Digger home pagelight logodark logo
  • diggerhq/digger
  • diggerhq/digger
  • Documentation
  • Slack
  • Blog
    • Introduction
    • About Digger
    • How it works
    • Pricing
    • FAQ
    • Feedback
    Getting Started
    • With Terraform
    • With OpenTofu
    • With Terragrunt
    Digger Enterprise
    • Setting up Digger EE
    • Drift Detection
    • RBAC
    • OPA Policies
    • Multi Tenant Github Connections
    • Gitlab Pipelines
    • Buildkite CI backend
    • FIPS 140 standard
    • AI Summaries
    • Running Remote Jobs
    Features
    • Plan preview
    • CommentOps
    • Policies (OPA)
    • Concurrency
    • PR-level locks
    • Plan Persistence
    • Private Runners
    How To
    • Managing state
    • Specify terraform version
    • Apply on Merge
    • Apply Requirements
    • Auto-merge
    • Backendless mode
    • Commenting strategies
    • Custom commands
    • Destroy via manual workflow
    • Draft PRs
    • Codeowners integration
    • Disable auto-checkout
    • Disable telemetry
    • Generate projects
    • Group plans by source module
    • Include / exclude patterns
    • Masking sensitive values
    • Multiple AWS accounts
    • Policy overrides
    • Project Level Roles for AWS
    • Segregate cloud accounts
    • Store plans in a Bucket
    • Trigger workflow directly
    • Using Checkov
    • Using Infracost
    • Inline policies (conftest)
    • Using Terragrunt
    • Specifying version
    Self-host Digger
    • Auth methods
    • Deploy as docker image
    • Deploy using docker-compose
    • Deploy as a binary
    • Kubernetes via Helm
    • Self Host on Azure
    Reference
    • digger.yml
    • Action inputs
    • Orchestrator API
    • handling terraform.lock file
    • Securing digger
    AWS-specific
    • Setting up DynamoDB Access for locks
    • Setting up separate mgmt account
    • Authenticating with OIDC on AWS
    GCP-specific
    • Setting up GCP + GH Actions
    • Federated OIDC access
    • Using GCP bucket for locks
    Azure-specific
    • Setting up Azure + GH Actions
    • Azure devops locking connection methods
    Troubleshooting
    • Importing existing resources
    • Action Errors
    • PR Comment Issues
    Features

    PR-level locks

    • For every pull request we perform a lock when the pull request is opened and unlocked when the pull request is merged, this is to avoid making a plan preview stale
    • For GCP locking is performed using buckets that are strongly consistent: https://github.com/diggerhq/digger/blob/80289922227f225d887feb74749b4daef8b441f8/pkg/gcp/gcp_lock.go#L13
    • These options are configured and the locking can be disabled entirely if it is not needed
    • The locking interface is very simple and is based on Lock() and Unlock() Operations https://github.com/diggerhq/digger/blob/5815775095d7380281c71c7c3aa63ca1b374365f/pkg/locking/locking.go#L40
    • A pull request acquires a lock for every project impacted by this PR and all dependant projects

    Was this page helpful?

    Suggest editsRaise issue
    ConcurrencyPlan Persistence
    slacklinkedin
    Powered by Mintlify
    Assistant
    Responses are generated using AI and may contain mistakes.