fix(api): serialize global_config updates to prevent lost writes #702
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: frontend-build-sentinel | |
| # Fast-fail guard against frontend builds that break on the protected | |
| # branch but slipped past pre-commit + PR CI. Catches: | |
| # - Rebases (pre-commit hooks don't run on rebase). | |
| # - Merge commits authored via the GitHub UI (no pre-commit there). | |
| # - Push races where two commits interleave on the protected branch | |
| # in an unintended order. | |
| # | |
| # Designed to fire within ~1 minute of landing so the team gets paged | |
| # before the per-cloud deploys (which run the same build inside their | |
| # Docker frontend-builder stage) hit the failure 30+ minutes later. | |
| # | |
| # See #177 for the post-mortem of the PR #160 / PR #172 incident that | |
| # motivated this. | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - "feat/**" | |
| permissions: | |
| contents: read | |
| concurrency: | |
| # Successive pushes to the same ref only need the latest tip built. | |
| group: frontend-build-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| name: Build frontend | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| defaults: | |
| run: | |
| working-directory: frontend | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 | |
| - name: Set up Node.js | |
| uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 | |
| with: | |
| node-version: "24" | |
| cache: "npm" | |
| cache-dependency-path: frontend/package-lock.json | |
| - name: Install dependencies | |
| run: npm ci | |
| - name: TypeScript typecheck | |
| run: npx tsc --noEmit | |
| - name: Build | |
| run: npm run build | |
| - name: Run frontend tests | |
| run: npx jest --no-coverage --silent |