On Mon, Sep 25, 2023 at 11:50:56AM +0000, Johannes Schindelin via GitGitGadget wrote:
> Changes since v1:
>
> * After verifying that cURL's --fail option does what we need in Coverity's
> context, I switched to using that in every curl invocation.
> * Adjusted quoting (the ${{ ... }} constructs do not require double quotes
> because they are interpolated before the script is run).
> * Touched up a few commit messages, based on the feedback I received.
> * Addressed an actionlint [https://rhysd.github.io/actionlint/] warning.
Thanks, this looks fine to me.
The only other comment is the same one I made for Taylor's version: that
COVERITY_SCAN_EMAIL could probably be a "var" and not a "secret". Though
the main advantage there (besides it being a little easier for the user
to edit in the web UI) is that it could be used in the jobs.*.if context
(to skip the job in unconfigured repos). But since your "if" uses a
default-disallow when ENABLE_COVERITY_SCAN_FOR_BRANCHES is not set, it
is not that important to check COVERITY_SCAN_EMAIL.
-Peff
