chore: ci updates for beta1

sgammon · sgammon · commit 4d752dd146fe · 2025-03-16T06:07:05.000-07:00
Signed-off-by: Sam Gammon &lt;sam@elide.dev&gt;
diff --git a/.github/workflows/job.deploy-model.yml b/.github/workflows/job.deploy-model.yml
@@ -58,4 +58,4 @@ jobs:
         uses: bufbuild/buf-push-action@a654ff18effe4641ebea4a4ce242c49800728459 # v1.2.0
         with:
           buf_token: ${{ secrets.BUF_TOKEN }}
-          input: proto
+          input: packages/proto
diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml
@@ -122,27 +122,6 @@ jobs:
   ##
   ## Job: Multi-platform Build
   ##
-#  pr-build:
-#    name: "Build"
-#    uses: ./.github/workflows/job.build.yml
-#    secrets: inherit
-#    needs: [triage]
-#    if: fromJson(needs.triage.outputs.model) || fromJson(needs.triage.outputs.packages) || fromJson(needs.triage.outputs.tools)
-#    permissions:
-#      contents: "write"
-#      actions: "read"
-#      id-token: "write"
-#      checks: "write"
-#      pull-requests: "write"
-#      packages: "read"
-#      security-events: "write"
-#    with:
-#      provenance: false
-#      native: ${{ contains(github.event.pull_request.labels.*.name, 'ci:build-native') || contains(github.event.head_commit.message, 'ci:build-native') }}
-
-  ##
-  ## Job: Multi-platform Build
-  ##
   pr-test:
     name: "Build"
     uses: ./.github/workflows/job.test.yml
diff --git a/.github/workflows/on.push.yml b/.github/workflows/on.push.yml
@@ -19,6 +19,7 @@ name: CI
     branches:
       - stable
       - main
+      - release/*
 
 permissions:
   contents: read
@@ -79,6 +80,7 @@ jobs:
   check-scorecard:
     name: "Checks"
     uses: ./.github/workflows/checks.scorecards.yml
+    if: github.ref == 'refs/heads/main'
     permissions:
       attestations: "read"
       actions: "read"
@@ -103,30 +105,3 @@ jobs:
     uses: ./.github/workflows/checks.gradle-wrapper.yml
     permissions:
       contents: "read"
-
-  ##
-  ## Job: Checks with Sonar
-  ##
-  check-sonar:
-    name: "Checks"
-    uses: ./.github/workflows/checks.sonar.yml
-    needs: [build]
-    secrets:
-      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-      BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }}
-    permissions:
-      contents: "read"
-
-  ##
-  ## Job: Checks with CodeQL
-  ##
-  check-codeql:
-    name: "Checks"
-    uses: ./.github/workflows/checks.codeql.yml
-    needs: [build]
-    secrets:
-      BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }}
-    permissions:
-      actions: "read"
-      contents: "read"
-      security-events: "write"
