Skip to content

Restrict trigger push branch for GitHub Workflow#13522

Open
apupier wants to merge 1 commit into
apache:mainfrom
apupier:configureTriggerPushForGitHubActions
Open

Restrict trigger push branch for GitHub Workflow#13522
apupier wants to merge 1 commit into
apache:mainfrom
apupier:configureTriggerPushForGitHubActions

Conversation

@apupier

@apupier apupier commented Jul 1, 2026

Copy link
Copy Markdown

Feature branches rarely need their own CI runs: the code is already tested when a pull request is opened against a release branch. If the push trigger has no branch restriction and pull_request is also configured, every push to a branch with an open PR runs the workflow twice: once for the push and once for the PR synchronisation.

Always give the push trigger an explicit list of branches: this stops branches created from a release branch from inheriting its workflow runs.

see https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=430408443#GitHubActionsRecommendedPractices-Restrictthepushtriggertospecificbranches

Description

This PR...

Types of changes

  • Breaking change (fix or feature that would cause existing functionality to change)
  • New feature (non-breaking change which adds functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • Enhancement (improves an existing feature and functionality)
  • Cleanup (Code refactoring and cleanup, that may add test cases)
  • Build/CI
  • Test (unit or integration test code)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

  • Major
  • Minor

Bug Severity

  • BLOCKER
  • Critical
  • Major
  • Minor
  • Trivial

Screenshots (if appropriate):

How Has This Been Tested?

How did you try to break this feature and the system with this change?

Feature branches rarely need their own CI runs: the code is already
tested when a pull request is opened against a release branch. If the
push trigger has no branch restriction and pull_request is also
configured, every push to a branch with an open PR runs the workflow
twice: once for the push and once for the PR synchronisation.

Always give the push trigger an explicit list of branches: this stops
branches created from a release branch from inheriting its workflow
runs.

see https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=430408443#GitHubActionsRecommendedPractices-Restrictthepushtriggertospecificbranches

Signed-off-by: Aurélien Pupier <apupier@ibm.com>
@boring-cyborg

boring-cyborg Bot commented Jul 1, 2026

Copy link
Copy Markdown

Congratulations on your first Pull Request and welcome to the Apache CloudStack community! If you have any issues or are unsure about any anything please check our Contribution Guide (https://github.com/apache/cloudstack/blob/main/CONTRIBUTING.md)
Here are some useful points:

@codecov

codecov Bot commented Jul 1, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 18.93%. Comparing base (a97c510) to head (e82429c).

Additional details and impacted files
@@             Coverage Diff              @@
##               main   #13522      +/-   ##
============================================
- Coverage     18.93%   18.93%   -0.01%     
- Complexity    18471    18474       +3     
============================================
  Files          6221     6221              
  Lines        560048   560048              
  Branches      68290    68290              
============================================
- Hits         106068   106056      -12     
- Misses       442351   442368      +17     
+ Partials      11629    11624       -5     
Flag Coverage Δ
uitests 3.50% <ø> (ø)
unittests 20.14% <ø> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@apupier

apupier commented Jul 1, 2026

Copy link
Copy Markdown
Author

sonar erro is unrelated to this PR:

POST /repos/apache/cloudstack/issues/13522/comments - 403 with id A818:34F90C:762457:780104:6A451A2F in 365ms
RequestError [HttpError]: Resource not accessible by integration - https://docs.github.com/rest/issues/comments#create-an-issue-comment
    at fetchWrapper (/home/runner/work/_actions/actions/github-script/3a2844b7e9c422d3c10d287c895573f7108da1b3/dist/index.js:61509:11)
Error: Unhandled error: HttpError: Resource not accessible by integration - https://docs.github.com/rest/issues/comments#create-an-issue-comment
    at process.processTicksAndRejections (node:internal/process/task_queues:104:5)
    at async eval (eval at callAsyncFunction (/home/runner/work/_actions/actions/github-script/3a2844b7e9c422d3c10d287c895573f7108da1b3/dist/index.js:64949:16), <anonymous>:36:1)
    at async main (/home/runner/work/_actions/actions/github-script/3a2844b7e9c422d3c10d287c895573f7108da1b3/dist/index.js:65100:20) {
  status: 403,
  request: {
    method: 'POST',
    url: 'https://api.github.com/repos/apache/cloudstack/issues/13522/comments',
    headers: {
      accept: 'application/vnd.github.v3+json',
      'user-agent': 'actions/github-script actions_orchestration_id/1ab6608d-03a6-4789-9e51-f367e5e95cbe.build.__default octokit-core.js/7.0.6 Node.js/24',
      authorization: 'bearer [REDACTED]',
      'content-type': 'application/json; charset=utf-8'
    },
    body: [Object: null prototype] {
      body: '## 🔴 Test Coverage Grade: `D` — Marginal\n' +

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant