From 10fefb6d635042316eb3d2a9389df6be13eb6d33 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Bombo?= Date: Thu, 25 Sep 2025 16:19:48 -0500 Subject: [PATCH] gha: zizmor: fix "workflow or action definition without a name" error MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This fixes that error everywhere by adding a `name:` field to all jobs that were missing it. We keep the same name as the job ID to ensure no disturbance to the required job names. Signed-off-by: Aurélien Bombo --- .github/workflows/actionlint.yaml | 1 + .github/workflows/basic-ci-amd64.yaml | 9 +++++++++ .github/workflows/basic-ci-s390x.yaml | 3 +++ .github/workflows/build-checks-preview-riscv64.yaml | 1 + .github/workflows/build-checks.yaml | 1 + .github/workflows/build-kata-static-tarball-amd64.yaml | 6 ++++++ .github/workflows/build-kata-static-tarball-arm64.yaml | 6 ++++++ .github/workflows/build-kata-static-tarball-ppc64le.yaml | 5 +++++ .github/workflows/build-kata-static-tarball-riscv64.yaml | 1 + .github/workflows/build-kata-static-tarball-s390x.yaml | 6 ++++++ .github/workflows/cargo-deny-runner.yaml | 1 + .github/workflows/ci-nightly-s390x.yaml | 1 + .github/workflows/ci-weekly.yaml | 1 + .github/workflows/ci.yaml | 2 ++ .github/workflows/cleanup-resources.yaml | 1 + .github/workflows/darwin-tests.yaml | 1 + .github/workflows/docs-url-alive-check.yaml | 1 + .github/workflows/gatekeeper-skipper.yaml | 1 + .github/workflows/gatekeeper.yaml | 1 + .github/workflows/govulncheck.yaml | 1 + .github/workflows/kata-runtime-classes-sync.yaml | 3 +++ .github/workflows/payload-after-push.yaml | 1 + .github/workflows/publish-kata-deploy-payload.yaml | 1 + .github/workflows/release-amd64.yaml | 1 + .github/workflows/release-arm64.yaml | 1 + .github/workflows/release-ppc64le.yaml | 1 + .github/workflows/release-s390x.yaml | 1 + .github/workflows/release.yaml | 8 ++++++++ .github/workflows/run-k8s-tests-on-aks.yaml | 1 + .github/workflows/run-k8s-tests-on-amd64.yaml | 1 + .github/workflows/run-k8s-tests-on-arm64.yaml | 1 + .github/workflows/run-k8s-tests-on-ppc64le.yaml | 1 + .github/workflows/run-k8s-tests-on-zvsi.yaml | 1 + .github/workflows/run-kata-coco-stability-tests.yaml | 1 + .github/workflows/run-kata-coco-tests.yaml | 3 +++ .github/workflows/run-kata-deploy-tests-on-aks.yaml | 1 + .github/workflows/run-kata-deploy-tests.yaml | 1 + .github/workflows/run-kata-monitor-tests.yaml | 1 + .github/workflows/run-metrics.yaml | 1 + .github/workflows/run-runk-tests.yaml | 1 + .github/workflows/shellcheck.yaml | 1 + .github/workflows/shellcheck_required.yaml | 1 + .github/workflows/stale.yaml | 1 + .github/workflows/static-checks.yaml | 3 +++ .github/workflows/zizmor.yaml | 1 + src/runtime/pkg/govmm/.github/workflows/main.yml | 1 + 46 files changed, 89 insertions(+) diff --git a/.github/workflows/actionlint.yaml b/.github/workflows/actionlint.yaml index e83e763df6..493638b4f4 100644 --- a/.github/workflows/actionlint.yaml +++ b/.github/workflows/actionlint.yaml @@ -20,6 +20,7 @@ concurrency: jobs: run-actionlint: + name: run-actionlint env: GH_TOKEN: ${{ github.token }} runs-on: ubuntu-24.04 diff --git a/.github/workflows/basic-ci-amd64.yaml b/.github/workflows/basic-ci-amd64.yaml index 6350f39aed..a10cfdfb2d 100644 --- a/.github/workflows/basic-ci-amd64.yaml +++ b/.github/workflows/basic-ci-amd64.yaml @@ -17,6 +17,7 @@ permissions: {} jobs: run-containerd-sandboxapi: + name: run-containerd-sandboxapi strategy: # We can set this to true whenever we're 100% sure that # the all the tests are not flaky, otherwise we'll fail @@ -63,6 +64,7 @@ jobs: run: bash tests/integration/cri-containerd/gha-run.sh run run-containerd-stability: + name: run-containerd-stability strategy: fail-fast: false matrix: @@ -103,6 +105,7 @@ jobs: run: bash tests/stability/gha-run.sh run run-nydus: + name: run-nydus strategy: # We can set this to true whenever we're 100% sure that # the all the tests are not flaky, otherwise we'll fail @@ -146,6 +149,7 @@ jobs: run: bash tests/integration/nydus/gha-run.sh run run-runk: + name: run-runk # Skip runk tests as we have no maintainers. TODO: Decide when to remove altogether if: false runs-on: ubuntu-22.04 @@ -181,6 +185,7 @@ jobs: run: bash tests/integration/runk/gha-run.sh run run-tracing: + name: run-tracing strategy: fail-fast: false matrix: @@ -223,6 +228,7 @@ jobs: run: bash tests/functional/tracing/gha-run.sh run run-vfio: + name: run-vfio strategy: fail-fast: false matrix: @@ -264,6 +270,7 @@ jobs: run: bash tests/functional/vfio/gha-run.sh run run-docker-tests: + name: run-docker-tests strategy: # We can set this to true whenever we're 100% sure that # all the tests are not flaky, otherwise we'll fail them @@ -308,6 +315,7 @@ jobs: run: bash tests/integration/docker/gha-run.sh run run-nerdctl-tests: + name: run-nerdctl-tests strategy: # We can set this to true whenever we're 100% sure that # all the tests are not flaky, otherwise we'll fail them @@ -366,6 +374,7 @@ jobs: retention-days: 1 run-kata-agent-apis: + name: run-kata-agent-apis runs-on: ubuntu-22.04 steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 diff --git a/.github/workflows/basic-ci-s390x.yaml b/.github/workflows/basic-ci-s390x.yaml index 292012ea0e..bce87d6614 100644 --- a/.github/workflows/basic-ci-s390x.yaml +++ b/.github/workflows/basic-ci-s390x.yaml @@ -17,6 +17,7 @@ permissions: {} jobs: run-containerd-sandboxapi: + name: run-containerd-sandboxapi strategy: # We can set this to true whenever we're 100% sure that # the all the tests are not flaky, otherwise we'll fail @@ -63,6 +64,7 @@ jobs: run: bash tests/integration/cri-containerd/gha-run.sh run run-containerd-stability: + name: run-containerd-stability strategy: fail-fast: false matrix: @@ -104,6 +106,7 @@ jobs: run: bash tests/stability/gha-run.sh run run-docker-tests: + name: run-docker-tests strategy: # We can set this to true whenever we're 100% sure that # all the tests are not flaky, otherwise we'll fail them diff --git a/.github/workflows/build-checks-preview-riscv64.yaml b/.github/workflows/build-checks-preview-riscv64.yaml index 6eaf5b933e..c5a666a331 100644 --- a/.github/workflows/build-checks-preview-riscv64.yaml +++ b/.github/workflows/build-checks-preview-riscv64.yaml @@ -17,6 +17,7 @@ permissions: {} name: Build checks preview riscv64 jobs: check: + name: check runs-on: ${{ inputs.instance }} strategy: fail-fast: false diff --git a/.github/workflows/build-checks.yaml b/.github/workflows/build-checks.yaml index 143ad5a143..9de1cba55c 100644 --- a/.github/workflows/build-checks.yaml +++ b/.github/workflows/build-checks.yaml @@ -11,6 +11,7 @@ permissions: {} name: Build checks jobs: check: + name: check runs-on: ${{ inputs.instance }} strategy: fail-fast: false diff --git a/.github/workflows/build-kata-static-tarball-amd64.yaml b/.github/workflows/build-kata-static-tarball-amd64.yaml index d6b6e34de0..49b437b9d8 100644 --- a/.github/workflows/build-kata-static-tarball-amd64.yaml +++ b/.github/workflows/build-kata-static-tarball-amd64.yaml @@ -28,6 +28,7 @@ permissions: {} jobs: build-asset: + name: build-asset runs-on: ubuntu-22.04 permissions: contents: read @@ -154,6 +155,7 @@ jobs: if-no-files-found: error build-asset-rootfs: + name: build-asset-rootfs runs-on: ubuntu-22.04 needs: build-asset permissions: @@ -225,6 +227,7 @@ jobs: # We don't need the binaries installed in the rootfs as part of the release tarball, so can delete them now we've built the rootfs remove-rootfs-binary-artifacts: + name: remove-rootfs-binary-artifacts runs-on: ubuntu-22.04 needs: build-asset-rootfs strategy: @@ -242,6 +245,7 @@ jobs: # We don't need the binaries installed in the rootfs as part of the release tarball, so can delete them now we've built the rootfs remove-rootfs-binary-artifacts-for-release: + name: remove-rootfs-binary-artifacts-for-release runs-on: ubuntu-22.04 needs: build-asset-rootfs strategy: @@ -255,6 +259,7 @@ jobs: name: kata-artifacts-amd64-${{ matrix.asset}}${{ inputs.tarball-suffix }} build-asset-shim-v2: + name: build-asset-shim-v2 runs-on: ubuntu-22.04 needs: [build-asset, build-asset-rootfs, remove-rootfs-binary-artifacts, remove-rootfs-binary-artifacts-for-release] permissions: @@ -316,6 +321,7 @@ jobs: if-no-files-found: error create-kata-tarball: + name: create-kata-tarball runs-on: ubuntu-22.04 needs: [build-asset, build-asset-rootfs, build-asset-shim-v2] permissions: diff --git a/.github/workflows/build-kata-static-tarball-arm64.yaml b/.github/workflows/build-kata-static-tarball-arm64.yaml index d0c4f77b5d..1e06ad8f69 100644 --- a/.github/workflows/build-kata-static-tarball-arm64.yaml +++ b/.github/workflows/build-kata-static-tarball-arm64.yaml @@ -28,6 +28,7 @@ permissions: {} jobs: build-asset: + name: build-asset runs-on: ubuntu-22.04-arm permissions: contents: read @@ -134,6 +135,7 @@ jobs: if-no-files-found: error build-asset-rootfs: + name: build-asset-rootfs runs-on: ubuntu-22.04-arm needs: build-asset permissions: @@ -200,6 +202,7 @@ jobs: # We don't need the binaries installed in the rootfs as part of the release tarball, so can delete them now we've built the rootfs remove-rootfs-binary-artifacts: + name: remove-rootfs-binary-artifacts runs-on: ubuntu-22.04-arm needs: build-asset-rootfs strategy: @@ -214,6 +217,7 @@ jobs: # We don't need the binaries installed in the rootfs as part of the release tarball, so can delete them now we've built the rootfs remove-rootfs-binary-artifacts-for-release: + name: remove-rootfs-binary-artifacts-for-release runs-on: ubuntu-22.04-arm needs: build-asset-rootfs strategy: @@ -227,6 +231,7 @@ jobs: name: kata-artifacts-arm64-${{ matrix.asset}}${{ inputs.tarball-suffix }} build-asset-shim-v2: + name: build-asset-shim-v2 runs-on: ubuntu-22.04-arm needs: [build-asset, build-asset-rootfs, remove-rootfs-binary-artifacts, remove-rootfs-binary-artifacts-for-release] permissions: @@ -286,6 +291,7 @@ jobs: if-no-files-found: error create-kata-tarball: + name: create-kata-tarball runs-on: ubuntu-22.04-arm needs: [build-asset, build-asset-rootfs, build-asset-shim-v2] permissions: diff --git a/.github/workflows/build-kata-static-tarball-ppc64le.yaml b/.github/workflows/build-kata-static-tarball-ppc64le.yaml index 6e90e70421..f9d04e9226 100644 --- a/.github/workflows/build-kata-static-tarball-ppc64le.yaml +++ b/.github/workflows/build-kata-static-tarball-ppc64le.yaml @@ -28,6 +28,7 @@ permissions: {} jobs: build-asset: + name: build-asset permissions: contents: read packages: write @@ -87,6 +88,7 @@ jobs: if-no-files-found: error build-asset-rootfs: + name: build-asset-rootfs runs-on: ppc64le needs: build-asset permissions: @@ -153,6 +155,7 @@ jobs: # We don't need the binaries installed in the rootfs as part of the release tarball, so can delete them now we've built the rootfs remove-rootfs-binary-artifacts: + name: remove-rootfs-binary-artifacts runs-on: ubuntu-22.04 needs: build-asset-rootfs strategy: @@ -166,6 +169,7 @@ jobs: name: kata-artifacts-ppc64le-${{ matrix.asset}}${{ inputs.tarball-suffix }} build-asset-shim-v2: + name: build-asset-shim-v2 runs-on: ppc64le needs: [build-asset, build-asset-rootfs, remove-rootfs-binary-artifacts] permissions: @@ -225,6 +229,7 @@ jobs: if-no-files-found: error create-kata-tarball: + name: create-kata-tarball runs-on: ppc64le needs: [build-asset, build-asset-rootfs, build-asset-shim-v2] permissions: diff --git a/.github/workflows/build-kata-static-tarball-riscv64.yaml b/.github/workflows/build-kata-static-tarball-riscv64.yaml index 925de07123..a02c7984d4 100644 --- a/.github/workflows/build-kata-static-tarball-riscv64.yaml +++ b/.github/workflows/build-kata-static-tarball-riscv64.yaml @@ -28,6 +28,7 @@ permissions: {} jobs: build-asset: + name: build-asset runs-on: riscv-builder permissions: contents: read diff --git a/.github/workflows/build-kata-static-tarball-s390x.yaml b/.github/workflows/build-kata-static-tarball-s390x.yaml index 725649aace..5b925dd1f1 100644 --- a/.github/workflows/build-kata-static-tarball-s390x.yaml +++ b/.github/workflows/build-kata-static-tarball-s390x.yaml @@ -31,6 +31,7 @@ permissions: {} jobs: build-asset: + name: build-asset runs-on: s390x permissions: contents: read @@ -119,6 +120,7 @@ jobs: if-no-files-found: error build-asset-rootfs: + name: build-asset-rootfs runs-on: s390x needs: build-asset permissions: @@ -186,6 +188,7 @@ jobs: if-no-files-found: error build-asset-boot-image-se: + name: build-asset-boot-image-se runs-on: s390x needs: [build-asset, build-asset-rootfs] permissions: @@ -235,6 +238,7 @@ jobs: # We don't need the binaries installed in the rootfs as part of the release tarball, so can delete them now we've built the rootfs remove-rootfs-binary-artifacts: + name: remove-rootfs-binary-artifacts runs-on: ubuntu-22.04 needs: [build-asset-rootfs, build-asset-boot-image-se] strategy: @@ -250,6 +254,7 @@ jobs: name: kata-artifacts-s390x-${{ matrix.asset}}${{ inputs.tarball-suffix }} build-asset-shim-v2: + name: build-asset-shim-v2 runs-on: s390x needs: [build-asset, build-asset-rootfs, remove-rootfs-binary-artifacts] permissions: @@ -311,6 +316,7 @@ jobs: if-no-files-found: error create-kata-tarball: + name: create-kata-tarball runs-on: s390x needs: - build-asset diff --git a/.github/workflows/cargo-deny-runner.yaml b/.github/workflows/cargo-deny-runner.yaml index 1c86530cf4..bf704eac9a 100644 --- a/.github/workflows/cargo-deny-runner.yaml +++ b/.github/workflows/cargo-deny-runner.yaml @@ -15,6 +15,7 @@ permissions: {} jobs: cargo-deny-runner: + name: cargo-deny-runner runs-on: ubuntu-22.04 steps: diff --git a/.github/workflows/ci-nightly-s390x.yaml b/.github/workflows/ci-nightly-s390x.yaml index 8c7a2951eb..4b44df7fca 100644 --- a/.github/workflows/ci-nightly-s390x.yaml +++ b/.github/workflows/ci-nightly-s390x.yaml @@ -8,6 +8,7 @@ permissions: {} jobs: check-internal-test-result: + name: check-internal-test-result runs-on: s390x strategy: fail-fast: false diff --git a/.github/workflows/ci-weekly.yaml b/.github/workflows/ci-weekly.yaml index 7e959f3cf3..bbd9501185 100644 --- a/.github/workflows/ci-weekly.yaml +++ b/.github/workflows/ci-weekly.yaml @@ -62,6 +62,7 @@ jobs: QUAY_DEPLOYER_PASSWORD: ${{ secrets.QUAY_DEPLOYER_PASSWORD }} build-and-publish-tee-confidential-unencrypted-image: + name: build-and-publish-tee-confidential-unencrypted-image permissions: contents: read packages: write diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index cf82e50c80..36f35552bb 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -177,6 +177,7 @@ jobs: QUAY_DEPLOYER_PASSWORD: ${{ secrets.QUAY_DEPLOYER_PASSWORD }} build-and-publish-tee-confidential-unencrypted-image: + name: build-and-publish-tee-confidential-unencrypted-image permissions: contents: read packages: write @@ -218,6 +219,7 @@ jobs: file: tests/integration/kubernetes/runtimeclass_workloads/confidential/unencrypted/Dockerfile publish-csi-driver-amd64: + name: publish-csi-driver-amd64 needs: build-kata-static-tarball-amd64 permissions: contents: read diff --git a/.github/workflows/cleanup-resources.yaml b/.github/workflows/cleanup-resources.yaml index 9f2b8cb7c3..77d623fb87 100644 --- a/.github/workflows/cleanup-resources.yaml +++ b/.github/workflows/cleanup-resources.yaml @@ -8,6 +8,7 @@ permissions: {} jobs: cleanup-resources: + name: cleanup-resources runs-on: ubuntu-22.04 permissions: id-token: write # Used for OIDC access to log into Azure diff --git a/.github/workflows/darwin-tests.yaml b/.github/workflows/darwin-tests.yaml index eefbb72d07..7111ff43d7 100644 --- a/.github/workflows/darwin-tests.yaml +++ b/.github/workflows/darwin-tests.yaml @@ -15,6 +15,7 @@ concurrency: name: Darwin tests jobs: test: + name: test runs-on: macos-latest steps: - name: Install Go diff --git a/.github/workflows/docs-url-alive-check.yaml b/.github/workflows/docs-url-alive-check.yaml index 2aab3ee76d..638a15f99f 100644 --- a/.github/workflows/docs-url-alive-check.yaml +++ b/.github/workflows/docs-url-alive-check.yaml @@ -7,6 +7,7 @@ permissions: {} name: Docs URL Alive Check jobs: test: + name: test runs-on: ubuntu-22.04 # don't run this action on forks if: github.repository_owner == 'kata-containers' diff --git a/.github/workflows/gatekeeper-skipper.yaml b/.github/workflows/gatekeeper-skipper.yaml index 39e23b77e1..78017f86a3 100644 --- a/.github/workflows/gatekeeper-skipper.yaml +++ b/.github/workflows/gatekeeper-skipper.yaml @@ -35,6 +35,7 @@ permissions: {} jobs: skipper: + name: skipper runs-on: ubuntu-22.04 outputs: skip_build: ${{ steps.skipper.outputs.skip_build }} diff --git a/.github/workflows/gatekeeper.yaml b/.github/workflows/gatekeeper.yaml index fedcffa175..20c9d7f304 100644 --- a/.github/workflows/gatekeeper.yaml +++ b/.github/workflows/gatekeeper.yaml @@ -20,6 +20,7 @@ concurrency: jobs: gatekeeper: + name: gatekeeper runs-on: ubuntu-22.04 permissions: actions: read diff --git a/.github/workflows/govulncheck.yaml b/.github/workflows/govulncheck.yaml index 9281b55de5..a34d91851f 100644 --- a/.github/workflows/govulncheck.yaml +++ b/.github/workflows/govulncheck.yaml @@ -7,6 +7,7 @@ permissions: {} jobs: govulncheck: + name: govulncheck runs-on: ubuntu-22.04 strategy: matrix: diff --git a/.github/workflows/kata-runtime-classes-sync.yaml b/.github/workflows/kata-runtime-classes-sync.yaml index 7a0db7af63..538593dff1 100644 --- a/.github/workflows/kata-runtime-classes-sync.yaml +++ b/.github/workflows/kata-runtime-classes-sync.yaml @@ -1,3 +1,5 @@ +name: kata-runtime-classes-sync + on: pull_request: types: @@ -14,6 +16,7 @@ concurrency: jobs: kata-deploy-runtime-classes-check: + name: kata-deploy-runtime-classes-check runs-on: ubuntu-22.04 steps: - name: Checkout code diff --git a/.github/workflows/payload-after-push.yaml b/.github/workflows/payload-after-push.yaml index 83f786412d..0d3371a5c5 100644 --- a/.github/workflows/payload-after-push.yaml +++ b/.github/workflows/payload-after-push.yaml @@ -135,6 +135,7 @@ jobs: QUAY_DEPLOYER_PASSWORD: ${{ secrets.QUAY_DEPLOYER_PASSWORD }} publish-manifest: + name: publish-manifest runs-on: ubuntu-22.04 permissions: contents: read diff --git a/.github/workflows/publish-kata-deploy-payload.yaml b/.github/workflows/publish-kata-deploy-payload.yaml index 91370e7457..496bca8a6b 100644 --- a/.github/workflows/publish-kata-deploy-payload.yaml +++ b/.github/workflows/publish-kata-deploy-payload.yaml @@ -38,6 +38,7 @@ permissions: {} jobs: kata-payload: + name: kata-payload permissions: contents: read packages: write diff --git a/.github/workflows/release-amd64.yaml b/.github/workflows/release-amd64.yaml index 8e0033b6b4..58a693bede 100644 --- a/.github/workflows/release-amd64.yaml +++ b/.github/workflows/release-amd64.yaml @@ -26,6 +26,7 @@ jobs: attestations: write kata-deploy: + name: kata-deploy needs: build-kata-static-tarball-amd64 permissions: contents: read diff --git a/.github/workflows/release-arm64.yaml b/.github/workflows/release-arm64.yaml index ce10df280a..96a8e325d5 100644 --- a/.github/workflows/release-arm64.yaml +++ b/.github/workflows/release-arm64.yaml @@ -26,6 +26,7 @@ jobs: attestations: write kata-deploy: + name: kata-deploy needs: build-kata-static-tarball-arm64 permissions: contents: read diff --git a/.github/workflows/release-ppc64le.yaml b/.github/workflows/release-ppc64le.yaml index 08169f4e13..b51272485b 100644 --- a/.github/workflows/release-ppc64le.yaml +++ b/.github/workflows/release-ppc64le.yaml @@ -26,6 +26,7 @@ jobs: attestations: write kata-deploy: + name: kata-deploy needs: build-kata-static-tarball-ppc64le permissions: contents: read diff --git a/.github/workflows/release-s390x.yaml b/.github/workflows/release-s390x.yaml index 0715dbcb64..bdca73cc0e 100644 --- a/.github/workflows/release-s390x.yaml +++ b/.github/workflows/release-s390x.yaml @@ -30,6 +30,7 @@ jobs: kata-deploy: + name: kata-deploy needs: build-kata-static-tarball-s390x permissions: contents: read diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 2f20fbc31b..5c7df0b6f6 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -6,6 +6,7 @@ permissions: {} jobs: release: + name: release runs-on: ubuntu-22.04 permissions: contents: write # needed for the `gh release create` command @@ -76,6 +77,7 @@ jobs: QUAY_DEPLOYER_PASSWORD: ${{ secrets.QUAY_DEPLOYER_PASSWORD }} publish-multi-arch-images: + name: publish-multi-arch-images runs-on: ubuntu-22.04 needs: [build-and-push-assets-amd64, build-and-push-assets-arm64, build-and-push-assets-s390x, build-and-push-assets-ppc64le] permissions: @@ -113,6 +115,7 @@ jobs: KATA_DEPLOY_REGISTRIES: "quay.io/kata-containers/kata-deploy ghcr.io/kata-containers/kata-deploy" upload-multi-arch-static-tarball: + name: upload-multi-arch-static-tarball needs: [build-and-push-assets-amd64, build-and-push-assets-arm64, build-and-push-assets-s390x, build-and-push-assets-ppc64le] permissions: contents: write # needed for the `gh release` commands @@ -177,6 +180,7 @@ jobs: ARCHITECTURE: ppc64le upload-versions-yaml: + name: upload-versions-yaml needs: release runs-on: ubuntu-22.04 permissions: @@ -194,6 +198,7 @@ jobs: GH_TOKEN: ${{ github.token }} upload-cargo-vendored-tarball: + name: upload-cargo-vendored-tarball needs: release runs-on: ubuntu-22.04 permissions: @@ -211,6 +216,7 @@ jobs: GH_TOKEN: ${{ github.token }} upload-libseccomp-tarball: + name: upload-libseccomp-tarball needs: release runs-on: ubuntu-22.04 permissions: @@ -228,6 +234,7 @@ jobs: GH_TOKEN: ${{ github.token }} upload-helm-chart-tarball: + name: upload-helm-chart-tarball needs: release runs-on: ubuntu-22.04 permissions: @@ -264,6 +271,7 @@ jobs: helm push "kata-deploy-${release_version}.tgz" oci://ghcr.io/kata-containers/kata-deploy-charts publish-release: + name: publish-release needs: [ build-and-push-assets-amd64, build-and-push-assets-arm64, build-and-push-assets-s390x, build-and-push-assets-ppc64le, publish-multi-arch-images, upload-multi-arch-static-tarball, upload-versions-yaml, upload-cargo-vendored-tarball, upload-libseccomp-tarball ] runs-on: ubuntu-22.04 permissions: diff --git a/.github/workflows/run-k8s-tests-on-aks.yaml b/.github/workflows/run-k8s-tests-on-aks.yaml