* [PATCH] CI: Don't run Coverity on forks
@ 2022-03-21 13:58 Andrew Cooper
2022-03-21 15:04 ` Roger Pau Monné
0 siblings, 1 reply; 4+ messages in thread
From: Andrew Cooper @ 2022-03-21 13:58 UTC (permalink / raw)
To: Xen-devel
Cc: Andrew Cooper, Roger Pau Monné,
George Dunlap, Jan Beulich, Stefano Stabellini, Wei Liu,
Julien Grall
By default, workflows run in all forks, but the Coverity token is specific to
us, causing all other runs to fail.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Roger Pau Monné <roger.pau@citrix.com>
CC: George Dunlap <George.Dunlap@eu.citrix.com>
CC: Jan Beulich <JBeulich@suse.com>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Wei Liu <wl@xen.org>
CC: Julien Grall <julien@xen.org>
---
.github/workflows/coverity.yml | 1 +
1 file changed, 1 insertion(+)
diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
index 427fb86f947f..f613f9ed3652 100644
--- a/.github/workflows/coverity.yml
+++ b/.github/workflows/coverity.yml
@@ -8,6 +8,7 @@ on:
jobs:
coverity:
+ if: github.repository_owner == 'xen-project'
runs-on: ubuntu-latest
steps:
- name: Install build dependencies
--
2.11.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] CI: Don't run Coverity on forks
2022-03-21 13:58 [PATCH] CI: Don't run Coverity on forks Andrew Cooper
@ 2022-03-21 15:04 ` Roger Pau Monné
2022-03-23 11:19 ` Andrew Cooper
0 siblings, 1 reply; 4+ messages in thread
From: Roger Pau Monné @ 2022-03-21 15:04 UTC (permalink / raw)
To: Andrew Cooper
Cc: Xen-devel, George Dunlap, Jan Beulich, Stefano Stabellini,
Wei Liu, Julien Grall
On Mon, Mar 21, 2022 at 01:58:28PM +0000, Andrew Cooper wrote:
> By default, workflows run in all forks, but the Coverity token is specific to
> us, causing all other runs to fail.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Roger Pau Monné <roger.pau@citrix.com>
Albeit I have a suggestion to make this more useful I think
> ---
> CC: Roger Pau Monné <roger.pau@citrix.com>
> CC: George Dunlap <George.Dunlap@eu.citrix.com>
> CC: Jan Beulich <JBeulich@suse.com>
> CC: Stefano Stabellini <sstabellini@kernel.org>
> CC: Wei Liu <wl@xen.org>
> CC: Julien Grall <julien@xen.org>
> ---
> .github/workflows/coverity.yml | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
> index 427fb86f947f..f613f9ed3652 100644
> --- a/.github/workflows/coverity.yml
> +++ b/.github/workflows/coverity.yml
> @@ -8,6 +8,7 @@ on:
>
> jobs:
> coverity:
> + if: github.repository_owner == 'xen-project'
Since I don't know anything else similar, why not make this a secret,
ie: ${{ secrets.RUN_COVERITY_SCAN }}? So that people could decide to
enable coverity on their own repos if desired.
We would also need to introduce a ${{ secrets.COVERITY_SCAN_PROJECT }}
To allow setting a different project name.
Thanks, Roger.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] CI: Don't run Coverity on forks
2022-03-21 15:04 ` Roger Pau Monné
@ 2022-03-23 11:19 ` Andrew Cooper
2022-03-23 11:27 ` Roger Pau Monné
0 siblings, 1 reply; 4+ messages in thread
From: Andrew Cooper @ 2022-03-23 11:19 UTC (permalink / raw)
To: Roger Pau Monne
Cc: Xen-devel, George Dunlap, Jan Beulich, Stefano Stabellini,
Wei Liu, Julien Grall
On 21/03/2022 15:04, Roger Pau Monné wrote:
> On Mon, Mar 21, 2022 at 01:58:28PM +0000, Andrew Cooper wrote:
>> By default, workflows run in all forks, but the Coverity token is specific to
>> us, causing all other runs to fail.
