From 767e245824f4d7e6feee8d577935e0bb04f1523a Mon Sep 17 00:00:00 2001 From: Uk-jake Date: Thu, 11 Jun 2026 16:00:10 +0000 Subject: [PATCH 1/3] ci: remove main trigger at e2e.yml --- .github/workflows/e2e.yml | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index a6e939f4b..56977ac77 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -3,9 +3,9 @@ name: End-to-end testing on: pull_request: types: [opened, synchronize, reopened, ready_for_review] - push: - branches: - - main + # NOTE: push(main) trigger removed. + # This workflow is a CI gate for PRs only. + concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true @@ -18,12 +18,9 @@ jobs: permissions: contents: read pull-requests: write - # If the workflow was triggered by anything other than a pull_request event - # (e.g., push, workflow_dispatch, schedule, pull_request_target), - # github.event_name != 'pull_request' is true. - # github.event.pull_request is only populated on pull_request events. - # It is true when the PR is not a draft (i.e., “Ready for review”). - if: github.event_name != 'pull_request' || github.event.pull_request.draft == false + # This workflow is triggered by pull_request events only. + # Skip draft PRs; run only when the PR is "Ready for review". + if: github.event.pull_request.draft == false runs-on: ubuntu-latest env: REPORT_LOCAL_DIR: test-reports From c4da524a2c4e78dde8c4d1ee8c4df37231ad2b46 Mon Sep 17 00:00:00 2001 From: Uk-jake Date: Thu, 11 Jun 2026 18:24:16 +0000 Subject: [PATCH 2/3] ci: remove test stage at release.yml --- .github/workflows/release.yml | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 62130cb50..ceff9a052 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,14 +1,25 @@ -name: Test and release on Docker Hub +name: Release on Docker Hub on: workflow_dispatch: schedule: - - cron: "0 8 * * 1" # Run at 08:00, every Monday + branches: [main] + +# Serialize releases on the same ref. +# Do NOT cancel in-progress runs: a cancelled run could abort a push and leave Docker Hub in a partial state. +concurrency: + group: release-${{ github.ref }} + cancel-in-progress: false permissions: {} +name: Test and release on Docker Hub + jobs: - docker: + # Release job: build the 'release' image and publish to Docker Hub. + release: + permissions: + contents: read runs-on: ubuntu-22.04 environment: dockerhub steps: @@ -21,14 +32,6 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 - # Build 'test' stage (default) to run tests - - name: Test - uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0 - with: - platforms: linux/amd64 - cache-from: type=gha - file: Docker/Dockerfile.e2e - # Configure Docker release tags: # - securesystemslab/lind-wasm:sha- # - securesystemslab/lind-wasm:latest @@ -43,7 +46,7 @@ jobs: flavor: | latest=true - # Build 'release' stage and push to Dockerhub + # Build 'release' stage and push to Docker Hub. - name: Release and push uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0 with: @@ -51,5 +54,6 @@ jobs: push: true platforms: linux/amd64 cache-from: type=gha + cache-to: type=gha,mode=max file: Docker/Dockerfile.e2e - tags: ${{ steps.meta.outputs.tags }} + tags: ${{ steps.meta.outputs.tags }} \ No newline at end of file From 9748c2a83c5b19cbe4dc97447431702abbdb0ccd Mon Sep 17 00:00:00 2001 From: Uk-jake Date: Thu, 11 Jun 2026 19:50:59 +0000 Subject: [PATCH 3/3] fix syntax error --- .github/workflows/release.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ceff9a052..cfec62339 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -2,7 +2,7 @@ name: Release on Docker Hub on: workflow_dispatch: - schedule: + push: branches: [main] # Serialize releases on the same ref. @@ -13,8 +13,6 @@ concurrency: permissions: {} -name: Test and release on Docker Hub - jobs: # Release job: build the 'release' image and publish to Docker Hub. release: