diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-08-14 19:51:27 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-08-20 06:20:40 -0300 |
commit | b589045b0fde572b892b8fe9333e2148f6b28452 (patch) | |
tree | fbb575d093d2eefe5ae8e9b865e462ea76b81576 | |
parent | Merge pull request #5956 from kmk3/build-fix-dep-syntax (diff) | |
download | firejail-b589045b0fde572b892b8fe9333e2148f6b28452.tar.gz firejail-b589045b0fde572b892b8fe9333e2148f6b28452.tar.zst firejail-b589045b0fde572b892b8fe9333e2148f6b28452.zip |
ci: use path whitelists instead of blacklists
That is, replace `paths-ignore` with `paths`.
This should reduce the number of unnecessary workflow executions and the
frequency at which paths are changed. It also reduces the overall
number of paths used.
Also, add the missing ci/printenv.sh to the path whitelists.
-rw-r--r-- | .github/workflows/build-extra.yml | 70 | ||||
-rw-r--r-- | .github/workflows/build.yml | 63 | ||||
-rw-r--r-- | .github/workflows/codeql-analysis.yml | 70 | ||||
-rw-r--r-- | .github/workflows/profile-checks.yml | 2 | ||||
-rw-r--r-- | Makefile | 1 |
5 files changed, 90 insertions, 116 deletions
diff --git a/.github/workflows/build-extra.yml b/.github/workflows/build-extra.yml index 3fc71a299..f35a7d3d3 100644 --- a/.github/workflows/build-extra.yml +++ b/.github/workflows/build-extra.yml | |||
@@ -2,51 +2,33 @@ name: Build-extra CI | |||
2 | 2 | ||
3 | on: | 3 | on: |
4 | push: | 4 | push: |
5 | paths-ignore: | 5 | paths: |
6 | - '.github/ISSUE_TEMPLATE/*' | 6 | - 'm4/**' |
7 | - 'contrib/syntax/**' | 7 | - 'src/**.c' |
8 | - 'contrib/vim/**' | 8 | - 'src/**.h' |
9 | - 'etc/**' | 9 | - 'src/**.mk' |
10 | - 'src/man/*.in' | 10 | - 'src/**Makefile' |
11 | - .git-blame-ignore-revs | 11 | - .github/workflows/build-extra.yml |
12 | - .github/dependabot.yml | 12 | - Makefile |
13 | - .github/pull_request_template.md | 13 | - ci/printenv.sh |
14 | - .github/workflows/build.yml | 14 | - config.mk.in |
15 | - .github/workflows/codeql-analysis.yml | 15 | - config.sh.in |
16 | - .github/workflows/codespell.yml | 16 | - configure |
17 | - .github/workflows/profile-checks.yml | 17 | - configure.ac |
18 | - .gitignore | ||
19 | - .gitlab-ci.yml | ||
20 | - CONTRIBUTING.md | ||
21 | - COPYING | ||
22 | - README | ||
23 | - README.md | ||
24 | - RELNOTES | ||
25 | - SECURITY.md | ||
26 | - src/firecfg/firecfg.config | ||
27 | pull_request: | 18 | pull_request: |
28 | paths-ignore: | 19 | paths: |
29 | - '.github/ISSUE_TEMPLATE/*' | 20 | - 'm4/**' |
30 | - 'contrib/syntax/**' | 21 | - 'src/**.c' |
31 | - 'contrib/vim/**' | 22 | - 'src/**.h' |
32 | - 'etc/**' | 23 | - 'src/**.mk' |
33 | - 'src/man/*.in' | 24 | - 'src/**Makefile' |
34 | - .git-blame-ignore-revs | 25 | - .github/workflows/build-extra.yml |
35 | - .github/dependabot.yml | 26 | - Makefile |
36 | - .github/pull_request_template.md | 27 | - ci/printenv.sh |
37 | - .github/workflows/build.yml | 28 | - config.mk.in |
38 | - .github/workflows/codeql-analysis.yml | 29 | - config.sh.in |
39 | - .github/workflows/codespell.yml | 30 | - configure |
40 | - .github/workflows/profile-checks.yml | 31 | - configure.ac |
41 | - .gitignore | ||
42 | - .gitlab-ci.yml | ||
43 | - CONTRIBUTING.md | ||
44 | - COPYING | ||
45 | - README | ||
46 | - README.md | ||
47 | - RELNOTES | ||
48 | - SECURITY.md | ||
49 | - src/firecfg/firecfg.config | ||
