I would say let's just run it against master, not even v1-10-test On Mon, Nov 9, 2020 at 12:33 PM Jarek Potiuk <[email protected]> wrote:
> Hello everyone, > > I have not seen a single time any security Analysis job Code QL would > produce any valuable output. I've seen it failing for no reason a few times > though. And the Python analysis takes 20 minutes of build-job time. And it > adds some complexity into cancelling duplicate jobs. > > We've done some optimizations recently, and following that - I have a > feeling that only running this Analysis job in the master is a better > approach. > > There is very little chance we will miss any warning there (we are basing > part of our workflow on the fact that master build is green (for example to > push a new version of master prod images) and we will likely get more of > it. > > How about doing exactly this - only running the Code QL in > master/v1-10-test ? > > J. > > -- > > Jarek Potiuk > Polidea <https://www.polidea.com/> | Principal Software Engineer > > M: +48 660 796 129 <+48660796129> > [image: Polidea] <https://www.polidea.com/> > >
