Flagsmith · khvn26 · May 1, 2025 · May 1, 2025 · May 1, 2025 · May 1, 2025
@@ -17,7 +17,7 @@ on:
 jobs:
   docker-build-saas-api:
     environment: ${{ inputs.environment }}
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     outputs:
       image-url: ${{ steps.login-ecr.outputs.registry }}/${{ inputs.saas-image-name }}:${{ steps.meta.outputs.version }}
 
@@ -70,7 +70,7 @@ jobs:
   deploy:
     needs: docker-build-saas-api
     environment: ${{ inputs.environment }}
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     steps:
       - name: Cloning repo
         uses: actions/checkout@v4
@@ -104,7 +104,7 @@ jobs:
 
   run-tests:
     needs: deploy
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     name: Run E2E Tests
     environment: ${{ inputs.environment }}
     concurrency:

@@ -71,7 +71,7 @@ on:
 jobs:
   build:
     name: Build ${{ inputs.scan && 'and verify ' || '' }}${{ inputs.image-name }} image
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     outputs:
       image: ${{ steps.image-tag.outputs.image-tag }}
 

@@ -24,9 +24,9 @@ on:
         default: 3
       runs-on:
         type: string
-        description: The runner label to use. Defaults to `ubuntu-latest`
+        description: The runner label to use. Defaults to `depot-ubuntu-latest`
         required: false
-        default: ubuntu-latest
+        default: depot-ubuntu-latest
     secrets:
       GCR_TOKEN:
         description: A token to use for logging into Github Container Registry. If not provided, login does not occur.

@@ -31,7 +31,7 @@ on:
 jobs:
   publish:
     name: Publish ${{ inputs.source-images }} to ${{ inputs.target-images }}
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
 
     permissions:
       contents: read

@@ -18,7 +18,7 @@ defaults:
 
 jobs:
   deploy:
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     environment: ${{ inputs.gh_environment }}
 
     permissions:

@@ -22,65 +22,65 @@
 
 jobs:
   test:
-    runs-on: General-Purpose-8c-Runner
+    runs-on: depot-ubuntu-latest-16
     name: API Unit Tests
 
     services:
      postgres:
        image: postgres:15.5-alpine
        env:
          POSTGRES_USER: postgres
          POSTGRES_PASSWORD: postgres
          POSTGRES_DB: postgres
        ports: ['5432:5432']
        options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5

    strategy:
      max-parallel: 2
      matrix:
        python-version: ['3.11', '3.12']

    steps:
      - name: Cloning repo
        uses: actions/checkout@v4

      - name: Install poetry
        run: pipx install poetry

      - uses: actions/setup-python@v5
        with:
          python-version: ${{ matrix.python-version }}
          cache: 'poetry'

      - name: Install Dependencies
        if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true'
        run: make install-packages

      - name: Create analytics database
        env:
          PGPASSWORD: postgres
        run: createdb -h localhost -U postgres -p 5432 analytics

      - name: Check for missing migrations
        env:
          opts: --no-input --dry-run --check
        run: make django-make-migrations

      - name: Check for new typing errors
        run: make typecheck

      - name: Check autogenerated documentation
        uses: nickcharlton/diff-check@v1.0.0
        with:
          command: make -C api generate-docs

      - name: Run Tests
        run: make test

      - name: Upload Coverage
        uses: codecov/codecov-action@v4
        env:
          PYTHON: ${{ matrix.python-version }}
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
          env_vars: PYTHON
@@ -13,7 +13,7 @@ defaults:
 jobs:
   test:
     if: ${{ github.event.label.name == 'api' }}
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     name: API Tests
 
     services:

@@ -7,7 +7,7 @@ on:
 jobs:
   conventional-commit:
     name: Conventional Commit
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     steps:
       - name: Check PR Conventional Commit title
         uses: amannn/action-semantic-pull-request@v5

@@ -7,7 +7,7 @@
     - cron: '0 12 * * 2'
 jobs:
   vercel-deploy:
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     steps:
       - name: Run Vercel deploy hook
         run: curl -X POST "${{ secrets.VERCEL_SDK_VERSIONS_DEPLOY_HOOKS_URL }}"
@@ -13,22 +13,22 @@
 
 jobs:
   checks:
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     name: Link Check Docs
 
     steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Use Node.js 20
        uses: actions/setup-node@v4
        with:
          node-version: 20
          cache: 'npm'
          cache-dependency-path: 'docs/package-lock.json'

