Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Try to run Coverity Scan on demand #366

Merged
merged 1 commit into from
Mar 25, 2024
Merged

Try to run Coverity Scan on demand #366

merged 1 commit into from
Mar 25, 2024

Conversation

simo5
Copy link
Member

@simo5 simo5 commented Mar 25, 2024

Description

PR to change Coverity Scan to run on demand (by setting the covscan label) instead of running it after merge to main.
This way we can run the scan when the PR is still open and catch issues before merging.

Checklist

N/A

Reviewer's checklist:

  • Commits have short titles and sensible commit messages

@simo5 simo5 added covscan Triggers Coverity Scanner and removed covscan Triggers Coverity Scanner labels Mar 25, 2024
@simo5 simo5 force-pushed the covscan_ondemand branch from 1bec9fb to acf28dd Compare March 25, 2024 18:24
@simo5 simo5 added the covscan Triggers Coverity Scanner label Mar 25, 2024
@github-actions github-actions bot removed the covscan Triggers Coverity Scanner label Mar 25, 2024
@simo5 simo5 force-pushed the covscan_ondemand branch from acf28dd to 680bbd6 Compare March 25, 2024 18:29
@simo5 simo5 added the covscan Triggers Coverity Scanner label Mar 25, 2024
@simo5
Copy link
Member Author

simo5 commented Mar 25, 2024

The conditional running of covscan works, as well as the auto-removal of labels (which requires pull-request write permissions).

This all should work with pull_request_target events as well, which is an event that runs the workflows from the repository, instead of possibly changed workflows from the PR from a fork or separate branch.

By running the workflow stored on the main branch, rather the one on the PR github should grant access to secretes needed to upload coverity data for analysis and allow writes to PR for removing the label automatically, but of course this can't be tested until the PR is merged.

@simo5 simo5 removed the covscan Triggers Coverity Scanner label Mar 25, 2024
This way we can run the scan when the PR is still open and catch issues
before merging.

Signed-off-by: Simo Sorce <simo@redhat.com>
@simo5 simo5 force-pushed the covscan_ondemand branch from 680bbd6 to ad1af69 Compare March 25, 2024 18:40
@simo5
Copy link
Member Author

simo5 commented Mar 25, 2024

From covscan:

    Build ID: 600979

    Analysis Summary:
       New defects found: 0
       Defects eliminated: 0

@simo5
Copy link
Member Author

simo5 commented Mar 25, 2024

Merging w/o running another covscan because covscan is rate limited so we need to avoid spurious runs.

@simo5 simo5 merged commit 8658522 into main Mar 25, 2024
23 checks passed
@simo5 simo5 deleted the covscan_ondemand branch March 25, 2024 19:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant