ci: use path whitelists instead of blacklists

That is, replace `paths-ignore` with `paths`. This should reduce the number of unnecessary workflow executions and the frequency at which paths are changed. It also reduces the overall number of paths used. Also, add the missing ci/printenv.sh to the path whitelists.
author: Kelvin M. Klann <kmk3.code@protonmail.com> 2023-08-14 19:51:27 -0300
committer: Kelvin M. Klann <kmk3.code@protonmail.com> 2023-08-20 06:20:40 -0300
commit: b589045b0fde572b892b8fe9333e2148f6b28452 (patch)
tree: fbb575d093d2eefe5ae8e9b865e462ea76b81576 /.github
parent: Merge pull request #5956 from kmk3/build-fix-dep-syntax (diff)
download: firejail-b589045b0fde572b892b8fe9333e2148f6b28452.tar.gz
firejail-b589045b0fde572b892b8fe9333e2148f6b28452.tar.zst
firejail-b589045b0fde572b892b8fe9333e2148f6b28452.zip
4 files changed, 89 insertions, 116 deletions
diff --git a/.github/workflows/build-extra.yml b/.github/workflows/build-extra.yml
index 3fc71a299..f35a7d3d3 100644
--- a/.github/workflows/build-extra.yml
+++ b/.github/workflows/build-extra.yml
@@ -2,51 +2,33 @@ name: Build-extra CI
 on:
  push:
-    paths-ignore:
+    paths:
-      - '.github/ISSUE_TEMPLATE/*'
+      - 'm4/**'
-      - 'contrib/syntax/**'
+      - 'src/**.c'
-      - 'contrib/vim/**'
+      - 'src/**.h'
-      - 'etc/**'
+      - 'src/**.mk'
-      - 'src/man/*.in'
+      - 'src/**Makefile'
-      - .git-blame-ignore-revs
+      - .github/workflows/build-extra.yml
-      - .github/dependabot.yml
+      - Makefile
-      - .github/pull_request_template.md
+      - ci/printenv.sh
-      - .github/workflows/build.yml
+      - config.mk.in
-      - .github/workflows/codeql-analysis.yml
+      - config.sh.in
-      - .github/workflows/codespell.yml
+      - configure
-      - .github/workflows/profile-checks.yml
+      - configure.ac
-      - .gitignore
-      - .gitlab-ci.yml
-      - CONTRIBUTING.md
-      - COPYING
-      - README
-      - README.md
-      - RELNOTES
-      - SECURITY.md
-      - src/firecfg/firecfg.config
  pull_request:
-    paths-ignore:
+    paths:
-      - '.github/ISSUE_TEMPLATE/*'
+      - 'm4/**'
-      - 'contrib/syntax/**'
+      - 'src/**.c'
-      - 'contrib/vim/**'
+      - 'src/**.h'
-      - 'etc/**'
+      - 'src/**.mk'
-      - 'src/man/*.in'
+      - 'src/**Makefile'
-      - .git-blame-ignore-revs
+      - .github/workflows/build-extra.yml
-      - .github/dependabot.yml
+      - Makefile
-      - .github/pull_request_template.md
+      - ci/printenv.sh
-      - .github/workflows/build.yml
+      - config.mk.in
-      - .github/workflows/codeql-analysis.yml
+      - config.sh.in
-      - .github/workflows/codespell.yml
+      - configure
-      - .github/workflows/profile-checks.yml
+      - configure.ac
-      - .gitignore
-      - .gitlab-ci.yml
-      - CONTRIBUTING.md
-      - COPYING
-      - README
-      - README.md
-      - RELNOTES
-      - SECURITY.md
-      - src/firecfg/firecfg.config
 permissions:  # added using https://github.com/step-security/secure-workflows
  contents: read
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 489ed4335..12df38762 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -1,42 +1,49 @@
 name: Build CI
+# Note: Keep this list in sync with DISTFILES in ../../Makefile.
