actions: Update codeql triggers #16251
Conversation
michi-covalent
added
the
release-note/misc
| branches: | ||
| - master | ||
| schedule: | ||
| - cron: "45 6 * * 3" |
There was a problem hiding this comment.
#16241 removed the master run instead of the scheduled run. I'd strongly prefer to keep the scheduled run. It's less frequent and we don't need to run for every single push to master.
There was a problem hiding this comment.
sounds good i'll put it back. how about pull requests against release branches?
There was a problem hiding this comment.
I think that's fine and it's already included in pull_request: {}.
There was a problem hiding this comment.
👍 sounds good just wanted to confirm. before this pr we were only running against master branch PRs i think.
There was a problem hiding this comment.
Are you sure this setup will work? See current warnings on CodeQL from this PR's Actions: https://github.com/cilium/cilium/actions/runs/861152333
There was a problem hiding this comment.
added back push to master trigger 🤷
There was a problem hiding this comment.
Warning is still here. I don't get it.
https://github.com/cilium/cilium/actions/runs/867731119
There was a problem hiding this comment.
I think that's just because the workflow on master, doesn't run on master:
cilium/.github/workflows/codeql-analysis.yml
Lines 4 to 8 in 205f300
It should be fixed once this is merged. We should really find another way to limit CodeQL runs though, because they take a while :(
There was a problem hiding this comment.
I'll put my stamp on the current version but agree that it is a poor stopgap.
Trigger codeql on: - push to master or v*.* branch - pull request against any branch Signed-off-by: Michi Mutsuzaki <michi@isovalent.com>
|
test-me-please |
| branches: | ||
| - master | ||
| - v*.* |
There was a problem hiding this comment.
I'm not sure if I follow this. This will mean that any branch starting with v would be triggered by this, it's not always the case. There are branches starting with v that do not belong to stable branches.
|
Is this still needed now that #16389 is merged? |
|
Sorry, I didn't realize this had not been merged yet when I opened #16389. I probably understood the issue better thanks to the discussion here. |
|
@pchaigno btw my previous test-me-please was just to trigger the tests after i rebased this pull request, not to retry because of flakes. i promise i'm not blindly restarting tests anymore 😅 |
|
Héhé, my smiley was because you're triggering Jenkins tests on a PR that doesn't changes anything covered by the Jenkins tests 😜 |
Trigger codeql on:
Signed-off-by: Michi Mutsuzaki michi@isovalent.com