index 2ce00ab3aa..4932dd768b 100644 --- a/.github/workflows/run-k8s-tests-on-aks.yaml +++ b/.github/workflows/run-k8s-tests-on-aks.yaml @@ -38,6 +38,7 @@ permissions: {} jobs: run-k8s-tests: + name: run-k8s-tests strategy: fail-fast: false matrix: diff --git a/.github/workflows/run-k8s-tests-on-amd64.yaml b/.github/workflows/run-k8s-tests-on-amd64.yaml index 6f4b981f9b..172a4a6b24 100644 --- a/.github/workflows/run-k8s-tests-on-amd64.yaml +++ b/.github/workflows/run-k8s-tests-on-amd64.yaml @@ -26,6 +26,7 @@ permissions: {} jobs: run-k8s-tests-amd64: + name: run-k8s-tests-amd64 strategy: fail-fast: false matrix: diff --git a/.github/workflows/run-k8s-tests-on-arm64.yaml b/.github/workflows/run-k8s-tests-on-arm64.yaml index 22e4df9f8d..58715c7458 100644 --- a/.github/workflows/run-k8s-tests-on-arm64.yaml +++ b/.github/workflows/run-k8s-tests-on-arm64.yaml @@ -26,6 +26,7 @@ permissions: {} jobs: run-k8s-tests-on-arm64: + name: run-k8s-tests-on-arm64 strategy: fail-fast: false matrix: diff --git a/.github/workflows/run-k8s-tests-on-ppc64le.yaml b/.github/workflows/run-k8s-tests-on-ppc64le.yaml index d8532e9099..e3f146f73c 100644 --- a/.github/workflows/run-k8s-tests-on-ppc64le.yaml +++ b/.github/workflows/run-k8s-tests-on-ppc64le.yaml @@ -26,6 +26,7 @@ permissions: {} jobs: run-k8s-tests: + name: run-k8s-tests strategy: fail-fast: false matrix: diff --git a/.github/workflows/run-k8s-tests-on-zvsi.yaml b/.github/workflows/run-k8s-tests-on-zvsi.yaml index 65b1d3821a..19fdb7ef06 100644 --- a/.github/workflows/run-k8s-tests-on-zvsi.yaml +++ b/.github/workflows/run-k8s-tests-on-zvsi.yaml @@ -29,6 +29,7 @@ permissions: {} jobs: run-k8s-tests: + name: run-k8s-tests strategy: fail-fast: false matrix: diff --git a/.github/workflows/run-kata-coco-stability-tests.yaml b/.github/workflows/run-kata-coco-stability-tests.yaml index 10dc150ff9..8c292ceb7c 100644 --- a/.github/workflows/run-kata-coco-stability-tests.yaml +++ b/.github/workflows/run-kata-coco-stability-tests.yaml @@ -40,6 +40,7 @@ permissions: {} jobs: # Generate jobs for testing CoCo on non-TEE environments run-stability-k8s-tests-coco-nontee: + name: run-stability-k8s-tests-coco-nontee strategy: fail-fast: false matrix: diff --git a/.github/workflows/run-kata-coco-tests.yaml b/.github/workflows/run-kata-coco-tests.yaml index 5f6224c7f9..cbef808ec6 100644 --- a/.github/workflows/run-kata-coco-tests.yaml +++ b/.github/workflows/run-kata-coco-tests.yaml @@ -40,6 +40,7 @@ permissions: {} jobs: run-k8s-tests-on-tdx: + name: run-k8s-tests-on-tdx strategy: fail-fast: false matrix: @@ -125,6 +126,7 @@ jobs: run: bash tests/integration/kubernetes/gha-run.sh delete-csi-driver run-k8s-tests-sev-snp: + name: run-k8s-tests-sev-snp strategy: fail-fast: false matrix: @@ -211,6 +213,7 @@ jobs: # Generate jobs for testing CoCo on non-TEE environments run-k8s-tests-coco-nontee: + name: run-k8s-tests-coco-nontee strategy: fail-fast: false matrix: diff --git a/.github/workflows/run-kata-deploy-tests-on-aks.yaml b/.github/workflows/run-kata-deploy-tests-on-aks.yaml index 1e853a67b2..5b9bb63483 100644 --- a/.github/workflows/run-kata-deploy-tests-on-aks.yaml +++ b/.github/workflows/run-kata-deploy-tests-on-aks.yaml @@ -33,6 +33,7 @@ permissions: {} jobs: run-kata-deploy-tests: + name: run-kata-deploy-tests strategy: fail-fast: false matrix: diff --git a/.github/workflows/run-kata-deploy-tests.yaml b/.github/workflows/run-kata-deploy-tests.yaml index e793cbb422..fa879a7369 100644 --- a/.github/workflows/run-kata-deploy-tests.yaml +++ b/.github/workflows/run-kata-deploy-tests.yaml @@ -26,6 +26,7 @@ permissions: {} jobs: run-kata-deploy-tests: + name: run-kata-deploy-tests strategy: fail-fast: false matrix: diff --git a/.github/workflows/run-kata-monitor-tests.yaml b/.github/workflows/run-kata-monitor-tests.yaml index ad91f0a0e8..3d04f038e6 100644 --- a/.github/workflows/run-kata-monitor-tests.yaml +++ b/.github/workflows/run-kata-monitor-tests.yaml @@ -17,6 +17,7 @@ permissions: {} jobs: run-monitor: + name: run-monitor strategy: fail-fast: false matrix: diff --git a/.github/workflows/run-metrics.yaml b/.github/workflows/run-metrics.yaml index 5c6d3d2274..e19234a811 100644 --- a/.github/workflows/run-metrics.yaml +++ b/.github/workflows/run-metrics.yaml @@ -26,6 +26,7 @@ permissions: {} jobs: run-metrics: + name: run-metrics strategy: # We can set this to true whenever we're 100% sure that # the all the tests are not flaky, otherwise we'll fail diff --git a/.github/workflows/run-runk-tests.yaml b/.github/workflows/run-runk-tests.yaml index 9efaf975af..2f1e1ee501 100644 --- a/.github/workflows/run-runk-tests.yaml +++ b/.github/workflows/run-runk-tests.yaml @@ -17,6 +17,7 @@ permissions: {} jobs: run-runk: + name: run-runk # Skip runk tests as we have no maintainers. TODO: Decide when to remove altogether if: false runs-on: ubuntu-22.04 diff --git a/.github/workflows/shellcheck.yaml b/.github/workflows/shellcheck.yaml index 069e0b5e07..629f279ad3 100644 --- a/.github/workflows/shellcheck.yaml +++ b/.github/workflows/shellcheck.yaml @@ -18,6 +18,7 @@ concurrency: jobs: shellcheck: + name: shellcheck runs-on: ubuntu-24.04 steps: - name: Checkout the code diff --git a/.github/workflows/shellcheck_required.yaml b/.github/workflows/shellcheck_required.yaml index a6308fc19f..e273f84d96 100644 --- a/.github/workflows/shellcheck_required.yaml +++ b/.github/workflows/shellcheck_required.yaml @@ -19,6 +19,7 @@ concurrency: jobs: shellcheck-required: + name: shellcheck-required runs-on: ubuntu-24.04 steps: - name: Checkout the code diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml index 627920789e..8e52bcf352 100644 --- a/.github/workflows/stale.yaml +++ b/.github/workflows/stale.yaml @@ -8,6 +8,7 @@ permissions: {} jobs: stale: + name: stale runs-on: ubuntu-22.04 steps: - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0 diff --git a/.github/workflows/static-checks.yaml b/.github/workflows/static-checks.yaml index 4faf799722..32e816fdde 100644 --- a/.github/workflows/static-checks.yaml +++ b/.github/workflows/static-checks.yaml @@ -22,6 +22,7 @@ jobs: target-branch: ${{ github.event.pull_request.base.ref }} check-kernel-config-version: + name: check-kernel-config-version needs: skipper if: ${{ needs.skipper.outputs.skip_static != 'yes' }} runs-on: ubuntu-22.04 @@ -54,6 +55,7 @@ jobs: instance: ubuntu-22.04 build-checks-depending-on-kvm: + name: build-checks-depending-on-kvm runs-on: ubuntu-22.04 needs: skipper if: ${{ needs.skipper.outputs.skip_static != 'yes' }} @@ -95,6 +97,7 @@ jobs: RUST_LIB_BACKTRACE: "0" static-checks: + name: static-checks runs-on: ubuntu-22.04 needs: skipper if: ${{ needs.skipper.outputs.skip_static != 'yes' }} diff --git a/.github/workflows/zizmor.yaml b/.github/workflows/zizmor.yaml index d396fa752f..bc1d508682 100644 --- a/.github/workflows/zizmor.yaml +++ b/.github/workflows/zizmor.yaml @@ -11,6 +11,7 @@ concurrency: jobs: zizmor: + name: zizmor runs-on: ubuntu-22.04 steps: - name: Checkout repository diff --git a/src/runtime/pkg/govmm/.github/workflows/main.yml b/src/runtime/pkg/govmm/.github/workflows/main.yml index 4cde2b00df..40bce86c7b 100644 --- a/src/runtime/pkg/govmm/.github/workflows/main.yml +++ b/src/runtime/pkg/govmm/.github/workflows/main.yml @@ -6,6 +6,7 @@ permissions: jobs: test: + name: test strategy: matrix: go-version: [1.15.x, 1.16.x]