilot AI reviewed Oct 30, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Copilot reviewed 13 out of 13 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@npalm npalm merged commit be9572a into main Nov 3, 2025
57 checks passed
@npalm npalm deleted the npalm/zizmor-concurrent-rule branch November 3, 2025 09:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@rjaegers rjaegers rjaegers approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@npalm @rjaegers