diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a42a8c5..75f81c1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,6 +9,12 @@ on: permissions: contents: read +# Cancel orphaned PR runs when a new commit is pushed; push to main uses SHA so +# main runs never queue or cancel each other. +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: ${{ github.event_name == 'pull_request' }} + env: AXONFLOW_TELEMETRY: 'off' @@ -17,8 +23,12 @@ jobs: runs-on: ubuntu-latest strategy: + # PR runs only Java 17 (current release toolchain). Push to main and + # workflow_dispatch run the full [11, 17, 21] matrix to validate + # version-specific drift before the next tag. Cuts PR-time wallclock + # ~2/3 (5.2m → ~2m on the heaviest workflow in the SDK fleet). matrix: - java-version: [11, 17, 21] + java-version: ${{ fromJson(github.event_name == 'pull_request' && '[17]' || '[11, 17, 21]') }} steps: - name: Checkout code @@ -84,6 +94,26 @@ jobs: if: matrix.java-version == 17 run: mvn jacoco:check -B + # Aggregator that always reports a single check name regardless of the + # matrix shape (PR-time matrix is `[17]`; push/dispatch is `[11, 17, 21]`). + # Branch protection requires `Build Summary`, not the per-version names, + # so matrix changes don't strand required checks. + build-summary: + name: Build Summary + needs: [build] + if: always() + runs-on: ubuntu-latest + steps: + - name: Aggregate build matrix result + run: | + result="${{ needs.build.result }}" + echo "build matrix result: $result" + if [ "$result" != "success" ] && [ "$result" != "skipped" ]; then + echo "::error::build matrix did not all pass (result: $result)" + exit 1 + fi + echo "Build matrix OK" + lint: runs-on: ubuntu-latest diff --git a/.github/workflows/definition-of-done.yml b/.github/workflows/definition-of-done.yml index dd8e433..a10e0c6 100644 --- a/.github/workflows/definition-of-done.yml +++ b/.github/workflows/definition-of-done.yml @@ -6,12 +6,19 @@ name: Definition of Done on: pull_request: - types: [opened, synchronize, reopened, edited] + # Trim out non-diff-changing event types: dropped `edited` (title/body + # edit re-runs the gate without any code change). `reopened` retained for + # PRs that were closed and reopened with new commits. + types: [opened, synchronize, reopened] permissions: contents: read pull-requests: read +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: ${{ github.event_name == 'pull_request' }} + jobs: lint-no-mocks-in-runtime-e2e: name: Lint — no mocks in runtime-e2e/ diff --git a/.github/workflows/heartbeat-real-stack.yml b/.github/workflows/heartbeat-real-stack.yml index 9f47509..4209557 100644 --- a/.github/workflows/heartbeat-real-stack.yml +++ b/.github/workflows/heartbeat-real-stack.yml @@ -12,6 +12,10 @@ on: pull_request: branches: [main] +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: ${{ github.event_name == 'pull_request' }} + env: AXONFLOW_TELEMETRY: 'off' diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index 70584f2..5858afe 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -15,10 +15,11 @@ permissions: contents: read # Avoid spawning parallel docker-compose stacks for back-to-back pushes; -# also cancels stale PR runs when a new commit lands. +# also cancels stale PR runs when a new commit lands. Push to main keys on SHA +# so main runs never queue or cancel each other. concurrency: - group: integration-${{ github.ref }} - cancel-in-progress: true + group: integration-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: ${{ github.event_name == 'pull_request' }} env: AXONFLOW_TELEMETRY: 'off' @@ -33,8 +34,10 @@ jobs: timeout-minutes: 15 strategy: fail-fast: false + # PR runs only Java 17 (release toolchain). Push, dispatch, and weekly + # cron run the full [11, 17, 21] matrix to catch version drift. matrix: - java-version: [11, 17, 21] + java-version: ${{ fromJson(github.event_name == 'pull_request' && '[17]' || '[11, 17, 21]') }} steps: - name: Checkout SDK uses: actions/checkout@v4 diff --git a/.github/workflows/validate-version-alignment.yml b/.github/workflows/validate-version-alignment.yml index 48cbc2d..ef2dba3 100644 --- a/.github/workflows/validate-version-alignment.yml +++ b/.github/workflows/validate-version-alignment.yml @@ -28,6 +28,10 @@ on: permissions: contents: read +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: ${{ github.event_name == 'pull_request' }} + env: AXONFLOW_TELEMETRY: 'off' diff --git a/.github/workflows/wire-shape-contract.yml b/.github/workflows/wire-shape-contract.yml index 9e3e546..a2f2e06 100644 --- a/.github/workflows/wire-shape-contract.yml +++ b/.github/workflows/wire-shape-contract.yml @@ -33,6 +33,10 @@ on: permissions: contents: read +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: ${{ github.event_name == 'pull_request' }} + jobs: wire-shape: name: Validate Wire Shape