From 1a86c6e290a270b53d6b442d5568e2afcca70e0a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Pupier?= Date: Tue, 30 Jun 2026 13:10:56 +0200 Subject: [PATCH] Restrict trigger push branch for GitHub Workflow MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Feature branches rarely need their own CI runs: the code is already tested when a pull request is opened against a release branch. If the push trigger has no branch restriction and pull_request is also configured, every push to a branch with an open PR runs the workflow twice: once for the push and once for the PR synchronisation. Always give the push trigger an explicit list of branches: this stops branches created from a release branch from inheriting its workflow runs. see https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=430408443#GitHubActionsRecommendedPractices-Restrictthepushtriggertospecificbranches Signed-off-by: Aurélien Pupier --- .github/workflows/codeql-analysis.yml | 7 ++++++- .github/workflows/gradle-wrapper-validation.yml | 3 +++ .github/workflows/groovy-build-artifacts.yml | 7 ++++++- .github/workflows/groovy-build-coverage.yml | 7 ++++++- .github/workflows/groovy-build-dist.yml | 7 ++++++- .github/workflows/groovy-build-performance.yml | 7 ++++++- .github/workflows/groovy-build-test.yml | 7 ++++++- .github/workflows/groovy-jmh-classic.yml | 7 ++++++- .github/workflows/groovy-jmh.yml | 7 ++++++- .github/workflows/groovy-rat-check.yml | 7 ++++++- 10 files changed, 57 insertions(+), 9 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4d686aa19fd..8987180474d 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -15,7 +15,12 @@ name: "CodeQL" -on: [push, pull_request] +on: + push: + branches: + - master + - GROOVY_* + pull_request: concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml index 7eed51c64ee..27fe0e66881 100644 --- a/.github/workflows/gradle-wrapper-validation.yml +++ b/.github/workflows/gradle-wrapper-validation.yml @@ -17,6 +17,9 @@ name: "Validate Gradle Wrapper" on: push: + branches: + - master + - GROOVY_* paths: - 'gradlew' - 'gradlew.bat' diff --git a/.github/workflows/groovy-build-artifacts.yml b/.github/workflows/groovy-build-artifacts.yml index cb002618720..fe01ca41ed8 100644 --- a/.github/workflows/groovy-build-artifacts.yml +++ b/.github/workflows/groovy-build-artifacts.yml @@ -15,7 +15,12 @@ name: Generate SNAPSHOT artifacts -on: [push, pull_request] +on: + push: + branches: + - master + - GROOVY_* + pull_request: permissions: contents: read diff --git a/.github/workflows/groovy-build-coverage.yml b/.github/workflows/groovy-build-coverage.yml index a82bab2287c..adfe3d5090a 100644 --- a/.github/workflows/groovy-build-coverage.yml +++ b/.github/workflows/groovy-build-coverage.yml @@ -15,7 +15,12 @@ name: Build and test for coverage -on: [push, pull_request] +on: + push: + branches: + - master + - GROOVY_* + pull_request: permissions: contents: read diff --git a/.github/workflows/groovy-build-dist.yml b/.github/workflows/groovy-build-dist.yml index f2fca6af85d..762e39ed7da 100644 --- a/.github/workflows/groovy-build-dist.yml +++ b/.github/workflows/groovy-build-dist.yml @@ -15,7 +15,12 @@ name: Generate SNAPSHOT distributions -on: [push, pull_request] +on: + push: + branches: + - master + - GROOVY_* + pull_request: permissions: contents: read diff --git a/.github/workflows/groovy-build-performance.yml b/.github/workflows/groovy-build-performance.yml index 69e28807b86..33302d63d15 100644 --- a/.github/workflows/groovy-build-performance.yml +++ b/.github/workflows/groovy-build-performance.yml @@ -15,7 +15,12 @@ name: Performance check -on: [push, pull_request] +on: + push: + branches: + - master + - GROOVY_* + pull_request: concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} diff --git a/.github/workflows/groovy-build-test.yml b/.github/workflows/groovy-build-test.yml index deaeb78a436..b8dea69725f 100644 --- a/.github/workflows/groovy-build-test.yml +++ b/.github/workflows/groovy-build-test.yml @@ -15,7 +15,12 @@ name: Build and test -on: [push, pull_request] +on: + push: + branches: + - master + - GROOVY_* + pull_request: permissions: contents: read diff --git a/.github/workflows/groovy-jmh-classic.yml b/.github/workflows/groovy-jmh-classic.yml index 29fddae6764..364dc599fd5 100644 --- a/.github/workflows/groovy-jmh-classic.yml +++ b/.github/workflows/groovy-jmh-classic.yml @@ -15,7 +15,12 @@ name: jmh-classic -on: [push, pull_request] +on: + push: + branches: + - master + - GROOVY_* + pull_request: concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} diff --git a/.github/workflows/groovy-jmh.yml b/.github/workflows/groovy-jmh.yml index 0c729bc9c5c..8337f8ac74a 100644 --- a/.github/workflows/groovy-jmh.yml +++ b/.github/workflows/groovy-jmh.yml @@ -15,7 +15,12 @@ name: jmh -on: [push, pull_request] +on: + push: + branches: + - master + - GROOVY_* + pull_request: permissions: contents: read diff --git a/.github/workflows/groovy-rat-check.yml b/.github/workflows/groovy-rat-check.yml index 7397c5c995b..ad41e239ab7 100644 --- a/.github/workflows/groovy-rat-check.yml +++ b/.github/workflows/groovy-rat-check.yml @@ -15,7 +15,12 @@ name: Check licenses -on: [push, pull_request] +on: + push: + branches: + - master + - GROOVY_* + pull_request: permissions: contents: read