From dfa7b1f2307bd20a1ab6bf5be16af57278b7e678 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 5 Feb 2025 08:33:25 -0600 Subject: [PATCH 1/2] PYTHON-5047 Clean up workflow triggers --- .github/workflows/codeql-actions.yml | 2 ++ .github/workflows/codeql-python.yml | 6 ++++-- .github/workflows/dist-python.yml | 5 +---- .github/workflows/release-python.yml | 2 +- .github/workflows/zizmor.yml | 1 + 5 files changed, 9 insertions(+), 7 deletions(-) diff --git a/.github/workflows/codeql-actions.yml b/.github/workflows/codeql-actions.yml index 2d3bf95bc..fecb95d02 100644 --- a/.github/workflows/codeql-actions.yml +++ b/.github/workflows/codeql-actions.yml @@ -7,12 +7,14 @@ on: pull_request: paths: - .github/workflows/*.yml + workflow_dispatch: schedule: - cron: '17 10 * * 2' jobs: analyze-python: name: Analyze GitHub Actions + if: github.repository_owner == 'mongodb' || github.event_name == 'workflow_dispatch' runs-on: "ubuntu-latest" timeout-minutes: 360 permissions: diff --git a/.github/workflows/codeql-python.yml b/.github/workflows/codeql-python.yml index a5bc8d2c9..a72603add 100644 --- a/.github/workflows/codeql-python.yml +++ b/.github/workflows/codeql-python.yml @@ -11,15 +11,17 @@ on: - .github/workflows/*python.yml schedule: - cron: '17 10 * * 2' + workflow_dispatch: workflow_call: inputs: - ref: + force: required: true - type: string + type: boolean jobs: analyze-python: name: Analyze Python + if: github.repository_owner == 'mongodb' || (github.event_name == 'workflow_dispatch' || github.event_name == 'workflow_call') runs-on: "macos-latest" timeout-minutes: 360 permissions: diff --git a/.github/workflows/dist-python.yml b/.github/workflows/dist-python.yml index 32b795b62..dd278d4ea 100644 --- a/.github/workflows/dist-python.yml +++ b/.github/workflows/dist-python.yml @@ -15,9 +15,6 @@ on: workflow_dispatch: workflow_call: inputs: - force: - required: true - type: boolean ref: required: true type: string @@ -33,7 +30,7 @@ defaults: jobs: build_dist: - if: github.repository_owner == 'mongodb' || inputs.force == true + if: github.repository_owner == 'mongodb' || (github.event_name == 'workflow_dispatch' || github.event_name == 'workflow_call') runs-on: ${{ matrix.os }} strategy: matrix: diff --git a/.github/workflows/release-python.yml b/.github/workflows/release-python.yml index 047577b9a..b0c2d30fa 100644 --- a/.github/workflows/release-python.yml +++ b/.github/workflows/release-python.yml @@ -35,6 +35,7 @@ defaults: jobs: pre-publish: environment: release-python + if: github.repository_owner == 'mongodb' || github.event_name == 'workflow_dispatch' runs-on: ubuntu-latest permissions: id-token: write @@ -65,7 +66,6 @@ jobs: needs: [pre-publish] uses: ./.github/workflows/dist-python.yml with: - force: true ref: ${{ needs.pre-publish.outputs.version }} static-scan: diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index 92bd4fb45..36c084aa0 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -9,6 +9,7 @@ on: jobs: zizmor: name: zizmor latest via Cargo + if: github.repository_owner == 'mongodb' runs-on: ubuntu-latest permissions: security-events: write From c4d9545a3dc9b2051925338c01d1c7afb0023409 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 5 Feb 2025 08:34:32 -0600 Subject: [PATCH 2/2] fix ref --- .github/workflows/codeql-python.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql-python.yml b/.github/workflows/codeql-python.yml index a72603add..b8964e2a0 100644 --- a/.github/workflows/codeql-python.yml +++ b/.github/workflows/codeql-python.yml @@ -14,9 +14,9 @@ on: workflow_dispatch: workflow_call: inputs: - force: + ref: required: true - type: boolean + type: string jobs: analyze-python: