Skip to content

ci: updating runners to ubuntu 24 #4149

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

ci: updating runners to ubuntu 24 #4149

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
7e3aeb8
updating runners to latest ubuntu and larger runners
JaydipGabani Sep 11, 2025
15fb3ab
testing export CI
JaydipGabani Sep 18, 2025
9086303
fixing tests
JaydipGabani Sep 23, 2025
c786d59
pinning to ubuntu 24.04 whenever large runners are not required
JaydipGabani Oct 28, 2025
80c89d9
Merge branch 'master' into update_runner
JaydipGabani Nov 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/benchmark.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
benchmark:
name: "Benchmark"
if: github.event.issue.pull_request && github.event.comment.body == '/benchmark'
runs-on: ubuntu-22.04
runs-on: ubuntu-latest-8-cores
Copy link
Member

@sozercan sozercan Sep 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
runs-on: ubuntu-latest-8-cores
runs-on: ubuntu-24.04

timeout-minutes: 60
permissions:
contents: write
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/check-manifest.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ permissions: read-all
jobs:
check_manifest:
name: "Check codegen and manifest"
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
Copy link
Member

@sozercan sozercan Sep 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
runs-on: ubuntu-latest
runs-on: ubuntu-24.04

timeout-minutes: 10
steps:
- name: Harden Runner
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/codeql.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ permissions: read-all
jobs:
analyze:
name: Analyze
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
permissions:
security-events: write

Expand Down
28 changes: 21 additions & 7 deletions .github/workflows/dapr-export.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,19 +1,33 @@
name: dapr-export
on:
push:
paths:
- "pkg/export/dapr"
- "test/export/**"
paths-ignore:
- ".github/workflows/website.yaml"
- "docs/**"
- "library/**"
- "demo/**"
- "deprecated/**"
- "example/**"
- "website/**"
- "**.md"
- "!cmd/build/helmify/static/README.md"
pull_request:
paths:
- "pkg/export/dapr"
- "test/export/**"
paths-ignore:
- ".github/workflows/website.yaml"
- "docs/**"
- "library/**"
- "demo/**"
- "deprecated/**"
- "example/**"
- "website/**"
- "**.md"
- "!cmd/build/helmify/static/README.md"
permissions: read-all

jobs:
dapr_test:
name: "Dapr export test"
runs-on: ubuntu-22.04
runs-on: ubuntu-latest-8
timeout-minutes: 15
strategy:
matrix:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/dependency-review.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ permissions:

jobs:
dependency-review:
runs-on: ubuntu-22.04
runs-on: ubuntu-latest-8-cores
steps:
- name: Harden Runner
uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
Expand Down
30 changes: 21 additions & 9 deletions .github/workflows/disk-export.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,21 +1,33 @@
name: disk-export
on:
push:
paths:
- "pkg/export/dapr"
- "pkg/export/disk"
- "test/export/**"
paths-ignore:
- ".github/workflows/website.yaml"
- "docs/**"
- "library/**"
- "demo/**"
- "deprecated/**"
- "example/**"
- "website/**"
- "**.md"
- "!cmd/build/helmify/static/README.md"
pull_request:
paths:
- "pkg/export/dapr"
- "pkg/export/disk"
- "test/export/**"
paths-ignore:
- ".github/workflows/website.yaml"
- "docs/**"
- "library/**"
- "demo/**"
- "deprecated/**"
- "example/**"
- "website/**"
- "**.md"
- "!cmd/build/helmify/static/README.md"
permissions: read-all

jobs:
disk_test:
name: "Disk export test"
runs-on: ubuntu-22.04
runs-on: ubuntu-latest-8-cores
timeout-minutes: 15
steps:
- name: Harden Runner
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/helm-lint.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ permissions: read-all
jobs:
helm_lint_test:
name: "Helm lint"
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
timeout-minutes: 15

steps:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/license-lint.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ permissions:
jobs:
license-lint:
name: "license-lint"
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
timeout-minutes: 5
permissions:
contents: read
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/lint.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ permissions: read-all

jobs:
lint:
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/patch-docs.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ permissions:

jobs:
patch-docs:
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/pre-release.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ env:
jobs:
pre-release:
name: "Pre Release"
runs-on: "ubuntu-22.04"
runs-on: "ubuntu-latest-8-cores"
if: github.ref == 'refs/heads/master' && github.event_name == 'push' && github.repository == 'open-policy-agent/gatekeeper'
timeout-minutes: 30
permissions:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release-pr.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ permissions:

jobs:
create-release-pull-request:
runs-on: ubuntu-22.04
runs-on: ubuntu-latest-8-cores
steps:
- name: Harden Runner
uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ permissions: read-all
jobs:
tagged-release:
name: "Tagged Release"
runs-on: "ubuntu-22.04"
runs-on: "ubuntu-latest-8-cores"
permissions:
contents: write
packages: write
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/scan-vulns.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ permissions: read-all
jobs:
govulncheck:
name: "Run govulncheck"
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- name: Harden Runner
Expand All @@ -44,7 +44,7 @@ jobs:

scan_vulnerabilities:
name: "[Trivy] Scan for vulnerabilities"
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- name: Harden Runner
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/scorecards.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ permissions: read-all
jobs:
analysis:
name: Scorecard analysis
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/test-gator.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ permissions: read-all
jobs:
gator_test:
name: "Test Gator"
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
timeout-minutes: 5
strategy:
fail-fast: false
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/unit-test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ permissions: read-all
jobs:
test:
name: "Unit test"
runs-on: ubuntu-22.04
runs-on: ubuntu-latest-8-cores
timeout-minutes: 20
steps:
- name: Harden Runner
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/upgrade.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ env:
jobs:
helm_upgrade:
name: "[Helm] Upgrade test"
runs-on: ubuntu-22.04
runs-on: ubuntu-latest-8-cores
timeout-minutes: 15
strategy:
fail-fast: false
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/website.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ permissions: read-all

jobs:
deploy:
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
permissions:
contents: write
defaults:
Expand Down Expand Up @@ -62,7 +62,7 @@ jobs:
destination_dir: ./website

check_typos:
runs-on: ubuntu-22.04
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/workflow.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ permissions: read-all
jobs:
build_test:
name: "Build and Test"
runs-on: ubuntu-22.04
runs-on: ubuntu-latest-16-cores
timeout-minutes: 15
strategy:
fail-fast: false
Expand Down Expand Up @@ -89,7 +89,7 @@ jobs:

helm_build_test:
name: "[Helm] Build and Test"
runs-on: ubuntu-22.04
runs-on: ubuntu-latest-16-cores
timeout-minutes: 15
strategy:
fail-fast: false
Expand Down Expand Up @@ -159,7 +159,7 @@ jobs:

build_test_generator_expansion:
name: "[Generator Resource Expansion] Build and Test"
runs-on: ubuntu-22.04
runs-on: ubuntu-latest-16-cores
timeout-minutes: 15

steps:
Expand Down Expand Up @@ -216,7 +216,7 @@ jobs:

e2e_test_with_OwnerReferencesPermissionEnforcement_admission_plugin:
name: "[E2E] Test with OwnerReferencesPermissionEnforcement admission plugin"
runs-on: ubuntu-22.04
runs-on: ubuntu-latest-16-cores
timeout-minutes: 15
steps:
- name: Harden Runner
Expand Down
3 changes: 1 addition & 2 deletions test/bats/test.bats
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -684,9 +684,8 @@ __expansion_audit_test() {

@test "rego v1 tests" {
wait_for_process ${WAIT_TIME} ${SLEEP_TIME} "kubectl apply -f ${BATS_TESTS_DIR}/templates/k8srequiredlabels_template_regov1.yaml"
wait_for_process ${WAIT_TIME} ${SLEEP_TIME} "kubectl get constrainttemplates.templates.gatekeeper.sh k8srequiredlabels -ojson | jq -r -e '.status.byPod[0]'"
wait_for_process ${WAIT_TIME} ${SLEEP_TIME} "kubectl get constrainttemplates.templates.gatekeeper.sh k8srequiredlabelsv1 -ojson | jq -r -e '.status.byPod[0]'"

kubectl get constrainttemplates.templates.gatekeeper.sh k8srequiredlabelsv1 -oyaml
wait_for_process ${WAIT_TIME} ${SLEEP_TIME} "kubectl apply -f ${BATS_TESTS_DIR}/constraints/all_ns_must_have_label_provided.yaml"

run kubectl apply -f ${BATS_TESTS_DIR}/bad/bad_ns.yaml
Expand Down
Loading