>>
>> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
> Acked-by: Roger Pau Monné <roger.pau@citrix.com>
>
> Albeit I have a suggestion to make this more useful I think
>
>> ---
>> CC: Roger Pau Monné <roger.pau@citrix.com>
>> CC: George Dunlap <George.Dunlap@eu.citrix.com>
>> CC: Jan Beulich <JBeulich@suse.com>
>> CC: Stefano Stabellini <sstabellini@kernel.org>
>> CC: Wei Liu <wl@xen.org>
>> CC: Julien Grall <julien@xen.org>
>> ---
>> .github/workflows/coverity.yml | 1 +
>> 1 file changed, 1 insertion(+)
>>
>> diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
>> index 427fb86f947f..f613f9ed3652 100644
>> --- a/.github/workflows/coverity.yml
>> +++ b/.github/workflows/coverity.yml
>> @@ -8,6 +8,7 @@ on:
>>
>> jobs:
>> coverity:
>> + if: github.repository_owner == 'xen-project'
> Since I don't know anything else similar, why not make this a secret,
> ie: ${{ secrets.RUN_COVERITY_SCAN }}? So that people could decide to
> enable coverity on their own repos if desired.
>
> We would also need to introduce a ${{ secrets.COVERITY_SCAN_PROJECT }}
>
> To allow setting a different project name.
We wouldn't need a secret here. We could do it on on the existence of
the PROJECT field.
But if we're doing this, then we also need to make the branch selectable
too via the same mechanism.
~Andrew
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] CI: Don't run Coverity on forks
2022-03-23 11:19 ` Andrew Cooper
@ 2022-03-23 11:27 ` Roger Pau Monné
0 siblings, 0 replies; 4+ messages in thread
From: Roger Pau Monné @ 2022-03-23 11:27 UTC (permalink / raw)
To: Andrew Cooper
Cc: Xen-devel, George Dunlap, Jan Beulich, Stefano Stabellini,
Wei Liu, Julien Grall
On Wed, Mar 23, 2022 at 11:19:50AM +0000, Andrew Cooper wrote:
> On 21/03/2022 15:04, Roger Pau Monné wrote:
> > On Mon, Mar 21, 2022 at 01:58:28PM +0000, Andrew Cooper wrote:
> >> By default, workflows run in all forks, but the Coverity token is specific to
> >> us, causing all other runs to fail.
> >>
> >> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
> > Acked-by: Roger Pau Monné <roger.pau@citrix.com>
> >
> > Albeit I have a suggestion to make this more useful I think
> >
> >> ---
> >> CC: Roger Pau Monné <roger.pau@citrix.com>
> >> CC: George Dunlap <George.Dunlap@eu.citrix.com>
> >> CC: Jan Beulich <JBeulich@suse.com>
> >> CC: Stefano Stabellini <sstabellini@kernel.org>
> >> CC: Wei Liu <wl@xen.org>
> >> CC: Julien Grall <julien@xen.org>
> >> ---
> >> .github/workflows/coverity.yml | 1 +
> >> 1 file changed, 1 insertion(+)
> >>
> >> diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
> >> index 427fb86f947f..f613f9ed3652 100644
> >> --- a/.github/workflows/coverity.yml
> >> +++ b/.github/workflows/coverity.yml
> >> @@ -8,6 +8,7 @@ on:
> >>
> >> jobs:
> >> coverity:
> >> + if: github.repository_owner == 'xen-project'
> > Since I don't know anything else similar, why not make this a secret,
> > ie: ${{ secrets.RUN_COVERITY_SCAN }}? So that people could decide to
> > enable coverity on their own repos if desired.
> >
> > We would also need to introduce a ${{ secrets.COVERITY_SCAN_PROJECT }}
> >
> > To allow setting a different project name.
>
> We wouldn't need a secret here. We could do it on on the existence of
> the PROJECT field.
>
> But if we're doing this, then we also need to make the branch selectable
> too via the same mechanism.
Sure, that would be better.
Those don't need to be secrets, but I don't know another way to store
such data in a github project.
Thanks, Roger.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-03-23 11:28 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-21 13:58 [PATCH] CI: Don't run Coverity on forks Andrew Cooper
2022-03-21 15:04 ` Roger Pau Monné
2022-03-23 11:19 ` Andrew Cooper
2022-03-23 11:27 ` Roger Pau Monné
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.