CI/GHA: cancel outdated CI runs on new PR changes

Avoid letting outdated CI runs continue if a PR receives new changes. Outside a PR we let them continue running by tying the concurrency to the commit hash instead. Also only let one CodeQL or Hacktoberfest job run at a time. Other CI platforms we use have this build in, but GitHub unfortunately neither by default nor with a simple option. This saves CI resources and therefore a little energy. Approved-by: Daniel Stenberg Approved-by: Max Dymond Closes #9533
2025-09-17 01:22:41 +03:00 · 2022-09-17 23:45:32 +02:00 · 2022-09-17 23:45:32 +02:00 · 4e6893307b
commit 4e6893307b
parent fda897f5a1
14 changed files with 62 additions and 23 deletions
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -5,8 +5,6 @@
 name: CodeQL
 on:
  # Trigger the workflow on push or pull requests, but only for the
  # master branch
  push:
    branches:
    - master
@ -17,6 +15,9 @@ on:
  schedule:
    - cron: '0 0 * * 4'
 concurrency:
  group: ${{ github.workflow }}
 permissions:
  security-events: write
--- a/.github/workflows/fuzz.yml
+++ b/.github/workflows/fuzz.yml
@ -5,8 +5,6 @@
 name: Fuzzer
 on:
  # Trigger the workflow on push or pull requests, but only for the
  # master branch
  push:
    branches:
    - master
@ -15,6 +13,10 @@ on:
    branches:
    - master
 concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
  cancel-in-progress: true
 jobs:
  fuzzing:
    runs-on: ubuntu-latest
--- a/.github/workflows/hacktoberfest-accepted.yml
+++ b/.github/workflows/hacktoberfest-accepted.yml
@ -5,11 +5,15 @@
 name: Hacktoberfest
 on:
-  # run for all pushes to master branch
+  # this must not ever run on any other branch than master
  push:
    branches:
    - master
 concurrency:
  # this should not run in parallel, so just run one at a time
  group: ${{ github.workflow }}
 permissions:
  # requires issues AND pull-requests write permissions to edit labels on PRs!
  issues: write
--- a/.github/workflows/linkcheck.yml
+++ b/.github/workflows/linkcheck.yml
@ -19,6 +19,10 @@ on:
    - '.github/workflows/linkcheck.yml'
    - '**.md'
 concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
  cancel-in-progress: true
 jobs:
  # Docs: https://github.com/marketplace/actions/markdown-link-check
  check:
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@ -5,8 +5,6 @@
 name: Linux
 on:
  # Trigger the workflow on push or pull requests, but only for the
  # master branch
  push:
    branches:
    - master
@ -15,6 +13,10 @@ on:
    branches:
    - master
 concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
  cancel-in-progress: true
 jobs:
  autotools:
    name: ${{ matrix.build.name }}
--- a/.github/workflows/macos.yml
+++ b/.github/workflows/macos.yml
@ -5,8 +5,6 @@
 name: macOS
 on:
  # Trigger the workflow on push or pull requests, but only for the
  # master branch
  push:
    branches:
    - master
@ -15,6 +13,10 @@ on:
    branches:
    - master
 concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
  cancel-in-progress: true
 jobs:
  autotools:
    name: ${{ matrix.build.name }}
--- a/.github/workflows/msh3.yml
+++ b/.github/workflows/msh3.yml
@ -5,8 +5,6 @@
 name: Linux
 on:
  # Trigger the workflow on push or pull requests, but only for the
  # master branch
  push:
    branches:
    - master
@ -15,6 +13,11 @@ on:
    branches:
    - master
 concurrency:
  # Hardcoded workflow filename as workflow name above is just Linux again
  group: msh3-${{ github.event.pull_request.number || github.sha }}
  cancel-in-progress: true
 jobs:
  autotools:
    name: ${{ matrix.build.name }}
--- a/.github/workflows/ngtcp2-gnutls.yml
+++ b/.github/workflows/ngtcp2-gnutls.yml
@ -5,8 +5,6 @@
 name: ngtcp2
 on:
  # Trigger the workflow on push or pull requests, but only for the
  # master branch
  push:
    branches:
    - master
@ -15,6 +13,11 @@ on:
    branches:
    - master
 concurrency:
  # Hardcoded workflow filename as workflow name above is just Linux again
  group: ngtcp2-gnutls-${{ github.event.pull_request.number || github.sha }}
  cancel-in-progress: true
 jobs:
  autotools:
    name: ${{ matrix.build.name }}
--- a/.github/workflows/ngtcp2-wolfssl.yml
+++ b/.github/workflows/ngtcp2-wolfssl.yml
@ -5,8 +5,6 @@
 name: ngtcp2
 on:
  # Trigger the workflow on push or pull requests, but only for the
  # master branch
  push:
    branches:
    - master
@ -15,6 +13,11 @@ on:
    branches:
    - master
 concurrency:
  # Hardcoded workflow filename as workflow name above is just Linux again
  group: ngtcp2-wolfssl-${{ github.event.pull_request.number || github.sha }}
  cancel-in-progress: true
 jobs:
  autotools:
    name: ${{ matrix.build.name }}
--- a/.github/workflows/openssl3.yml
+++ b/.github/workflows/openssl3.yml
@ -5,8 +5,6 @@
 name: Linux
 on:
  # Trigger the workflow on push or pull requests, but only for the
  # master branch
  push:
    branches:
    - master
@ -15,6 +13,11 @@ on:
    branches:
    - master
 concurrency:
  # Hardcoded workflow filename as workflow name above is just Linux again
  group: openssl3-${{ github.event.pull_request.number || github.sha }}
  cancel-in-progress: true
 jobs:
  autotools:
    name: ${{ matrix.build.name }}
--- a/.github/workflows/proselint.yml
+++ b/.github/workflows/proselint.yml
@ -19,6 +19,10 @@ on:
    - '.github/workflows/proselint.yml'
    - '**.md'
 concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
  cancel-in-progress: true
 jobs:
  check:
    runs-on: ubuntu-latest
--- a/.github/workflows/reuse.yml
+++ b/.github/workflows/reuse.yml
@ -6,8 +6,6 @@
 name: REUSE compliance
 on:
  # Trigger the workflow on push or pull requests, but only for the
  # master branch
  push:
    branches:
    - master
@ -16,6 +14,10 @@ on:
    branches:
    - master
 concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
  cancel-in-progress: true
 jobs:
  check:
    runs-on: ubuntu-latest
--- a/.github/workflows/torture.yml
+++ b/.github/workflows/torture.yml
@ -5,8 +5,6 @@
 name: Linux
 on:
  # Trigger the workflow on push or pull requests, but only for the
  # master branch
  push:
    branches:
    - master
@ -15,6 +13,11 @@ on:
    branches:
    - master
 concurrency:
  # Hardcoded workflow filename as workflow name above is just Linux again
  group: torture-${{ github.event.pull_request.number || github.sha }}
  cancel-in-progress: true
 jobs:
  autotools:
    name: ${{ matrix.build.name }}
--- a/.github/workflows/wolfssl.yml
+++ b/.github/workflows/wolfssl.yml
@ -5,8 +5,6 @@
 name: Linux
 on:
  # Trigger the workflow on push or pull requests, but only for the
  # master branch
  push:
    branches:
    - master
@ -15,6 +13,11 @@ on:
    branches:
    - master
 concurrency:
  # Hardcoded workflow filename as workflow name above is just Linux again
  group: wolfssl-${{ github.event.pull_request.number || github.sha }}
  cancel-in-progress: true
 jobs:
  autotools:
    name: ${{ matrix.build.name }}