- debug-fuzzer-**
pull_request:
+#
+# Cancel any in-flight or queued run of this workflow on the same
+# ref when a new commit lands. Replaces fkirc/skip-duplicate-actions
+# for the "don't waste CI on a stale push" use case.
+#
+concurrency:
+ group: ${{ github.workflow }}-${{ github.ref }}
+ cancel-in-progress: true
+
env:
ASAN_OPTIONS: symbolize=1 detect_leaks=0 detect_stack_use_after_return=1
LSAN_OPTIONS: fast_unwind_on_malloc=0:malloc_context_size=50
GH_ACTIONS: 1
jobs:
- pre-ci:
- runs-on: ubuntu-latest
- # Map a step output to a job output
- outputs:
- should_skip: ${{ steps.skip_check.outputs.should_skip }}
- steps:
- - id: skip_check
- uses: fkirc/skip-duplicate-actions@v5.3.1
-
ci:
timeout-minutes: 90
- needs: pre-ci
- if: ${{ needs.pre-ci.outputs.should_skip != 'true' }}
runs-on: ${{ matrix.env.OS }}
- debug-fuzzer-**
pull_request:
+#
+# Cancel any in-flight or queued run of this workflow on the same
+# ref when a new commit lands. Replaces fkirc/skip-duplicate-actions
+# for the "don't waste CI on a stale push" use case.
+#
+concurrency:
+ group: ${{ github.workflow }}-${{ github.ref }}
+ cancel-in-progress: true
+
env:
ASAN_OPTIONS: symbolize=1 detect_leaks=1 detect_stack_use_after_return=1
LSAN_OPTIONS: fast_unwind_on_malloc=0:malloc_context_size=50
jobs:
pre-ci:
runs-on: ubuntu-latest
- # Map a step output to a job output
+ # No skip-duplicate logic here any more - workflow-level
+ # concurrency: above handles that natively. This job exists only
+ # to expose the selfhosted/docker_prefix expressions as outputs
+ # so the matrix below stays readable.
outputs:
- should_skip: ${{ steps.skip_check.outputs.should_skip }}
selfhosted: ${{ github.repository_owner == 'FreeRADIUS' && '1' || '0' }}
docker_prefix: ${{ github.repository_owner == 'FreeRADIUS' && 'docker.internal.networkradius.com/' || '' }}
steps:
- - id: skip_check
- uses: fkirc/skip-duplicate-actions@v5.3.1
+ - run: 'true'
ci-sanitizers:
timeout-minutes: 150
needs: pre-ci
- if: ${{ needs.pre-ci.outputs.should_skip != 'true' }}
runs-on: ${{ matrix.os.runs_on }}
- debug-fuzzer-**
pull_request:
+#
+# Cancel any in-flight or queued run of this workflow on the same
+# ref when a new commit lands. Replaces fkirc/skip-duplicate-actions
+# for the "don't waste CI on a stale push" use case.
+#
+concurrency:
+ group: ${{ github.workflow }}-${{ github.ref }}
+ cancel-in-progress: true
+
env:
ASAN_OPTIONS: symbolize=1 detect_leaks=1 detect_stack_use_after_return=1
LSAN_OPTIONS: fast_unwind_on_malloc=0:malloc_context_size=50
jobs:
pre-ci:
runs-on: ubuntu-latest
- # Map a step output to a job output
+ # No skip-duplicate logic here any more - workflow-level
+ # concurrency: above handles that natively. This job exists only
+ # to expose the selfhosted/docker_prefix expressions as outputs
+ # so the matrix below stays readable.
outputs:
- should_skip: ${{ steps.skip_check.outputs.should_skip }}
selfhosted: ${{ github.repository_owner == 'FreeRADIUS' && '1' || '0' }}
docker_prefix: ${{ github.repository_owner == 'FreeRADIUS' && 'docker.internal.networkradius.com/' || '' }}
steps:
- - id: skip_check
- uses: fkirc/skip-duplicate-actions@v5.3.1
+ - run: 'true'
ci:
timeout-minutes: 150
needs: pre-ci
- if: ${{ needs.pre-ci.outputs.should_skip != 'true' }}
runs-on: ${{ matrix.os.runs_on }}
dind:
image: docker:dind
#
- # Authenticate the host docker daemon's pull of the dind
- # service container so we don't hit Docker Hub's anonymous
- # rate limit. Goes away once we switch to the internal
- # self-hosted-docker-dind image.
+ # No credentials: block here - this variant runs on fork CI
+ # where the org-level DOCKERHUB_READ_* vars/secrets aren't
+ # available, and a credentials: block with empty values fails
+ # workflow template validation. The host docker daemon does
+ # an anonymous pull of docker:dind here; GH-hosted runners
+ # have many egress IPs so the per-IP Hub limit is rarely an
+ # issue for fork builds.
#
- credentials:
- username: ${{ vars.DOCKERHUB_READ_USER }}
- password: ${{ secrets.DOCKERHUB_READ_KEY }}
options: --privileged
env:
DOCKER_TLS_CERTDIR: ""
dind:
image: docker:dind
#
- # Authenticate the host docker daemon's pull of the dind
- # service container so we don't hit Docker Hub's anonymous
- # rate limit. Goes away once we switch to the internal
- # self-hosted-docker-dind image.
+ # No credentials: block here - this variant runs on fork CI
+ # where the org-level DOCKERHUB_READ_* vars/secrets aren't
+ # available, and a credentials: block with empty values fails
+ # workflow template validation. The host docker daemon does
+ # an anonymous pull of docker:dind here; GH-hosted runners
+ # have many egress IPs so the per-IP Hub limit is rarely an
+ # issue for fork builds.
#
- credentials:
- username: ${{ vars.DOCKERHUB_READ_USER }}
- password: ${{ secrets.DOCKERHUB_READ_KEY }}
options: --privileged
env:
DOCKER_TLS_CERTDIR: ""
projects / thirdparty / freeradius-server.git / commitdiff