 on:
  push:
-    paths-ignore:
+    paths:
-      - '.github/ISSUE_TEMPLATE/*'
+      - 'contrib/**'
-      - .git-blame-ignore-revs
+      - 'etc/**'
-      - .github/dependabot.yml
+      - 'm4/**'
-      - .github/pull_request_template.md
+      - 'platform/**'
-      - .github/workflows/build-extra.yml
+      - 'src/**'
-      - .github/workflows/codeql-analysis.yml
+      - 'test/**'
-      - .github/workflows/codespell.yml
+      - .github/workflows/build.yml
-      - .github/workflows/profile-checks.yml
-      - .gitignore
-      - .gitlab-ci.yml
-      - CONTRIBUTING.md
      - COPYING
+      - Makefile
      - README
-      - README.md
      - RELNOTES
-      - SECURITY.md
+      - ci/printenv.sh
+      - config.mk.in
+      - config.sh.in
+      - configure
+      - configure.ac
+      - install.sh
+      - mkdeb.sh
+      - mketc.sh
  pull_request:
-    paths-ignore:
+    paths:
-      - '.github/ISSUE_TEMPLATE/*'
+      - 'contrib/**'
-      - .git-blame-ignore-revs
+      - 'etc/**'
-      - .github/dependabot.yml
+      - 'm4/**'
-      - .github/pull_request_template.md
+      - 'platform/**'
-      - .github/workflows/build-extra.yml
+      - 'src/**'
-      - .github/workflows/codeql-analysis.yml
+      - 'test/**'
-      - .github/workflows/codespell.yml
+      - .github/workflows/build.yml
-      - .github/workflows/profile-checks.yml
-      - .gitignore
-      - .gitlab-ci.yml
-      - CONTRIBUTING.md
      - COPYING
+      - Makefile
      - README
-      - README.md
      - RELNOTES
-      - SECURITY.md
+      - ci/printenv.sh
+      - config.mk.in
+      - config.sh.in
+      - configure
+      - configure.ac
+      - install.sh
+      - mkdeb.sh
+      - mketc.sh
 permissions:  # added using https://github.com/step-security/secure-workflows
  contents: read
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 344090cfd..a4c4a1146 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -7,51 +7,33 @@ name: "CodeQL"
 on:
  push:
-    paths-ignore:
+    paths:
-      - '.github/ISSUE_TEMPLATE/*'
+      - 'm4/**'
-      - 'contrib/syntax/**'
+      - 'src/**.c'
-      - 'contrib/vim/**'
+      - 'src/**.h'
-      - 'etc/**'
+      - 'src/**.mk'
-      - 'src/man/*.txt'
+      - 'src/**Makefile'
-      - .git-blame-ignore-revs
+      - .github/workflows/codeql-analysis.yml
-      - .github/dependabot.yml
+      - Makefile
-      - .github/pull_request_template.md
+      - ci/printenv.sh
-      - .github/workflows/build-extra.yml
+      - config.mk.in
-      - .github/workflows/build.yml
+      - config.sh.in
-      - .github/workflows/codespell.yml
+      - configure
-      - .github/workflows/profile-checks.yml
+      - configure.ac
-      - .gitignore
-      - .gitlab-ci.yml
-      - CONTRIBUTING.md
-      - COPYING
-      - README
-      - README.md
-      - RELNOTES
-      - SECURITY.md
-      - src/firecfg/firecfg.config
  pull_request:
-    paths-ignore:
+    paths:
