diff --git a/.github/workflows/build_deploy.yml b/.github/workflows/build_deploy.yml index c71c3db7ebd..588b3f6817f 100644 --- a/.github/workflows/build_deploy.yml +++ b/.github/workflows/build_deploy.yml @@ -11,6 +11,9 @@ on: - build_deploy* - 'upgrade-latest-*' pull_request: + merge_group: + # Trigger jobs when PR is added to merge queue + types: [checks_requested] release: types: - published diff --git a/.github/workflows/build_python_3.yml b/.github/workflows/build_python_3.yml index 05face7dc69..405d93f332f 100644 --- a/.github/workflows/build_python_3.yml +++ b/.github/workflows/build_python_3.yml @@ -1,6 +1,9 @@ name: Build Python 3 on: + merge_group: + # Trigger jobs when PR is added to merge queue + types: [checks_requested] workflow_call: inputs: cibw_build: diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 960b2a21036..264977d2706 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -8,6 +8,9 @@ on: # The branches below must be a subset of the branches above branches: - main + merge_group: + # Trigger jobs when PR is added to merge queue + types: [checks_requested] jobs: analyze: diff --git a/.github/workflows/django-overhead-profile.yml b/.github/workflows/django-overhead-profile.yml index 602d1302976..65cf3d707f3 100644 --- a/.github/workflows/django-overhead-profile.yml +++ b/.github/workflows/django-overhead-profile.yml @@ -8,6 +8,9 @@ on: - 'ddtrace/**' - 'scripts/profiles/django-simple/**' - '.github/workflows/django-overhead-profile.yml' + merge_group: + # Trigger jobs when PR is added to merge queue + types: [checks_requested] jobs: django-overhead-profile: runs-on: ubuntu-latest diff --git a/.github/workflows/encoders-profile.yml b/.github/workflows/encoders-profile.yml index d95612b43c7..61bad5df936 100644 --- a/.github/workflows/encoders-profile.yml +++ b/.github/workflows/encoders-profile.yml @@ -8,6 +8,9 @@ on: - 'ddtrace/internal/_encoding.pyx' - 'scripts/profiles/encoders/**' - '.github/workflows/encoders-profile.yml' + merge_group: + # Trigger jobs when PR is added to merge queue + types: [checks_requested] jobs: encoders-profile: runs-on: ubuntu-latest diff --git a/.github/workflows/flask-overhead-profile.yml b/.github/workflows/flask-overhead-profile.yml index 4b9d6117701..d6062c1d8f7 100644 --- a/.github/workflows/flask-overhead-profile.yml +++ b/.github/workflows/flask-overhead-profile.yml @@ -8,6 +8,9 @@ on: - 'ddtrace/**' - 'scripts/profiles/flask-simple/**' - '.github/workflows/flask-overhead-profile.yml' + merge_group: + # Trigger jobs when PR is added to merge queue + types: [checks_requested] jobs: flask-overhead-profile: runs-on: ubuntu-latest diff --git a/.github/workflows/pypa_musllinux_1_2_i686.yml b/.github/workflows/pypa_musllinux_1_2_i686.yml index 601f0fbff51..d56b51c42ac 100644 --- a/.github/workflows/pypa_musllinux_1_2_i686.yml +++ b/.github/workflows/pypa_musllinux_1_2_i686.yml @@ -17,5 +17,8 @@ jobs: build-args: '' context: ./docker file: Dockerfile.pypa_musllinux_1_2_i686 + permissions: + contents: read # Allows access to repository contents + packages: write # Allows publishing to GHCR secrets: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/requirements-locks.yml b/.github/workflows/requirements-locks.yml index fece6261a1a..ac6b1dce8fa 100644 --- a/.github/workflows/requirements-locks.yml +++ b/.github/workflows/requirements-locks.yml @@ -5,6 +5,9 @@ on: - main pull_request: types: [opened, reopened, synchronize] + merge_group: + # Trigger jobs when PR is added to merge queue + types: [checks_requested] jobs: validate: name: Check requirements lockfiles diff --git a/.github/workflows/rust-ci.yml b/.github/workflows/rust-ci.yml index 668aa507f89..7400aef7333 100644 --- a/.github/workflows/rust-ci.yml +++ b/.github/workflows/rust-ci.yml @@ -4,6 +4,9 @@ on: pull_request: paths: - src/** + merge_group: + # Trigger jobs when PR is added to merge queue + types: [checks_requested] jobs: check: diff --git a/.github/workflows/system-tests.yml b/.github/workflows/system-tests.yml index ee73ec62454..e5cc5002545 100644 --- a/.github/workflows/system-tests.yml +++ b/.github/workflows/system-tests.yml @@ -8,6 +8,9 @@ on: workflow_dispatch: {} schedule: - cron: '00 04 * * 2-6' + merge_group: + # Trigger jobs when PR is added to merge queue + types: [checks_requested] jobs: needs-run: diff --git a/.github/workflows/test_frameworks.yml b/.github/workflows/test_frameworks.yml index 4af5de67885..34dafa6fcd8 100644 --- a/.github/workflows/test_frameworks.yml +++ b/.github/workflows/test_frameworks.yml @@ -5,6 +5,9 @@ on: branches: - main pull_request: + merge_group: + # Trigger jobs when PR is added to merge queue + types: [checks_requested] concurrency: group: ${{ github.workflow }}-${{ github.ref }} diff --git a/.github/workflows/testrunner.yml b/.github/workflows/testrunner.yml index 816db70d6e8..7bb453dd63a 100644 --- a/.github/workflows/testrunner.yml +++ b/.github/workflows/testrunner.yml @@ -16,5 +16,8 @@ jobs: platforms: 'linux/amd64,linux/arm64/v8' build-args: '' context: ./docker + permissions: + contents: read # Allows access to repository contents + packages: write # Allows publishing to GHCR secrets: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/unit_tests.yml b/.github/workflows/unit_tests.yml index 4eac68c069b..cf9a8799a6f 100644 --- a/.github/workflows/unit_tests.yml +++ b/.github/workflows/unit_tests.yml @@ -6,6 +6,9 @@ on: - main pull_request: workflow_dispatch: {} + merge_group: + # Trigger jobs when PR is added to merge queue + types: [checks_requested] jobs: unit-tests: