deploy/worker.yaml: lock builds
Use the locktrigger command to avoid a race condition when two deploys
are triggered concurrently.
Change-Id: I5116e9c1a715113e3d2e54d58d25fb4178cebc61
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/377874
Trust: Jonathan Amsterdam <jba@google.com>
Run-TryBot: Jonathan Amsterdam <jba@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
diff --git a/deploy/worker.yaml b/deploy/worker.yaml
index d064fa4..d2b2280 100644
--- a/deploy/worker.yaml
+++ b/deploy/worker.yaml
@@ -11,6 +11,19 @@
_ENV: ''
steps:
+ - id: Lock
+ name: golang:1.17.3
+ entrypoint: bash
+ args:
+ - -ec
+ - |
+ if [[ "$COMMIT_SHA" = '' ]]; then
+ echo "no COMMIT_SHA, not locking"
+ exit 0
+ fi
+ go run golang.org/x/website/cmd/locktrigger@latest \
+ -project $PROJECT_ID -build $BUILD_ID -repo https://go.googlesource.com/vulndb
+
- id: Test
name: golang:1.17.3
entrypoint: bash