On Wed, Mar 23, 2022 at 11:19:50AM +0000, Andrew Cooper wrote: > On 21/03/2022 15:04, Roger Pau Monné wrote: > > On Mon, Mar 21, 2022 at 01:58:28PM +0000, Andrew Cooper wrote: > >> By default, workflows run in all forks, but the Coverity token is specific > >> to > >> us, causing all other runs to fail. > >> > >> Signed-off-by: Andrew Cooper <[email protected]> > > Acked-by: Roger Pau Monné <[email protected]> > > > > Albeit I have a suggestion to make this more useful I think > > > >> --- > >> CC: Roger Pau Monné <[email protected]> > >> CC: George Dunlap <[email protected]> > >> CC: Jan Beulich <[email protected]> > >> CC: Stefano Stabellini <[email protected]> > >> CC: Wei Liu <[email protected]> > >> CC: Julien Grall <[email protected]> > >> --- > >> .github/workflows/coverity.yml | 1 + > >> 1 file changed, 1 insertion(+) > >> > >> diff --git a/.github/workflows/coverity.yml > >> b/.github/workflows/coverity.yml > >> index 427fb86f947f..f613f9ed3652 100644 > >> --- a/.github/workflows/coverity.yml > >> +++ b/.github/workflows/coverity.yml > >> @@ -8,6 +8,7 @@ on: > >> > >> jobs: > >> coverity: > >> + if: github.repository_owner == 'xen-project' > > Since I don't know anything else similar, why not make this a secret, > > ie: ${{ secrets.RUN_COVERITY_SCAN }}? So that people could decide to > > enable coverity on their own repos if desired. > > > > We would also need to introduce a ${{ secrets.COVERITY_SCAN_PROJECT }} > > > > To allow setting a different project name. > > We wouldn't need a secret here. We could do it on on the existence of > the PROJECT field. > > But if we're doing this, then we also need to make the branch selectable > too via the same mechanism.
Sure, that would be better. Those don't need to be secrets, but I don't know another way to store such data in a github project. Thanks, Roger.