50 | 32 | ||
51 | permissions: # added using https://github.com/step-security/secure-workflows | 33 | permissions: # added using https://github.com/step-security/secure-workflows |
52 | contents: read | 34 | contents: read |
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 489ed4335..12df38762 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml | |||
@@ -1,42 +1,49 @@ | |||
1 | name: Build CI | 1 | name: Build CI |
2 | 2 | ||
3 | # Note: Keep this list in sync with DISTFILES in ../../Makefile. | ||
3 | on: | 4 | on: |
4 | push: | 5 | push: |
5 | paths-ignore: | 6 | paths: |
6 | - '.github/ISSUE_TEMPLATE/*' | 7 | - 'contrib/**' |
7 | - .git-blame-ignore-revs | 8 | - 'etc/**' |
8 | - .github/dependabot.yml | 9 | - 'm4/**' |
9 | - .github/pull_request_template.md | 10 | - 'platform/**' |
10 | - .github/workflows/build-extra.yml | 11 | - 'src/**' |
11 | - .github/workflows/codeql-analysis.yml | 12 | - 'test/**' |
12 | - .github/workflows/codespell.yml | 13 | - .github/workflows/build.yml |
13 | - .github/workflows/profile-checks.yml | ||
14 | - .gitignore | ||
15 | - .gitlab-ci.yml | ||
16 | - CONTRIBUTING.md | ||
17 | - COPYING | 14 | - COPYING |
15 | - Makefile | ||
18 | - README | 16 | - README |
19 | - README.md | ||
20 | - RELNOTES | 17 | - RELNOTES |
21 | - SECURITY.md | 18 | - ci/printenv.sh |
19 | - config.mk.in | ||
20 | - config.sh.in | ||
21 | - configure | ||
22 | - configure.ac | ||
23 | - install.sh | ||
24 | - mkdeb.sh | ||
25 | - mketc.sh | ||
22 | pull_request: | 26 | pull_request: |
23 | paths-ignore: | 27 | paths: |
24 | - '.github/ISSUE_TEMPLATE/*' | 28 | - 'contrib/**' |
25 | - .git-blame-ignore-revs | 29 | - 'etc/**' |
26 | - .github/dependabot.yml | 30 | - 'm4/**' |
27 | - .github/pull_request_template.md | 31 | - 'platform/**' |
28 | - .github/workflows/build-extra.yml | 32 | - 'src/**' |
29 | - .github/workflows/codeql-analysis.yml | 33 | - 'test/**' |
30 | - .github/workflows/codespell.yml | 34 | - .github/workflows/build.yml |
31 | - .github/workflows/profile-checks.yml | ||
32 | - .gitignore | ||
33 | - .gitlab-ci.yml | ||
34 | - CONTRIBUTING.md | ||
35 | - COPYING | 35 | - COPYING |
36 | - Makefile | ||
36 | - README | 37 | - README |
37 | - README.md | ||
38 | - RELNOTES | 38 | - RELNOTES |
39 | - SECURITY.md | 39 | - ci/printenv.sh |
40 | - config.mk.in | ||
41 | - config.sh.in | ||
42 | - configure | ||
43 | - configure.ac | ||
44 | - install.sh | ||
45 | - mkdeb.sh | ||
46 | - mketc.sh | ||
40 | 47 | ||
41 | permissions: # added using https://github.com/step-security/secure-workflows | 48 | permissions: # added using https://github.com/step-security/secure-workflows |
42 | contents: read | 49 | contents: read |
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 344090cfd..a4c4a1146 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml | |||
@@ -7,51 +7,33 @@ name: "CodeQL" | |||
7 | 7 | ||
8 | on: | 8 | on: |
9 | push: | 9 | push: |
10 | paths-ignore: | 10 | paths: |
11 | - '.github/ISSUE_TEMPLATE/*' | 11 | - 'm4/**' |
12 | - 'contrib/syntax/**' | 12 | - 'src/**.c' |
13 | - 'contrib/vim/**' | 13 | - 'src/**.h' |
14 | - 'etc/**' | 14 | - 'src/**.mk' |
15 | - 'src/man/*.txt' | 15 | - 'src/**Makefile' |
16 | - .git-blame-ignore-revs | 16 | - .github/workflows/codeql-analysis.yml |
17 | - .github/dependabot.yml | 17 | - Makefile |
