Skip to content

Commit f0c069f

Browse files
vvolandvvoland
committed
gha: Add conditional skip for jobs with 'ci/validate-only' label
This change adds conditional logic to skip build and test jobs when a pull request is labeled with 'ci/validate-only'. The `govulncheck` job in the CI workflow is intentionally excluded from this conditional logic, ensuring security vulnerability checks always run regardless of the label. Signed-off-by: Paweł Gronowski <[email protected]>
1 parent cd8e84a commit f0c069f

7 files changed

Lines changed: 23 additions & 4 deletions

File tree

.github/workflows/arm64.yml

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@ jobs:
3737
build:
3838
runs-on: ubuntu-24.04-arm
3939
timeout-minutes: 20 # guardrails timeout for the whole job
40+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
4041
needs:
4142
- validate-dco
4243
strategy:
@@ -70,6 +71,7 @@ jobs:
7071
build-dev:
7172
runs-on: ubuntu-24.04-arm
7273
timeout-minutes: 120 # guardrails timeout for the whole job
74+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
7375
needs:
7476
- validate-dco
7577
steps:
@@ -93,6 +95,7 @@ jobs:
9395
test-unit:
9496
runs-on: ubuntu-24.04-arm
9597
timeout-minutes: 120 # guardrails timeout for the whole job
98+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
9699
needs:
97100
- build-dev
98101
steps:
@@ -150,7 +153,7 @@ jobs:
150153
runs-on: ubuntu-24.04
151154
timeout-minutes: 10
152155
continue-on-error: ${{ github.event_name != 'pull_request' }}
153-
if: always()
156+
if: always() && (github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only'))
154157
needs:
155158
- test-unit
156159
steps:
@@ -179,6 +182,7 @@ jobs:
179182
runs-on: ubuntu-24.04-arm
180183
timeout-minutes: 120 # guardrails timeout for the whole job
181184
continue-on-error: ${{ github.event_name != 'pull_request' }}
185+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
182186
needs:
183187
- build-dev
184188
steps:
@@ -249,7 +253,7 @@ jobs:
249253
runs-on: ubuntu-24.04
250254
timeout-minutes: 10
251255
continue-on-error: ${{ github.event_name != 'pull_request' }}
252-
if: always()
256+
if: always() && (github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only'))
253257
needs:
254258
- test-integration
255259
steps:

.github/workflows/bin-image.yml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,7 @@ jobs:
4242
prepare:
4343
runs-on: ubuntu-24.04
4444
timeout-minutes: 20 # guardrails timeout for the whole job
45+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
4546
outputs:
4647
platforms: ${{ steps.platforms.outputs.matrix }}
4748
steps:
@@ -96,10 +97,10 @@ jobs:
9697
build:
9798
runs-on: ubuntu-24.04
9899
timeout-minutes: 20 # guardrails timeout for the whole job
100+
if: ${{ always() && !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled') && (github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only')) }}
99101
needs:
100102
- validate-dco
101103
- prepare
102-
if: always() && !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled')
103104
strategy:
104105
fail-fast: false
105106
matrix:
@@ -172,9 +173,9 @@ jobs:
172173
merge:
173174
runs-on: ubuntu-24.04
174175
timeout-minutes: 40 # guardrails timeout for the whole job
176+
if: ${{ always() && !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled') && github.event_name != 'pull_request' && github.repository == 'moby/moby' }}
175177
needs:
176178
- build
177-
if: always() && !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled') && github.event_name != 'pull_request' && github.repository == 'moby/moby'
178179
steps:
179180
-
180181
name: Download meta bake definition

.github/workflows/buildkit.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,7 @@ jobs:
3535
build-linux:
3636
runs-on: ubuntu-24.04
3737
timeout-minutes: 120 # guardrails timeout for the whole job
38+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
3839
needs:
3940
- validate-dco
4041
steps:
@@ -62,6 +63,7 @@ jobs:
6263
test-linux:
6364
runs-on: ubuntu-24.04
6465
timeout-minutes: 120 # guardrails timeout for the whole job
66+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
6567
needs:
6668
- build-linux
6769
env:
@@ -166,6 +168,7 @@ jobs:
166168
build-windows:
167169
runs-on: windows-2022
168170
timeout-minutes: 120
171+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
169172
needs:
170173
- validate-dco
171174
env:
@@ -265,6 +268,7 @@ jobs:
265268
test-windows:
266269
runs-on: windows-2022
267270
timeout-minutes: 120 # guardrails timeout for the whole job
271+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
268272
needs:
269273
- build-windows
270274
env:

.github/workflows/ci.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -67,6 +67,7 @@ jobs:
6767
prepare-cross:
6868
runs-on: ubuntu-24.04
6969
timeout-minutes: 20 # guardrails timeout for the whole job
70+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
7071
needs:
7172
- validate-dco
7273
outputs:
@@ -89,6 +90,7 @@ jobs:
8990
cross:
9091
runs-on: ubuntu-24.04
9192
timeout-minutes: 20 # guardrails timeout for the whole job
93+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
9294
needs:
9395
- validate-dco
9496
- prepare-cross
@@ -128,6 +130,7 @@ jobs:
128130
govulncheck:
129131
runs-on: ubuntu-24.04
130132
timeout-minutes: 120 # guardrails timeout for the whole job
133+
# Always run security checks, even with 'ci/validate-only' label
131134
permissions:
132135
# required to write sarif report
133136
security-events: write
@@ -157,6 +160,7 @@ jobs:
157160

158161
build-dind:
159162
runs-on: ubuntu-24.04
163+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
160164
needs:
161165
- validate-dco
162166
steps:

.github/workflows/test.yml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,7 @@ jobs:
6969
*.output=type=cacheonly
7070
7171
test:
72+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
7273
needs:
7374
- build-dev
7475
- validate-dco
@@ -84,6 +85,7 @@ jobs:
8485
storage: ${{ matrix.storage }}
8586

8687
test-unit:
88+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
8789
needs:
8890
- build-dev
8991
- validate-dco
@@ -153,6 +155,7 @@ jobs:
153155
smoke-prepare:
154156
runs-on: ubuntu-24.04
155157
timeout-minutes: 10 # guardrails timeout for the whole job
158+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
156159
needs:
157160
- validate-dco
158161
outputs:
@@ -175,6 +178,7 @@ jobs:
175178
smoke:
176179
runs-on: ubuntu-24.04
177180
timeout-minutes: 20 # guardrails timeout for the whole job
181+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
178182
needs:
179183
- smoke-prepare
180184
strategy:

.github/workflows/windows-2022.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ jobs:
2323
uses: ./.github/workflows/.dco.yml
2424

2525
run:
26+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
2627
uses: ./.github/workflows/.windows.yml
2728
secrets: inherit
2829
strategy:

.github/workflows/windows-2025.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ jobs:
2727
uses: ./.github/workflows/.dco.yml
2828

2929
run:
30+
if: ${{ github.event_name != 'pull_request' || !contains(github.event.pull_request.labels.*.name, 'ci/validate-only') }}
3031
uses: ./.github/workflows/.windows.yml
3132
secrets: inherit
3233
strategy:

0 commit comments

Comments
 (0)