Backport actions: use standard runner labels for all workflows into release/2.x.x+ent

* actions: use standard runner labels for all workflows (#14476) Use standard runner labels for all workflows. This will allow us to pull from the hot pools for most jobs and on-demand when more are needed. This does elimate our cost optimization but latest on-demand runners have taken so long to provision as to be unbearable. Signed-off-by: Ryan Cragun <me@ryan.ec> Co-authored-by: Ryan Cragun <me@ryan.ec>
2026-05-28 04:10:44 -04:00 · 2026-05-06 11:14:58 -06:00 · 2026-05-06 11:14:58 -06:00 · 4e5ab3b175
commit 4e5ab3b175
parent 318dabedae
6 changed files with 10 additions and 22 deletions
--- a/.github/actionlint.yml
+++ b/.github/actionlint.yml
@ -8,21 +8,9 @@ self-hosted-runner:
    - medium
    - large
    - xlarge
-    - ondemand
-    - disk_gb=64
-    - os=ubuntu
-    - os=ubuntu-arm
-    - type=m5.2xlarge
-    - type=m6a.8xlarge
-    - type=c6a.xlarge
-    - type=c6g.2xlarge
-    - type=c6a.4xlarge
-    - type=c6g.2xlarge;c6g.4xlarge
-    - type=c6a.4xlarge;c6i.4xlarge;c5a.4xlarge;c5.4xlarge;m7a.4xlarge;m6i.4xlarge;m6a.4xlarge;m5a.4xlarge;m5.4xlarge
-    - type=c6a.2xlarge;c6i.2xlarge;c5a.2xlarge;c5.2xlarge;m7a.2xlarge;m6i.2xlarge;m6a.2xlarge;m5a.2xlarge;m5.2xlarge
-    - type=m7a.2xlarge;m6i.2xlarge;m6a.2xlarge;m5a.2xlarge;m5.2xlarge
-    - type=c7g.2xlarge;c6g.2xlarge;m7g.2xlarge;m6g.2xlarge
    - ubuntu-22.04-x64
    - ubuntu-latest-x64
+    - ubuntu-24.04-arm64
    - custom-linux-xl-vault-latest
    - stats
+    - type=m6a.8xlarge
--- a/.github/actions/metadata/action.yml
+++ b/.github/actions/metadata/action.yml
@ -168,10 +168,10 @@ runs:
            go_tags='ent,enterprise'
            version_metadata='${{ inputs.vault-version }}+ent'
          fi
-          compute_build='["self-hosted","ondemand","os=ubuntu","disk_gb=64","type=c6a.4xlarge;c6i.4xlarge;c5a.4xlarge;c5.4xlarge;m7a.4xlarge;m6i.4xlarge;m6a.4xlarge;m5a.4xlarge;m5.4xlarge"]'
-          compute_build_ui='["self-hosted","ondemand","os=ubuntu","disk_gb=64","type=c6a.2xlarge;c6i.2xlarge;c5a.2xlarge;c5.2xlarge;m7a.2xlarge;m6i.2xlarge;m6a.2xlarge;m5a.2xlarge;m5.2xlarge"]'
-          compute_test_go='["self-hosted","ondemand","os=ubuntu","disk_gb=64","type=c6a.2xlarge;c6i.2xlarge;c5a.2xlarge;c5.2xlarge;m7a.2xlarge;m6i.2xlarge;m6a.2xlarge;m5a.2xlarge;m5.2xlarge"]'
-          compute_test_ui='["self-hosted","ondemand","os=ubuntu","disk_gb=64","type=m7a.2xlarge;m6i.2xlarge;m6a.2xlarge;m5a.2xlarge;m5.2xlarge"]'
+          compute_build='["self-hosted","ubuntu-latest-x64","xlarge"]'
+          compute_build_ui='["self-hosted","ubuntu-latest-x64","large"]'
+          compute_test_go='["self-hosted","ubuntu-latest-x64","large"]'
+          compute_test_ui='["self-hosted","ubuntu-latest-x64","large"]'
          compute_small='["self-hosted","linux","small"]'
        else
          compute_build='"custom-linux-medium-vault-latest"'
--- a/.github/workflows/enos-lint.yml
+++ b/.github/workflows/enos-lint.yml
@ -27,7 +27,7 @@ jobs:
          echo "version=${{ steps.set-product-version.outputs.product-version }}" >> "$GITHUB_OUTPUT"
          github_repository="${{ github.repository }}"
          if [ "${github_repository##*/}" == "vault-enterprise" ] ; then
-            echo 'runs-on=["self-hosted","ubuntu-latest-x64","type=m7a.2xlarge;m6i.2xlarge;m6a.2xlarge;m5a.2xlarge;m5.2xlarge"]' >> "$GITHUB_OUTPUT"
+            echo 'runs-on=["self-hosted","ubuntu-latest-x64","large"]' >> "$GITHUB_OUTPUT"
          else
            echo 'runs-on="custom-linux-xl-vault-latest"' >> "$GITHUB_OUTPUT"
          fi
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@ -16,7 +16,7 @@ on:

 jobs:
  scan:
-    runs-on: ${{ github.repository == 'hashicorp/vault' && 'ubuntu-latest' || fromJSON('["self-hosted","ondemand","os=ubuntu","type=c6a.4xlarge;c6i.4xlarge;c5a.4xlarge;c5.4xlarge;m7a.4xlarge;m6i.4xlarge;m6a.4xlarge;m5a.4xlarge;m5.4xlarge"]') }}
+    runs-on: ${{ github.repository == 'hashicorp/vault' && 'ubuntu-latest' || fromJSON('["self-hosted","ubuntu-latest-x64","xlarge"]') }}
    # The first check ensures this doesn't run on community-contributed PRs, who won't have the
    # permissions to run this job.
    if: |
--- a/.github/workflows/test-enos-scenario-ui.yml
+++ b/.github/workflows/test-enos-scenario-ui.yml
@ -48,7 +48,7 @@ jobs:
      - id: get-outputs
        run: |
          if [[ '${{ steps.metadata.outputs.is-ent-repo }}' == 'true' ]]; then
-            echo "runs-on=['self-hosted', 'ondemand', 'os=ubuntu', 'type=m8a.4xlarge;m7a.4xlarge;m5d.4xlarge']" >> "$GITHUB_OUTPUT"
+            echo 'runs-on=["self-hosted","ubuntu-latest-x64","xlarge"]' >> "$GITHUB_OUTPUT"
          else
            echo "runs-on=\"custom-linux-xl-vault-latest\"" >> "$GITHUB_OUTPUT"
          fi
--- a/.github/workflows/test-run-enos-scenario-containers.yml
+++ b/.github/workflows/test-run-enos-scenario-containers.yml
@ -73,7 +73,7 @@ jobs:
  run:
    needs: metadata
    name: run ${{ matrix.scenario.id.filter }}
-    runs-on: ${{ fromJSON(needs.metadata.outputs.is-ent-repo == 'true' && (contains(inputs.build-artifact-name, 'arm64') && '["self-hosted","ondemand","os=ubuntu-arm","type=c6g.xlarge;c6g.2xlarge;c6g.4xlarge"]' || '["self-hosted","ubuntu-latest-x64"]') || (contains(inputs.build-artifact-name, 'arm64') && '"ubuntu-22.04-arm"' || '"ubuntu-latest"')) }}
+    runs-on: ${{ fromJSON(needs.metadata.outputs.is-ent-repo == 'true' && (contains(inputs.build-artifact-name, 'arm64') && '["self-hosted","ubuntu-24.04-arm64"]' || '["self-hosted","ubuntu-latest-x64"]') || (contains(inputs.build-artifact-name, 'arm64') && '"ubuntu-22.04-arm"' || '"ubuntu-latest"')) }}
    strategy:
      fail-fast: false # don't fail as that can skip required cleanup steps for jobs
      matrix: