Update vuln analysis GHAW to use on.push hook #207

atc0005 · 2023-03-17T13:44:00Z

This hook is needed for proper operation of the
Vulnerability / CodeQL job so that it can compare before/after changes against the base branch.

I'm opting to skip limiting either of the on.push or the on.pull_request hook events to just the base branch, instead adding a commented directive to imply that I explicitly made that decision.

To keep all jobs from running again on push events in addition to the pull request events we check the event type in the job definition and skip running the job unless it is not a push event.

refs atc0005/todo#56

This hook is needed for proper operation of the `Vulnerability / CodeQL` job so that it can compare before/after changes against the base branch. I'm opting to skip limiting either of the on.push or the on.pull_request hook events to just the base branch, instead adding a commented directive to imply that I explicitly made that decision. To keep *all* jobs from running again on push events in addition to the pull request events we check the event type in the job definition and skip running the job unless it is not a push event. refs atc0005/todo#56

atc0005 added bug Something isn't working CI labels Mar 17, 2023

atc0005 added this to the Next Release milestone Mar 17, 2023

atc0005 self-assigned this Mar 17, 2023

atc0005 merged commit 9282fe2 into master Mar 17, 2023

atc0005 deleted the update-analysis-workflow-to-use-on-push-hook branch March 17, 2023 13:48

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update vuln analysis GHAW to use on.push hook #207

Update vuln analysis GHAW to use on.push hook #207

atc0005 commented Mar 17, 2023

Update vuln analysis GHAW to use on.push hook #207

Update vuln analysis GHAW to use on.push hook #207

Conversation

atc0005 commented Mar 17, 2023