diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b7d8bb7..821739b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,9 +6,13 @@ on: pull_request: workflow_dispatch: +permissions: + contents: read + jobs: test: runs-on: ubuntu-latest + timeout-minutes: 20 steps: - name: Checkout uses: actions/checkout@v6 diff --git a/.github/workflows/dependabot_auto_merge.yml b/.github/workflows/dependabot_auto_merge.yml index bf7a789..9d605e8 100644 --- a/.github/workflows/dependabot_auto_merge.yml +++ b/.github/workflows/dependabot_auto_merge.yml @@ -9,6 +9,7 @@ jobs: auto-merge: if: github.event.workflow_run.conclusion == 'success' && startsWith(github.event.workflow_run.head_branch, 'dependabot/') runs-on: ubuntu-latest + timeout-minutes: 10 permissions: contents: write pull-requests: write diff --git a/.github/workflows/install-dispatch-guard.yml b/.github/workflows/install-dispatch-guard.yml index a834254..d1391f3 100644 --- a/.github/workflows/install-dispatch-guard.yml +++ b/.github/workflows/install-dispatch-guard.yml @@ -6,6 +6,10 @@ on: permissions: contents: read +concurrency: + group: ${{ github.workflow }}-${{ github.ref_name }} + cancel-in-progress: false + jobs: install: runs-on: self-hosted diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 42318c6..5c59539 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -14,9 +14,14 @@ env: GCP_WORKLOAD_IDENTITY_PROVIDER: projects/677468735457/locations/global/workloadIdentityPools/github-actions/providers/github-main GCP_WORKLOAD_IDENTITY_SERVICE_ACCOUNT: binance-platform-runtime@binancequant.iam.gserviceaccount.com +concurrency: + group: ${{ github.workflow }}-${{ github.ref_name }} + cancel-in-progress: false + jobs: deploy: runs-on: self-hosted + timeout-minutes: 60 permissions: contents: write id-token: write diff --git a/.github/workflows/runner-scheduler-diagnostics.yml b/.github/workflows/runner-scheduler-diagnostics.yml index 7d9b19a..0a79258 100644 --- a/.github/workflows/runner-scheduler-diagnostics.yml +++ b/.github/workflows/runner-scheduler-diagnostics.yml @@ -6,6 +6,10 @@ on: permissions: contents: read +concurrency: + group: ${{ github.workflow }}-${{ github.ref_name }} + cancel-in-progress: false + jobs: inspect: runs-on: self-hosted diff --git a/.github/workflows/runtime-heartbeat.yml b/.github/workflows/runtime-heartbeat.yml index c3d21b4..d415a50 100644 --- a/.github/workflows/runtime-heartbeat.yml +++ b/.github/workflows/runtime-heartbeat.yml @@ -19,10 +19,15 @@ on: schedule: - cron: "35 * * * *" +concurrency: + group: ${{ github.workflow }}-${{ github.ref_name }} + cancel-in-progress: false + jobs: heartbeat: name: Check Runtime workflow heartbeat runs-on: ubuntu-latest + timeout-minutes: 15 permissions: actions: read contents: read diff --git a/tests/test_main_runtime_error_notification.py b/tests/test_main_runtime_error_notification.py index be03817..abb3b9b 100644 --- a/tests/test_main_runtime_error_notification.py +++ b/tests/test_main_runtime_error_notification.py @@ -98,6 +98,23 @@ class BinanceAPIException(Exception): class MainRuntimeErrorNotificationTests(unittest.TestCase): + def test_main_wires_cli_entrypoint_with_runtime_builder_and_cycle_runner(self): + observed = {} + + def fake_run_cli_entrypoint(**kwargs): + observed.update(kwargs) + return {"ok": True} + + with patch.object(main, "run_cli_entrypoint", fake_run_cli_entrypoint): + result = main.main() + + self.assertEqual(result, {"ok": True}) + self.assertIs(observed["runtime_builder"], main.build_live_runtime) + self.assertIs(observed["execute_cycle"], main.execute_cycle) + self.assertIs(observed["output_printer"], print) + self.assertIs(observed["exit_fn"], sys.exit) + self.assertFalse(hasattr(main, "app")) + def test_main_notifies_telegram_when_cli_entrypoint_fails_before_cycle(self): observed = {"messages": []}