On 21/03/2022 15:04, Roger Pau Monné wrote:
> On Mon, Mar 21, 2022 at 01:58:28PM +0000, Andrew Cooper wrote:
>> By default, workflows run in all forks, but the Coverity token is specific to
>> us, causing all other runs to fail.
>>
>> Signed-off-by: Andrew Cooper <andrew.coop...@citrix.com>
> Acked-by: Roger Pau Monné <roger....@citrix.com>
>
> Albeit I have a suggestion to make this more useful I think
>
>> ---
>> CC: Roger Pau Monné <roger....@citrix.com>
>> CC: George Dunlap <george.dun...@eu.citrix.com>
>> CC: Jan Beulich <jbeul...@suse.com>
>> CC: Stefano Stabellini <sstabell...@kernel.org>
>> CC: Wei Liu <w...@xen.org>
>> CC: Julien Grall <jul...@xen.org>
>> ---
>> .github/workflows/coverity.yml | 1 +
>> 1 file changed, 1 insertion(+)
>>
>> diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
>> index 427fb86f947f..f613f9ed3652 100644
>> --- a/.github/workflows/coverity.yml
>> +++ b/.github/workflows/coverity.yml
>> @@ -8,6 +8,7 @@ on:
>>
>> jobs:
>> coverity:
>> + if: github.repository_owner == 'xen-project'
> Since I don't know anything else similar, why not make this a secret,
> ie: ${{ secrets.RUN_COVERITY_SCAN }}? So that people could decide to
> enable coverity on their own repos if desired.
>
> We would also need to introduce a ${{ secrets.COVERITY_SCAN_PROJECT }}
>
> To allow setting a different project name.
We wouldn't need a secret here. We could do it on on the existence of
the PROJECT field.
But if we're doing this, then we also need to make the branch selectable
too via the same mechanism.
~Andrew