-      - '.github/ISSUE_TEMPLATE/*'
+      - 'm4/**'
-      - 'contrib/syntax/**'
+      - 'src/**.c'
-      - 'contrib/vim/**'
+      - 'src/**.h'
-      - 'etc/**'
+      - 'src/**.mk'
-      - 'src/man/*.txt'
+      - 'src/**Makefile'
-      - .git-blame-ignore-revs
+      - .github/workflows/codeql-analysis.yml
-      - .github/dependabot.yml
+      - Makefile
-      - .github/pull_request_template.md
+      - ci/printenv.sh
-      - .github/workflows/build-extra.yml
+      - config.mk.in
-      - .github/workflows/build.yml
+      - config.sh.in
-      - .github/workflows/codespell.yml
+      - configure
-      - .github/workflows/profile-checks.yml
+      - configure.ac
-      - .gitignore
-      - .gitlab-ci.yml
-      - CONTRIBUTING.md
-      - COPYING
-      - README
-      - README.md
-      - RELNOTES
-      - SECURITY.md
-      - src/firecfg/firecfg.config
  schedule:
    - cron: '0 7 * * 2'
diff --git a/.github/workflows/profile-checks.yml b/.github/workflows/profile-checks.yml
index c44012768..4768c91a1 100644
--- a/.github/workflows/profile-checks.yml
+++ b/.github/workflows/profile-checks.yml
@@ -6,6 +6,7 @@ on:
      - 'ci/check/profiles/**'
      - 'etc/**'
      - .github/workflows/profile-checks.yml
+      - ci/printenv.sh
      - contrib/sort.py
      - src/firecfg/firecfg.config
  pull_request:
@@ -13,6 +14,7 @@ on:
      - 'ci/check/profiles/**'
      - 'etc/**'
      - .github/workflows/profile-checks.yml
+      - ci/printenv.sh
      - contrib/sort.py
      - src/firecfg/firecfg.config
author	Kelvin M. Klann <kmk3.code@protonmail.com>	2023-08-14 19:51:27 -0300
committer	Kelvin M. Klann <kmk3.code@protonmail.com>	2023-08-20 06:20:40 -0300
commit	b589045b0fde572b892b8fe9333e2148f6b28452 (patch)
tree	fbb575d093d2eefe5ae8e9b865e462ea76b81576 /.github
parent	Merge pull request #5956 from kmk3/build-fix-dep-syntax (diff)
download	firejail-b589045b0fde572b892b8fe9333e2148f6b28452.tar.gz firejail-b589045b0fde572b892b8fe9333e2148f6b28452.tar.zst firejail-b589045b0fde572b892b8fe9333e2148f6b28452.zip

diff --git a/.github/workflows/build-extra.yml b/.github/workflows/build-extra.yml index 3fc71a299..f35a7d3d3 100644 --- a/.github/workflows/build-extra.yml +++ b/.github/workflows/build-extra.yml
@@ -2,51 +2,33 @@ name: Build-extra CI
2		2
3	on:	3	on:
4	push:	4	push:
5	paths-ignore:	5	paths:
6	- '.github/ISSUE_TEMPLATE/*'	6	- 'm4/**'
7	- 'contrib/syntax/**'	7	- 'src/**.c'
8	- 'contrib/vim/**'	8	- 'src/**.h'
9	- 'etc/**'	9	- 'src/**.mk'
10	- 'src/man/*.in'	10	- 'src/**Makefile'
11	- .git-blame-ignore-revs	11	- .github/workflows/build-extra.yml
12	- .github/dependabot.yml	12	- Makefile
13	- .github/pull_request_template.md	13	- ci/printenv.sh
14	- .github/workflows/build.yml	14	- config.mk.in
15	- .github/workflows/codeql-analysis.yml	15	- config.sh.in
16	- .github/workflows/codespell.yml	16	- configure
17	- .github/workflows/profile-checks.yml	17	- configure.ac
18	- .gitignore
19	- .gitlab-ci.yml
20	- CONTRIBUTING.md
21	- COPYING
22	- README
23	- README.md
24	- RELNOTES
25	- SECURITY.md
26	- src/firecfg/firecfg.config
27	pull_request:	18	pull_request:
28	paths-ignore:	19	paths:
29	- '.github/ISSUE_TEMPLATE/*'	20	- 'm4/**'
30	- 'contrib/syntax/**'	21	- 'src/**.c'
31	- 'contrib/vim/**'	22	- 'src/**.h'
32	- 'etc/**'	23	- 'src/**.mk'
33	- 'src/man/*.in'	24	- 'src/**Makefile'
34	- .git-blame-ignore-revs	25	- .github/workflows/build-extra.yml
35	- .github/dependabot.yml	26	- Makefile
36	- .github/pull_request_template.md	27	- ci/printenv.sh
37	- .github/workflows/build.yml	28	- config.mk.in
38	- .github/workflows/codeql-analysis.yml	29	- config.sh.in
39	- .github/workflows/codespell.yml	30	- configure
40	- .github/workflows/profile-checks.yml	31	- configure.ac
41	- .gitignore
42	- .gitlab-ci.yml
43	- CONTRIBUTING.md
44	- COPYING
45	- README
46	- README.md
47	- RELNOTES
48	- SECURITY.md
49	- src/firecfg/firecfg.config
50		32
51	permissions: # added using https://github.com/step-security/secure-workflows	33	permissions: # added using https://github.com/step-security/secure-workflows
52	contents: read	34	contents: read


diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 489ed4335..12df38762 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml
@@ -1,42 +1,49 @@
1	name: Build CI	1	name: Build CI
2		2
		3	# Note: Keep this list in sync with DISTFILES in ../../Makefile.
3	on:	4	on:
4	push:	5	push:
5	paths-ignore:	6	paths:
6	- '.github/ISSUE_TEMPLATE/*'	7	- 'contrib/**'
7	- .git-blame-ignore-revs	8	- 'etc/**'
8	- .github/dependabot.yml	9	- 'm4/**'
9	- .github/pull_request_template.md	10	- 'platform/**'
10	- .github/workflows/build-extra.yml	11	- 'src/**'
11	- .github/workflows/codeql-analysis.yml	12	- 'test/**'
12	- .github/workflows/codespell.yml	13	- .github/workflows/build.yml
13	- .github/workflows/profile-checks.yml
14	- .gitignore
15	- .gitlab-ci.yml
16	- CONTRIBUTING.md
17	- COPYING	14	- COPYING
		15	- Makefile
18	- README	16	- README
19	- README.md
20	- RELNOTES	17	- RELNOTES
21	- SECURITY.md	18	- ci/printenv.sh
		19	- config.mk.in
		20	- config.sh.in
		21	- configure
		22	- configure.ac
		23	- install.sh
		24	- mkdeb.sh
		25	- mketc.sh
22	pull_request:	26	pull_request:
23	paths-ignore:	27	paths:
24	- '.github/ISSUE_TEMPLATE/*'	28	- 'contrib/**'
25	- .git-blame-ignore-revs	29	- 'etc/**'
26	- .github/dependabot.yml	30	- 'm4/**'
27	- .github/pull_request_template.md	31	- 'platform/**'
28	- .github/workflows/build-extra.yml	32	- 'src/**'
29	- .github/workflows/codeql-analysis.yml	33	- 'test/**'
30	- .github/workflows/codespell.yml	34	- .github/workflows/build.yml
31	- .github/workflows/profile-checks.yml
32	- .gitignore
33	- .gitlab-ci.yml
34	- CONTRIBUTING.md
35	- COPYING	35	- COPYING
		36	- Makefile
36	- README	37	- README
37	- README.md
38	- RELNOTES	38	- RELNOTES
39	- SECURITY.md	39	- ci/printenv.sh
		40	- config.mk.in
		41	- config.sh.in
		42	- configure
		43	- configure.ac
		44	- install.sh
		45	- mkdeb.sh
		46	- mketc.sh
40		47
41	permissions: # added using https://github.com/step-security/secure-workflows	48	permissions: # added using https://github.com/step-security/secure-workflows
42	contents: read	49	contents: read


diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 344090cfd..a4c4a1146 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml
@@ -7,51 +7,33 @@ name: "CodeQL"
7		7
8	on:	8	on:
9	push:	9	push:
10	paths-ignore:	10	paths:
11	- '.github/ISSUE_TEMPLATE/*'	11	- 'm4/**'
12	- 'contrib/syntax/**'	12	- 'src/**.c'
13	- 'contrib/vim/**'	13	- 'src/**.h'
14	- 'etc/**'	14	- 'src/**.mk'
15	- 'src/man/*.txt'	15	- 'src/**Makefile'
16	- .git-blame-ignore-revs	16	- .github/workflows/codeql-analysis.yml
17	- .github/dependabot.yml	17	- Makefile
18	- .github/pull_request_template.md	18	- ci/printenv.sh
19	- .github/workflows/build-extra.yml	19	- config.mk.in
20	- .github/workflows/build.yml	20	- config.sh.in
21	- .github/workflows/codespell.yml	21	- configure
22	- .github/workflows/profile-checks.yml	22	- configure.ac
23	- .gitignore
24	- .gitlab-ci.yml
25	- CONTRIBUTING.md
26	- COPYING
27	- README
28	- README.md
29	- RELNOTES
30	- SECURITY.md
31	- src/firecfg/firecfg.config
32	pull_request:	23	pull_request:
33	paths-ignore:	24	paths:
34	- '.github/ISSUE_TEMPLATE/*'	25	- 'm4/**'
35	- 'contrib/syntax/**'	26	- 'src/**.c'
36	- 'contrib/vim/**'	27	- 'src/**.h'
37	- 'etc/**'	28	- 'src/**.mk'
38	- 'src/man/*.txt'	29	- 'src/**Makefile'
39	- .git-blame-ignore-revs	30	- .github/workflows/codeql-analysis.yml
40	- .github/dependabot.yml	31	- Makefile
41	- .github/pull_request_template.md	32	- ci/printenv.sh
42	- .github/workflows/build-extra.yml	33	- config.mk.in
43	- .github/workflows/build.yml	34	- config.sh.in
44	- .github/workflows/codespell.yml	35	- configure
45	- .github/workflows/profile-checks.yml	36	- configure.ac
46	- .gitignore
47	- .gitlab-ci.yml
48	- CONTRIBUTING.md
49	- COPYING
50	- README
51	- README.md
52	- RELNOTES
53	- SECURITY.md
54	- src/firecfg/firecfg.config
55	schedule:	37	schedule:
56	- cron: '0 7 * * 2'	38	- cron: '0 7 * * 2'
57		39


diff --git a/.github/workflows/profile-checks.yml b/.github/workflows/profile-checks.yml index c44012768..4768c91a1 100644 --- a/.github/workflows/profile-checks.yml +++ b/.github/workflows/profile-checks.yml
@@ -6,6 +6,7 @@ on:
6	- 'ci/check/profiles/**'	6	- 'ci/check/profiles/**'
7	- 'etc/**'	7	- 'etc/**'
8	- .github/workflows/profile-checks.yml	8	- .github/workflows/profile-checks.yml
		9	- ci/printenv.sh
9	- contrib/sort.py	10	- contrib/sort.py
10	- src/firecfg/firecfg.config	11	- src/firecfg/firecfg.config
11	pull_request:	12	pull_request:
@@ -13,6 +14,7 @@ on:
13	- 'ci/check/profiles/**'	14	- 'ci/check/profiles/**'
14	- 'etc/**'	15	- 'etc/**'
15	- .github/workflows/profile-checks.yml	16	- .github/workflows/profile-checks.yml
		17	- ci/printenv.sh
16	- contrib/sort.py	18	- contrib/sort.py
17	- src/firecfg/firecfg.config	19	- src/firecfg/firecfg.config
18		20