From 68f3d88706c61f29dd557fb2274a4a2564f71a09 Mon Sep 17 00:00:00 2001 From: Chris Arderne Date: Tue, 7 Jul 2026 10:40:45 +0100 Subject: [PATCH] chore: switch runners to warpbuild --- .github/actionlint.yaml | 5 +++++ .github/workflows/changesets-pr.yml | 2 +- .github/workflows/check-review-md.yml | 2 +- .github/workflows/claude-md-audit.yml | 2 +- .github/workflows/claude.yml | 2 +- .github/workflows/code-quality.yml | 2 +- .github/workflows/dependabot-critical-alerts.yml | 2 +- .github/workflows/dependabot-weekly-summary.yml | 2 +- .github/workflows/docs.yml | 2 +- .github/workflows/e2e-webapp-auth-full.yml | 2 +- .github/workflows/e2e-webapp.yml | 2 +- .github/workflows/e2e.yml | 2 +- .github/workflows/helm-prerelease.yml | 4 ++-- .github/workflows/pr_checks.yml | 4 ++-- .github/workflows/preview-dispatch.yml | 2 +- .github/workflows/preview-packages.yml | 2 +- .github/workflows/publish-docs.yml | 2 +- .github/workflows/publish-webapp.yml | 2 +- .github/workflows/publish-worker-v4.yml | 4 ++-- .github/workflows/publish-worker.yml | 2 +- .github/workflows/publish.yml | 2 +- .github/workflows/release-helm.yml | 4 ++-- .github/workflows/release.yml | 10 +++++----- .github/workflows/sdk-compat.yml | 8 ++++---- .github/workflows/trivy-image-webapp.yml | 2 +- .github/workflows/typecheck.yml | 2 +- .github/workflows/unit-tests-internal.yml | 4 ++-- .github/workflows/unit-tests-packages.yml | 4 ++-- .github/workflows/unit-tests-webapp.yml | 4 ++-- .github/workflows/vouch-check-pr.yml | 4 ++-- .github/workflows/vouch-manage-by-issue.yml | 2 +- .github/workflows/workflow-checks.yml | 4 ++-- 32 files changed, 52 insertions(+), 47 deletions(-) create mode 100644 .github/actionlint.yaml diff --git a/.github/actionlint.yaml b/.github/actionlint.yaml new file mode 100644 index 00000000000..15a5d6ff006 --- /dev/null +++ b/.github/actionlint.yaml @@ -0,0 +1,5 @@ +self-hosted-runner: + labels: + - warp-ubuntu-* + - warp-macos-* + - warp-windows-* diff --git a/.github/workflows/changesets-pr.yml b/.github/workflows/changesets-pr.yml index e6012cb45eb..e329d3a2f92 100644 --- a/.github/workflows/changesets-pr.yml +++ b/.github/workflows/changesets-pr.yml @@ -18,7 +18,7 @@ concurrency: jobs: release-pr: name: Create Release PR - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: contents: write pull-requests: write diff --git a/.github/workflows/check-review-md.yml b/.github/workflows/check-review-md.yml index fa69c55b3fc..06f0d2d82c4 100644 --- a/.github/workflows/check-review-md.yml +++ b/.github/workflows/check-review-md.yml @@ -20,7 +20,7 @@ jobs: vars.ENABLE_CLAUDE_CODE != 'false' && github.event.pull_request.draft == false && github.event.pull_request.head.repo.full_name == github.repository - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: contents: read pull-requests: write diff --git a/.github/workflows/claude-md-audit.yml b/.github/workflows/claude-md-audit.yml index fb5c581b616..aa62444c9df 100644 --- a/.github/workflows/claude-md-audit.yml +++ b/.github/workflows/claude-md-audit.yml @@ -21,7 +21,7 @@ jobs: vars.ENABLE_CLAUDE_CODE != 'false' && github.event.pull_request.draft == false && github.event.pull_request.head.repo.full_name == github.repository - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: contents: read pull-requests: write diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index 6dbacf2120c..49d5585e7c9 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -22,7 +22,7 @@ jobs: (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) || (github.event_name == 'issues' && (contains(github.event.issue.body, '@claude') || contains(github.event.issue.title, '@claude'))) ) - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: contents: write pull-requests: write diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index e1491f01edb..894eba6e32b 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -8,7 +8,7 @@ permissions: jobs: code-quality: - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x steps: - name: ⬇️ Checkout repo diff --git a/.github/workflows/dependabot-critical-alerts.yml b/.github/workflows/dependabot-critical-alerts.yml index 9a61387324d..62d68c30023 100644 --- a/.github/workflows/dependabot-critical-alerts.yml +++ b/.github/workflows/dependabot-critical-alerts.yml @@ -29,7 +29,7 @@ jobs: # the Dependabot alert/summary notifiers — e.g. forks/mirrors that lack the # DEPENDABOT_ALERTS_TOKEN / SLACK_BOT_TOKEN secrets. Defaults to enabled. if: ${{ vars.ENABLE_DEPENDABOT_ALERTS != 'false' }} - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x environment: dependabot-summary env: SEVERITY: ${{ inputs.severity || 'critical' }} diff --git a/.github/workflows/dependabot-weekly-summary.yml b/.github/workflows/dependabot-weekly-summary.yml index d7b489d55da..fc9eaebcb94 100644 --- a/.github/workflows/dependabot-weekly-summary.yml +++ b/.github/workflows/dependabot-weekly-summary.yml @@ -23,7 +23,7 @@ jobs: # the Dependabot alert/summary notifiers — e.g. forks/mirrors that lack the # DEPENDABOT_ALERTS_TOKEN / SLACK_BOT_TOKEN secrets. Defaults to enabled. if: ${{ vars.ENABLE_DEPENDABOT_ALERTS != 'false' }} - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x environment: dependabot-summary env: # Severities surface in the actions list when their remaining TTR drops diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 9e7309d5f98..460a21c2021 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -20,7 +20,7 @@ permissions: jobs: check-broken-links: - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x defaults: run: working-directory: ./docs diff --git a/.github/workflows/e2e-webapp-auth-full.yml b/.github/workflows/e2e-webapp-auth-full.yml index 01ffc476331..2e47851ab62 100644 --- a/.github/workflows/e2e-webapp-auth-full.yml +++ b/.github/workflows/e2e-webapp-auth-full.yml @@ -37,7 +37,7 @@ on: jobs: e2eAuthFull: name: "🛡️ E2E Auth Tests (full)" - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-8x timeout-minutes: 30 env: DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} diff --git a/.github/workflows/e2e-webapp.yml b/.github/workflows/e2e-webapp.yml index fd5fac3e153..4a995a08ed9 100644 --- a/.github/workflows/e2e-webapp.yml +++ b/.github/workflows/e2e-webapp.yml @@ -14,7 +14,7 @@ on: jobs: e2eTests: name: "🧪 E2E Tests: Webapp" - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-8x timeout-minutes: 20 env: DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 8115860f769..f2ae36243e2 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -20,7 +20,7 @@ jobs: strategy: fail-fast: false matrix: - os: [ubuntu-latest, windows-latest] + os: [warp-ubuntu-latest-x64-4x, warp-windows-latest-x64-4x] package-manager: ["npm", "pnpm"] steps: - name: ⬇️ Checkout repo diff --git a/.github/workflows/helm-prerelease.yml b/.github/workflows/helm-prerelease.yml index adef03ff588..37b909e415e 100644 --- a/.github/workflows/helm-prerelease.yml +++ b/.github/workflows/helm-prerelease.yml @@ -28,7 +28,7 @@ env: jobs: lint-and-test: - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: contents: read steps: @@ -77,7 +77,7 @@ jobs: ((github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository) || github.event_name == 'push' || github.event_name == 'workflow_dispatch') - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: contents: read packages: write diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index 4dce7311e9d..2629ff8243c 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -15,7 +15,7 @@ permissions: jobs: changes: name: Detect changes - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x outputs: code: ${{ steps.code_filter.outputs.code }} typecheck_self: ${{ steps.filter.outputs.typecheck_self }} @@ -168,7 +168,7 @@ jobs: - e2e - sdk-compat if: always() - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x steps: - name: Verify all checks run: | diff --git a/.github/workflows/preview-dispatch.yml b/.github/workflows/preview-dispatch.yml index 3f26c66cf33..ac0decfafa8 100644 --- a/.github/workflows/preview-dispatch.yml +++ b/.github/workflows/preview-dispatch.yml @@ -20,7 +20,7 @@ permissions: {} jobs: dispatch: name: Dispatch preview-deploy to cloud - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x # label added -> create # new commit while labeled -> update # label removed / PR closed -> destroy diff --git a/.github/workflows/preview-packages.yml b/.github/workflows/preview-packages.yml index 1003b2113b0..15d8b153859 100644 --- a/.github/workflows/preview-packages.yml +++ b/.github/workflows/preview-packages.yml @@ -42,7 +42,7 @@ permissions: jobs: publish: name: Build and publish previews - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-8x if: github.repository == 'triggerdotdev/trigger.dev' steps: - name: ⬇️ Checkout repo diff --git a/.github/workflows/publish-docs.yml b/.github/workflows/publish-docs.yml index 8a457c77dc4..f664a9a2fd4 100644 --- a/.github/workflows/publish-docs.yml +++ b/.github/workflows/publish-docs.yml @@ -15,7 +15,7 @@ concurrency: jobs: publish: - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x steps: - name: 📥 Checkout tagged commit uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 diff --git a/.github/workflows/publish-webapp.yml b/.github/workflows/publish-webapp.yml index 8d6dfe63a33..497cdfb8ed6 100644 --- a/.github/workflows/publish-webapp.yml +++ b/.github/workflows/publish-webapp.yml @@ -38,7 +38,7 @@ on: jobs: publish: - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x env: PRISMA_ENGINES_CHECKSUM_IGNORE_MISSING: 1 outputs: diff --git a/.github/workflows/publish-worker-v4.yml b/.github/workflows/publish-worker-v4.yml index 1686c3d454e..ab10e716638 100644 --- a/.github/workflows/publish-worker-v4.yml +++ b/.github/workflows/publish-worker-v4.yml @@ -25,7 +25,7 @@ permissions: jobs: # check-branch: - # runs-on: ubuntu-latest + # runs-on: warp-ubuntu-latest-x64-2x # steps: # - name: Fail if re2-prod-* is pushed from a non-main branch # if: startsWith(github.ref_name, 're2-prod-') && github.base_ref != 'main' @@ -37,7 +37,7 @@ jobs: strategy: matrix: package: [supervisor] - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x env: DOCKER_BUILDKIT: "1" steps: diff --git a/.github/workflows/publish-worker.yml b/.github/workflows/publish-worker.yml index 89acac7ec11..e43334b58f6 100644 --- a/.github/workflows/publish-worker.yml +++ b/.github/workflows/publish-worker.yml @@ -33,7 +33,7 @@ jobs: strategy: matrix: package: [coordinator, docker-provider, kubernetes-provider] - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-8x env: DOCKER_BUILDKIT: "1" DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 2f2744c7702..ca5e98399a9 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -128,7 +128,7 @@ jobs: name: 📣 Dispatch main image needs: [publish-webapp] if: github.repository == (vars.MAIN_IMAGE_DISPATCH_REPO || 'triggerdotdev/trigger.dev') && github.event_name == 'push' && startsWith(github.ref_name, vars.MAIN_IMAGE_DISPATCH_REF_PREFIX || 'main') - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: {} steps: - name: Build dispatch payload diff --git a/.github/workflows/release-helm.yml b/.github/workflows/release-helm.yml index bddd69cfc56..a5afd8b1b24 100644 --- a/.github/workflows/release-helm.yml +++ b/.github/workflows/release-helm.yml @@ -23,7 +23,7 @@ env: jobs: lint-and-test: - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: contents: read steps: @@ -68,7 +68,7 @@ jobs: # on the owner's charts namespace. Defaults to enabled; the lint-and-test # job above always runs regardless. if: ${{ vars.ENABLE_HELM_PRERELEASE != 'false' }} - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: contents: write # for gh-release packages: write diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6553f9da266..643f2678e5a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,7 +32,7 @@ concurrency: jobs: show-release-summary: name: 📋 Release Summary - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: {} if: | github.repository == 'triggerdotdev/trigger.dev' && @@ -48,7 +48,7 @@ jobs: release: name: 🚀 Release npm packages - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-8x environment: npm-publish permissions: contents: write @@ -211,7 +211,7 @@ jobs: name: 🔗 Update release Docker link needs: [release, publish-docker] if: needs.release.outputs.published == 'true' - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: contents: write packages: read @@ -253,7 +253,7 @@ jobs: name: 📝 Dispatch changelog PR needs: [release, update-release] if: needs.release.outputs.published == 'true' && needs.release.outputs.is_prerelease != 'true' - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: {} steps: - uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4.0.1 @@ -266,7 +266,7 @@ jobs: # The prerelease job needs to be on the same workflow file due to a limitation related to how npm verifies OIDC claims. prerelease: name: 🧪 Prerelease - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-8x environment: npm-publish permissions: contents: read diff --git a/.github/workflows/sdk-compat.yml b/.github/workflows/sdk-compat.yml index 386c18be66d..7d89046c802 100644 --- a/.github/workflows/sdk-compat.yml +++ b/.github/workflows/sdk-compat.yml @@ -13,7 +13,7 @@ jobs: strategy: fail-fast: false matrix: - os: [ubuntu-latest] + os: [warp-ubuntu-latest-x64-4x] node: ["20.20", "22.23", "24.18", "26.4"] steps: @@ -54,7 +54,7 @@ jobs: bun-compat: name: "Bun Runtime" - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-4x steps: - name: ⬇️ Checkout repo uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 @@ -96,7 +96,7 @@ jobs: deno-compat: name: "Deno Runtime" - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-4x steps: - name: ⬇️ Checkout repo uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 @@ -142,7 +142,7 @@ jobs: cloudflare-compat: name: "Cloudflare Workers" - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-4x steps: - name: ⬇️ Checkout repo uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 diff --git a/.github/workflows/trivy-image-webapp.yml b/.github/workflows/trivy-image-webapp.yml index 7dae65ef2bf..2307b5a6b4f 100644 --- a/.github/workflows/trivy-image-webapp.yml +++ b/.github/workflows/trivy-image-webapp.yml @@ -33,7 +33,7 @@ concurrency: jobs: scan: name: Scan - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: contents: read packages: read # pull the image from GHCR diff --git a/.github/workflows/typecheck.yml b/.github/workflows/typecheck.yml index bcadbfe408b..05d3a1496e5 100644 --- a/.github/workflows/typecheck.yml +++ b/.github/workflows/typecheck.yml @@ -8,7 +8,7 @@ permissions: jobs: typecheck: - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-8x steps: - name: ⬇️ Checkout repo diff --git a/.github/workflows/unit-tests-internal.yml b/.github/workflows/unit-tests-internal.yml index 27dcaa738e1..6869fe8a5f5 100644 --- a/.github/workflows/unit-tests-internal.yml +++ b/.github/workflows/unit-tests-internal.yml @@ -14,7 +14,7 @@ on: jobs: unitTests: name: "🧪 Unit Tests: Internal" - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-8x strategy: # one flaky shard shouldn't cancel its siblings - lets us re-run only the failed shard fail-fast: false @@ -131,7 +131,7 @@ jobs: name: "📊 Merge Reports" if: ${{ !cancelled() }} needs: [unitTests] - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x steps: - name: ⬇️ Checkout repo uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 diff --git a/.github/workflows/unit-tests-packages.yml b/.github/workflows/unit-tests-packages.yml index 4f58997eb59..5802bba7734 100644 --- a/.github/workflows/unit-tests-packages.yml +++ b/.github/workflows/unit-tests-packages.yml @@ -14,7 +14,7 @@ on: jobs: unitTests: name: "🧪 Unit Tests: Packages" - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-4x strategy: # one flaky shard shouldn't cancel its siblings - lets us re-run only the failed shard fail-fast: false @@ -130,7 +130,7 @@ jobs: name: "📊 Merge Reports" if: ${{ !cancelled() }} needs: [unitTests] - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x steps: - name: ⬇️ Checkout repo uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 diff --git a/.github/workflows/unit-tests-webapp.yml b/.github/workflows/unit-tests-webapp.yml index b4f06442190..eb1cd424c4b 100644 --- a/.github/workflows/unit-tests-webapp.yml +++ b/.github/workflows/unit-tests-webapp.yml @@ -14,7 +14,7 @@ on: jobs: unitTests: name: "🧪 Unit Tests: Webapp" - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-8x strategy: # one flaky shard shouldn't cancel its siblings - lets us re-run only the failed shard fail-fast: false @@ -139,7 +139,7 @@ jobs: name: "📊 Merge Reports" if: ${{ !cancelled() }} needs: [unitTests] - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x steps: - name: ⬇️ Checkout repo uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 diff --git a/.github/workflows/vouch-check-pr.yml b/.github/workflows/vouch-check-pr.yml index d854b1e0ce6..fab876451b6 100644 --- a/.github/workflows/vouch-check-pr.yml +++ b/.github/workflows/vouch-check-pr.yml @@ -8,7 +8,7 @@ permissions: {} jobs: check-vouch: - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: contents: read pull-requests: write # auto-close unvouched PRs @@ -34,7 +34,7 @@ jobs: github.event.pull_request.user.login != 'devin-ai-integration[bot]' && github.event.pull_request.user.login != 'dependabot[bot]' && github.event.pull_request.user.login != 'github-actions[bot]' - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x steps: - name: Close non-draft PR env: diff --git a/.github/workflows/vouch-manage-by-issue.yml b/.github/workflows/vouch-manage-by-issue.yml index 51bce367b3e..29d9584cabd 100644 --- a/.github/workflows/vouch-manage-by-issue.yml +++ b/.github/workflows/vouch-manage-by-issue.yml @@ -10,7 +10,7 @@ permissions: jobs: manage: - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x if: >- contains(github.event.comment.body, 'vouch') || contains(github.event.comment.body, 'denounce') || diff --git a/.github/workflows/workflow-checks.yml b/.github/workflows/workflow-checks.yml index cce1381c673..40843deb2ea 100644 --- a/.github/workflows/workflow-checks.yml +++ b/.github/workflows/workflow-checks.yml @@ -24,7 +24,7 @@ concurrency: jobs: actionlint: name: Actionlint - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: contents: read steps: @@ -43,7 +43,7 @@ jobs: # variable to 'false' to skip this job where code scanning isn't available; # leave it unset (the default) to run the scan. if: ${{ vars.ENABLE_WORKFLOW_SECURITY_SCAN != 'false' }} - runs-on: ubuntu-latest + runs-on: warp-ubuntu-latest-x64-2x permissions: security-events: write # Upload SARIF to GitHub Security tab contents: read # Read workflow files for analysis