Digger home pagelight logodark logo
  • diggerhq/digger
  • diggerhq/digger

PR-level locks

  • For every pull request we perform a lock when the pull request is opened and unlocked when the pull request is merged, this is to avoid making a plan preview stale

  • For GCP locking is performed using buckets that are strongly consistent: https://github.com/diggerhq/digger/blob/80289922227f225d887feb74749b4daef8b441f8/pkg/gcp/gcp_lock.go#L13

  • These options are configured and the locking can be disabled entirely if it is not needed

  • The locking interface is very simple and is based on Lock() and Unlock() Operations https://github.com/diggerhq/digger/blob/5815775095d7380281c71c7c3aa63ca1b374365f/pkg/locking/locking.go#L40

  • A pull request acquires a lock for every project impacted by this PR and all dependant projects

Assistant
Responses are generated using AI and may contain mistakes.

Was this page helpful?

Suggest editsRaise issue
slacklinkedin
Powered by Mintlify
  • Documentation
  • Slack
  • Blog
    • Introduction
    • About Digger
    • How it works
    • Pricing
    • FAQ
    • Feedback
    Getting Started
    • Github Actions + AWS
    • Github Actions + GCP
    Digger Enterprise
    • Setting up Digger EE
    • Drift Detection
    • RBAC
    • OPA Policies
    • Multi Tenant Github Connections
    • Gitlab Pipelines
    • Buildkite CI backend
    • FIPS 140 standard
    • AI Summaries
    Features
    • Plan preview
    • CommentOps
    • Policies (OPA)
    • Concurrency
    • PR-level locks
    • Plan Persistence
    • Private Runners
    How To
    • Managing state
    • Specify terraform version
    • Apply on Merge
    • Apply Requirements
    • Auto-merge
    • Backendless mode
    • Commenting strategies
    • Custom commands
    • Destroy via manual workflow
    • Draft PRs
    • Disable auto-checkout
    • Disable telemetry
    • Generate projects
    • Group plans by source module
    • Include / exclude patterns
    • Masking sensitive values
    • Multiple AWS accounts
    • Policy overrides
    • Project Level Roles for AWS
    • Segregate cloud accounts
    • Store plans in a Bucket
    • Trigger workflow directly
    • Using Checkov
    • Using Infracost
    • Inline policies (conftest)
    • Using Terragrunt
    • Specifying version
    Self-host Digger
    • Auth methods
    • Deploy as docker image
    • Deploy using docker-compose
    • Deploy as a binary
    • Digger Helm Chart
    • Self Host on Azure
    Reference
    • digger.yml
    • Action inputs
    • Orchestrator API
    • handling terraform.lock file
    • Securing digger
    AWS-specific
    • Setting up DynamoDB Access for locks
    • Setting up separate mgmt account
    • Authenticating with OIDC on AWS
    GCP-specific
    • Setting up GCP + GH Actions
    • Federated OIDC access
    • Using GCP bucket for locks
    Azure-specific
    • Setting up Azure + GH Actions
    • Azure devops locking connection methods
    Troubleshooting
    • Importing existing resources
    • Action Errors
    • PR Comment Issues

    PR-level locks

    • For every pull request we perform a lock when the pull request is opened and unlocked when the pull request is merged, this is to avoid making a plan preview stale

    • For GCP locking is performed using buckets that are strongly consistent: https://github.com/diggerhq/digger/blob/80289922227f225d887feb74749b4daef8b441f8/pkg/gcp/gcp_lock.go#L13

    • These options are configured and the locking can be disabled entirely if it is not needed

    • The locking interface is very simple and is based on Lock() and Unlock() Operations https://github.com/diggerhq/digger/blob/5815775095d7380281c71c7c3aa63ca1b374365f/pkg/locking/locking.go#L40

    • A pull request acquires a lock for every project impacted by this PR and all dependant projects

    Assistant
    Responses are generated using AI and may contain mistakes.

    Was this page helpful?

    Suggest editsRaise issue
    slacklinkedin
    Powered by Mintlify