From: Johannes Schindelin <Johannes.Schindelin@gmx.de>
To: Jeff King <peff@peff.net>
Cc: Johannes Schindelin via GitGitGadget <gitgitgadget@gmail.com>,
git@vger.kernel.org
Subject: Re: [PATCH 2/6] coverity: cache the Coverity Build Tool
Date: Mon, 25 Sep 2023 13:52:42 +0200 (CEST) [thread overview]
Message-ID: <e1da76b8-df4a-cdd2-c349-6558a55a1c15@gmx.de> (raw)
In-Reply-To: <20230923065813.GC1469941@coredump.intra.peff.net>
Hi Peff,
On Sat, 23 Sep 2023, Jeff King wrote:
> On Fri, Sep 22, 2023 at 10:41:59AM +0000, Johannes Schindelin via GitGitGadget wrote:
>
> > From: Johannes Schindelin <johannes.schindelin@gmx.de>
> >
> > It would add a 1GB+ download for every run, better cache it.
> >
> > This is inspired by the GitHub Action `vapier/coverity-scan-action`,
> > however, it uses the finer-grained `restore`/`save` method to be able to
> > cache the Coverity Build Tool even if an unrelated step in the GitHub
> > workflow fails later on.
>
> Nice. This is the big thing that I think the vapier action was providing
> us, and it does not look too bad.
>
> I have never used actions/cache before, but it all looks plausibly
> correct to me (and I assume you did a few test-runs to check it).
I use `actions/cache` extensively, both in GitHub workflows via the Action
as well as in custom Actions like `setup-git-for-windows-sdk`, so I am
confident that I am using this tool correctly here, too.
>
> One note:
>
> > + # The Coverity site says the tool is usually updated twice yearly, so the
> > + # MD5 of download can be used to determine whether there's been an update.
> > + - name: get the Coverity Build Tool hash
> > + id: lookup
> > + run: |
> > + MD5=$(curl https://scan.coverity.com/download/$COVERITY_LANGUAGE/$COVERITY_PLATFORM \
> > + --data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=$COVERITY_PROJECT&md5=1")
> > + echo "hash=$MD5" >>$GITHUB_OUTPUT
>
> We probably want --fail here, too.
I concur, after verifying that the scary manual page note about
authentication issues often not being handled correctly by `curl --fail`
does not affect this particular scenario.
Ciao,
Johannes
next prev parent reply other threads:[~2023-09-25 11:52 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-22 10:41 [PATCH 0/6] Add a GitHub workflow to submit builds to Coverity Scan Johannes Schindelin via GitGitGadget
2023-09-22 10:41 ` [PATCH 1/6] ci: add a GitHub workflow to submit Coverity scans Johannes Schindelin via GitGitGadget
2023-09-23 6:49 ` Jeff King
2023-09-25 11:52 ` Johannes Schindelin
2023-09-25 12:09 ` Jeff King
2023-09-22 10:41 ` [PATCH 2/6] coverity: cache the Coverity Build Tool Johannes Schindelin via GitGitGadget
2023-09-23 6:58 ` Jeff King
2023-09-25 11:52 ` Johannes Schindelin [this message]
2023-09-22 10:42 ` [PATCH 3/6] coverity: allow overriding the Coverity project Johannes Schindelin via GitGitGadget
2023-09-23 7:00 ` Jeff King
2023-09-25 11:52 ` Johannes Schindelin
2023-09-25 12:11 ` Jeff King
2023-09-26 14:02 ` Johannes Schindelin
2023-09-26 14:19 ` Junio C Hamano
2023-09-26 14:39 ` Jeff King
2023-09-26 16:50 ` Junio C Hamano
2023-09-26 14:45 ` Jeff King
2023-09-22 10:42 ` [PATCH 4/6] coverity: support building on Windows Johannes Schindelin via GitGitGadget
2023-09-23 7:03 ` Jeff King
2023-09-22 10:42 ` [PATCH 5/6] coverity: allow running on macOS Johannes Schindelin via GitGitGadget
2023-09-23 7:06 ` Jeff King
2023-09-25 11:52 ` Johannes Schindelin
2023-09-25 12:13 ` Jeff King
2023-09-22 10:42 ` [PATCH 6/6] coverity: detect and report when the token or project is incorrect Johannes Schindelin via GitGitGadget
2023-09-23 7:07 ` Jeff King
2023-09-25 11:52 ` Johannes Schindelin
2023-09-25 12:17 ` Jeff King
2023-09-25 11:50 ` [PATCH v2 0/6] Add a GitHub workflow to submit builds to Coverity Scan Johannes Schindelin via GitGitGadget
2023-09-25 11:50 ` [PATCH v2 1/6] ci: add a GitHub workflow to submit Coverity scans Johannes Schindelin via GitGitGadget
2023-09-25 11:50 ` [PATCH v2 2/6] coverity: cache the Coverity Build Tool Johannes Schindelin via GitGitGadget
2023-09-25 11:50 ` [PATCH v2 3/6] coverity: allow overriding the Coverity project Johannes Schindelin via GitGitGadget
2023-09-25 11:51 ` [PATCH v2 4/6] coverity: support building on Windows Johannes Schindelin via GitGitGadget
2023-09-25 11:51 ` [PATCH v2 5/6] coverity: allow running on macOS Johannes Schindelin via GitGitGadget
2023-09-25 11:51 ` [PATCH v2 6/6] coverity: detect and report when the token or project is incorrect Johannes Schindelin via GitGitGadget
2023-09-25 12:25 ` [PATCH v2 0/6] Add a GitHub workflow to submit builds to Coverity Scan Jeff King
2023-09-25 17:20 ` Junio C Hamano
2023-09-26 13:57 ` Johannes Schindelin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e1da76b8-df4a-cdd2-c349-6558a55a1c15@gmx.de \
--to=johannes.schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=gitgitgadget@gmail.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).