From 90da14518ae8caf2b446d0335f2939ebc18291cb Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Wed, 24 Apr 2024 11:04:48 -0400 Subject: [PATCH] Try fixing Covscan PR target This commit attempts to source the correct PR code in PR Cov Scans It is not directly testable as pull_request_target code is only really run after a PR is merged to main (by design). This commit also adds support for a no-covscan label so that PRs can be merged w/o running a covscan and yet having all tragets met and not requiring to override the project policy at merge time Signed-off-by: Simo Sorce --- .github/workflows/coverity-scan.yml | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/.github/workflows/coverity-scan.yml b/.github/workflows/coverity-scan.yml index 78918c39..4b2b53ac 100644 --- a/.github/workflows/coverity-scan.yml +++ b/.github/workflows/coverity-scan.yml @@ -59,13 +59,10 @@ jobs: openssl-devel openssl \ nss-softokn nss-tools nss-softokn-devel \ gh - - name: Find PR - uses: suzuki-shunsuke/get-pr-action@v0.1.0 - id: pr - name: Checkout Repository uses: actions/checkout@v4 with: - ref: ${{steps.get-pr.outputs.merge_commit_sha}} + ref: ${{github.event.pull_request.head.sha}} - name: Setup run: | meson setup builddir @@ -84,3 +81,11 @@ jobs: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} GH_REPO: ${{ github.repository }} NUMBER: ${{ github.event.number }} + + on-no-covscan-labeled-pr: + if: ${{ contains(github.event.*.labels.*.name, 'no-covscan') }} + name: Coverity Scan on PR + runs-on: ubuntu-latest + steps: + - name: Coverity Scan not needed + run: echo "Dummy action to report all ok and mark covscan as handled"