18 | - .github/pull_request_template.md | 18 | - ci/printenv.sh |
19 | - .github/workflows/build-extra.yml | 19 | - config.mk.in |
20 | - .github/workflows/build.yml | 20 | - config.sh.in |
21 | - .github/workflows/codespell.yml | 21 | - configure |
22 | - .github/workflows/profile-checks.yml | 22 | - configure.ac |
23 | - .gitignore | ||
24 | - .gitlab-ci.yml | ||
25 | - CONTRIBUTING.md | ||
26 | - COPYING | ||
27 | - README | ||
28 | - README.md | ||
29 | - RELNOTES | ||
30 | - SECURITY.md | ||
31 | - src/firecfg/firecfg.config | ||
32 | pull_request: | 23 | pull_request: |
33 | paths-ignore: | 24 | paths: |
34 | - '.github/ISSUE_TEMPLATE/*' | 25 | - 'm4/**' |
35 | - 'contrib/syntax/**' | 26 | - 'src/**.c' |
36 | - 'contrib/vim/**' | 27 | - 'src/**.h' |
37 | - 'etc/**' | 28 | - 'src/**.mk' |
38 | - 'src/man/*.txt' | 29 | - 'src/**Makefile' |
39 | - .git-blame-ignore-revs | 30 | - .github/workflows/codeql-analysis.yml |
40 | - .github/dependabot.yml | 31 | - Makefile |
41 | - .github/pull_request_template.md | 32 | - ci/printenv.sh |
42 | - .github/workflows/build-extra.yml | 33 | - config.mk.in |
43 | - .github/workflows/build.yml | 34 | - config.sh.in |
44 | - .github/workflows/codespell.yml | 35 | - configure |
45 | - .github/workflows/profile-checks.yml | 36 | - configure.ac |
46 | - .gitignore | ||
47 | - .gitlab-ci.yml | ||
48 | - CONTRIBUTING.md | ||
49 | - COPYING | ||
50 | - README | ||
51 | - README.md | ||
52 | - RELNOTES | ||
53 | - SECURITY.md | ||
54 | - src/firecfg/firecfg.config | ||
55 | schedule: | 37 | schedule: |
56 | - cron: '0 7 * * 2' | 38 | - cron: '0 7 * * 2' |
57 | 39 | ||
diff --git a/.github/workflows/profile-checks.yml b/.github/workflows/profile-checks.yml index c44012768..4768c91a1 100644 --- a/.github/workflows/profile-checks.yml +++ b/.github/workflows/profile-checks.yml | |||
@@ -6,6 +6,7 @@ on: | |||
6 | - 'ci/check/profiles/**' | 6 | - 'ci/check/profiles/**' |
7 | - 'etc/**' | 7 | - 'etc/**' |
8 | - .github/workflows/profile-checks.yml | 8 | - .github/workflows/profile-checks.yml |
9 | - ci/printenv.sh | ||
9 | - contrib/sort.py | 10 | - contrib/sort.py |
10 | - src/firecfg/firecfg.config | 11 | - src/firecfg/firecfg.config |
11 | pull_request: | 12 | pull_request: |
@@ -13,6 +14,7 @@ on: | |||
13 | - 'ci/check/profiles/**' | 14 | - 'ci/check/profiles/**' |
14 | - 'etc/**' | 15 | - 'etc/**' |
15 | - .github/workflows/profile-checks.yml | 16 | - .github/workflows/profile-checks.yml |
17 | - ci/printenv.sh | ||
16 | - contrib/sort.py | 18 | - contrib/sort.py |
17 | - src/firecfg/firecfg.config | 19 | - src/firecfg/firecfg.config |
18 | 20 | ||
@@ -299,6 +299,7 @@ uninstall: config.mk | |||
299 | rm -f $(DESTDIR)$(datarootdir)/gtksourceview-5/language-specs/firejail-profile.lang | 299 | rm -f $(DESTDIR)$(datarootdir)/gtksourceview-5/language-specs/firejail-profile.lang |
300 | @echo "If you want to install a different version of firejail, you might also need to run 'rm -fr $(DESTDIR)$(sysconfdir)/firejail', see #2038." | 300 | @echo "If you want to install a different version of firejail, you might also need to run 'rm -fr $(DESTDIR)$(sysconfdir)/firejail', see #2038." |
301 | 301 | ||
302 | # Note: Keep this list in sync with `paths` in .github/workflows/build.yml. | ||
302 | DISTFILES = \ | 303 | DISTFILES = \ |
303 | COPYING \ | 304 | COPYING \ |
304 | Makefile \ | 305 | Makefile \ |