ci/codeql: Always run on postsubmit (noop for no change)#44771
ci/codeql: Always run on postsubmit (noop for no change)#44771phlax merged 3 commits intoenvoyproxy:mainfrom
Conversation
Signed-off-by: Ryan Northey <ryan@synca.io>
| else | ||
| TO_OTHER=HEAD^1 | ||
| fi | ||
| if git diff --name-only HEAD "${TO_OTHER}" -- source/common/ include/ | grep -q .; then |
There was a problem hiding this comment.
should we also include source/exe,extensions,server?
There was a problem hiding this comment.
possibly - but not this pr - the idea is to ensure it does what it does now, just doesnt impact our score when there is nothing to check
arguably being so restricted there is not nothing to check - so this shouldnt pass if it has skipped real code change
however, the reason its so restrictive is that it runs rbeless, as it is it can take an absolute age - i think if we increase the targets we would have to move to rbe here
(related, not running in rbe means it also still fails on github 5xx fail)
There was a problem hiding this comment.
... not sure if we can actually get this to work with rbe
iiuc, codeql needs to instrument and see the build - so probably trying to make that work with workers is a stretch
however we could probably have it just use cache (ideally with its own cache key) - that way, apart from first run, it would be a lot faster than now and any building it actually has to do it can do locally in the way it expects
fwiw, macos and a few other bits of ci run cache-only
jwendell
left a comment
jwendell
left a comment
There was a problem hiding this comment.
LGTM, left a minor comment, up to you
Signed-off-by: Ryan Northey <ryan@synca.io>
2 participants
No description provided.