      - name: npm install
        run: npm ci --include=dev --ignore-scripts

      - name: Run docusaurus build to check for broken links etc
        run: npm run build
@@ -10,25 +10,25 @@
 
 jobs:
   run-tests:
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     name: Run E2E Tests
     environment: production
     concurrency:
      group: e2e-tests-prod
      cancel-in-progress: true

    steps:
      - name: Cloning repo
        uses: actions/checkout@v4

      - name: Run E2E tests against production
        uses: ./.github/actions/e2e-tests
        with:
          e2e_test_token: ${{ secrets.E2E_TEST_TOKEN }}
          slack_token: ${{ secrets.SLACK_TOKEN }}
          environment: prod

  deploy-production:
    name: Deploy to Vercel Production
    needs: run-tests
    uses: ./.github/workflows/.reusable-frontend-deploy.yml

@@ -4,20 +4,20 @@
 
 jobs:
   run-staging-e2e-tests:
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     name: Run E2E Tests
     environment: staging
     concurrency:
      group: e2e-tests-staging
      cancel-in-progress: true

    steps:
      - name: Cloning repo
        uses: actions/checkout@v4

      - name: Run E2E tests against staging
        uses: ./.github/actions/e2e-tests
        with:
          e2e_test_token: ${{ secrets.E2E_TEST_TOKEN }}
          slack_token: ${{ secrets.SLACK_TOKEN }}
          environment: staging
@@ -8,7 +8,7 @@ jobs:
     permissions:
       contents: read
       pull-requests: write
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
 
     steps:
       - name: Run labeler

@@ -16,23 +16,23 @@
 
 jobs:
   run-e2e-tests:
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
 
     steps:
       - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          cache: npm
          node-version-file: frontend/.nvmrc
          cache-dependency-path: frontend/package-lock.json

      - name: Run tests
        working-directory: frontend
        env:
          E2E_TEST_AUTH_TOKEN: ${{ inputs.e2e-token }}
          FLAGSMITH_API_URL: ${{ inputs.api-url }}
          E2E_CONCURRENCY: ${{ inputs.e2e-concurrency }}
        run: |
          npm ci
          npm run env
          npm run test
@@ -73,29 +73,17 @@ jobs:
       runs-on: ${{ matrix.runs-on }}
       e2e-image: ${{ needs.docker-build-e2e.outputs.image }}
       api-image: ${{ matrix.api-image }}
-      concurrency: ${{ matrix.args.concurrency }}
-      tests: ${{ matrix.args.tests }}
+      concurrency: 16
     secrets:
       GCR_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       SLACK_TOKEN: ${{ secrets.SLACK_TOKEN }}
 
     strategy:
       matrix:
-        runs-on: [ubuntu-latest, ARM64-2c]
+        runs-on: [depot-ubuntu-latest-16, depot-ubuntu-latest-arm-16]
         api-image:
           - ${{ needs.docker-build-api.outputs.image }}
           - ${{ needs.docker-build-private-cloud-api.outputs.image }}
-        args:
-          - tests: segment-part-1 environment
-            concurrency: 1
-          - tests: segment-part-2
-            concurrency: 1
-          - tests: segment-part-3 signup flag invite project
-            concurrency: 2
-          - tests: versioning
-            concurrency: 1
-          - tests: organisation-permission environment-permission project-permission roles
-            concurrency: 1
 
   # Publish to dockerhub
 
@@ -184,7 +172,7 @@ jobs:
 
   update-charts:
     needs: [docker-publish-api, docker-publish-frontend, docker-publish-unified]
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     steps:
       - name: Checkout Target Charts Repository to update yaml
         uses: actions/checkout@v4

@@ -45,7 +45,7 @@ env:
 jobs:
   pull-trivy-db:
     name: Pull and republish Trivy databases
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
 
     permissions:
       packages: write
@@ -72,7 +72,7 @@ jobs:
 
   scan-images:
     name: Scan image
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     needs: pull-trivy-db
 
     permissions:

@@ -10,7 +10,7 @@ on:
 jobs:
   permissions-check:
     name: Check actor permissions
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     outputs:
       can-write: ${{ steps.check.outputs.require-result }}
     steps:
@@ -23,7 +23,7 @@ jobs:
     if: needs.permissions-check.outputs.can-write == 'true'
     name: Add Conventional Commit labels
     needs: permissions-check
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     permissions:
       pull-requests: write
     steps:
@@ -49,7 +49,7 @@ jobs:
     if: github.event.pull_request.draft == false && needs.permissions-check.outputs.can-write == 'true'
     name: Prepare Docker report comment
     needs: permissions-check
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     permissions:
       pull-requests: write
     steps:
@@ -137,24 +137,24 @@ jobs:
       runs-on: ${{ matrix.runs-on }}
       e2e-image: ${{ needs.docker-build-e2e.outputs.image }}
       api-image: ${{ needs.docker-build-api.outputs.image }}
-      concurrency: ${{ matrix.args.concurrency }}
-      tests: ${{ matrix.args.tests }}
+      concurrency: 16
+      tests: >-
+        segment-part-1 
+        segment-part-2
+        segment-part-3
+        environment
+        signup
+        flag
+        invite
+        project
+        versioning
     secrets:
       GCR_TOKEN: ${{ needs.permissions-check.outputs.can-write == 'true' && secrets.GITHUB_TOKEN || '' }}
       SLACK_TOKEN: ${{ needs.permissions-check.outputs.can-write == 'true' && secrets.SLACK_TOKEN || '' }}
 
     strategy:
       matrix:
-        runs-on: [ubuntu-latest, ARM64-2c]
-        args:
-          - tests: segment-part-1 environment
-            concurrency: 1
-          - tests: segment-part-2
-            concurrency: 1
-          - tests: segment-part-3 signup flag invite project
-            concurrency: 2
-          - tests: versioning
-            concurrency: 1
+        runs-on: [depot-ubuntu-latest-16, depot-ubuntu-latest-arm-16]
 
   run-e2e-tests-private-cloud:
     if: needs.permissions-check.outputs.can-write == 'true' && !cancelled()
@@ -164,15 +164,16 @@ jobs:
       runs-on: ${{ matrix.runs-on }}
       e2e-image: ${{ needs.docker-build-e2e.outputs.image }}
       api-image: ${{ needs.docker-build-private-cloud.outputs.image }}
-      concurrency: ${{ matrix.args.concurrency }}
-      tests: ${{ matrix.args.tests }}
+      concurrency: 16
+      tests: >-
+        organisation-permission
+        environment-permission
+        project-permission
+        roles
     secrets:
       GCR_TOKEN: ${{ needs.permissions-check.outputs.can-write == 'true' && secrets.GITHUB_TOKEN || '' }}
       SLACK_TOKEN: ${{ needs.permissions-check.outputs.can-write == 'true' && secrets.SLACK_TOKEN || '' }}
 
     strategy:
       matrix:
-        runs-on: [ubuntu-latest, ARM64-2c]
-        args:
-          - tests: organisation-permission environment-permission project-permission roles
-            concurrency: 1
+        runs-on: [depot-ubuntu-latest-16, depot-ubuntu-latest-arm-16]
@@ -11,7 +11,7 @@ permissions:
 
 jobs:
   release-please:
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
 
     steps:
       - uses: googleapis/release-please-action@v4

@@ -10,7 +10,7 @@ on:
 jobs:
   build-flagsmith:
     name: Build and push `Flagsmith`
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
 
     permissions:
       id-token: write
@@ -50,7 +50,7 @@ jobs:
   render-compose-file:
     name: Render Docker Compose File
     # Pass output of this workflow to another triggered by `workflow_run` event.
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     needs:
       - build-flagsmith
     outputs:
@@ -76,7 +76,7 @@ jobs:
 
   delete-preview:
     name: Call for Preview Deletion
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     if: ${{ github.event.action == 'closed' }}
     steps:
       # If this PR is closing, we will not render a compose file nor pass it to the next workflow.

@@ -10,7 +10,7 @@ on:
 jobs:
   cache-compose-file:
     name: Cache Compose File
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     if: ${{ github.event.workflow_run.conclusion == 'success' }}
     outputs:
       compose-file-cache-key: ${{ steps.hash.outputs.COMPOSE_FILE_HASH }}

@@ -10,32 +10,32 @@
 
 jobs:
   update_server_defaults:
-    runs-on: ubuntu-latest
+    runs-on: depot-ubuntu-latest
     name: Update API Flagsmith Defaults
     env:
       FLAGSMITH_ON_FLAGSMITH_SERVER_API_URL: https://edge.api.flagsmith.com/api/v1
      FLAGSMITH_ON_FLAGSMITH_SERVER_KEY: ${{ secrets.FLAGSMITH_ON_FLAGSMITH_SERVER_KEY }}

    steps:
      - uses: actions/checkout@v4

      - name: Set up Python 3.12
        uses: actions/setup-python@v5
        with:
          python-version: 3.12
          cache: pip

      - name: Install Dependencies
        run: make install

      - name: Update defaults
        run: poetry run python manage.py updateflagsmithenvironment

      - name: Create Pull Request
        uses: peter-evans/create-pull-request@v5
        with:
          commit-message: Update API Flagsmith Defaults
          branch: chore/update-api-flagsmith-environment
          delete-branch: true
          title: 'chore: update Flagsmith environment document'
          labels: api