-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
ci: Add Continuous Integration #3
Conversation
Thanks a lot @flemzord for the PR 馃檹 Can you refine the title and add a description to the PR, something like : Suggestion of title : "ci: Add Continuous Integration" Suggestion of description : 馃崳 Context / problemThere is no Continuous Integration yet. It is a software development good practice. 馃幆 Idea / solutionUsing GitHub Actions (with CodeQL integration) to automatically run testing, linting, scanning, vulnerability checking, etc. 馃挕 Discussion / consequencesEach time a commit is pushed on a branch, then some automated checks are executed. 馃 Tests / checksCheck that GitHub Checks are displayed and executed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
馃殌 Code is ok. I just wait for answers to my 2 minor questions before merging
pull_request: | ||
branches: [main] | ||
schedule: | ||
- cron: '35 21 * * 5' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
question: why this cron value (each friday at 21h35) ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
an why on each pull_request is not enough ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CodeQL is quite slow, and relies on CVEs.
You can spin it more often, but I'm not sure it's really more comfortable.
Ditto for running it on all the PRs, this is possible
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
馃檹 Thank you for all @flemzord . I did not know CodeQL. Very interesting. I merge.
PS : instead of CVEs, you meant CWEs (Common Weakness Enumeration), right ?
Co-authored-by: J茅r茅my Buget <265963+jbuget@users.noreply.github.com>
馃崳 Context / problem
There is no Continuous Integration yet. It is a software development good practice.
馃幆 Idea / solution
Using GitHub Actions (with CodeQL integration) to automatically run testing, linting, scanning, vulnerability checking, etc.
馃挕 Discussion / consequences
Each time a commit is pushed on a branch, then some automated checks are executed.
馃 Tests / checks
Check that GitHub Checks are displayed and executed