From: Junio C Hamano <gitster@pobox.com>
To: "Johannes Schindelin via GitGitGadget" <gitgitgadget@gmail.com>
Cc: git@vger.kernel.org, Jeff King <peff@peff.net>,
Johannes Schindelin <johannes.schindelin@gmx.de>
Subject: Re: [PATCH v2 0/6] Add a GitHub workflow to submit builds to Coverity Scan
Date: Mon, 25 Sep 2023 10:20:19 -0700 [thread overview]
Message-ID: <xmqqy1guuq3w.fsf@gitster.g> (raw)
In-Reply-To: <pull.1588.v2.git.1695642662.gitgitgadget@gmail.com> (Johannes Schindelin via GitGitGadget's message of "Mon, 25 Sep 2023 11:50:56 +0000")
"Johannes Schindelin via GitGitGadget" <gitgitgadget@gmail.com>
writes:
> Coverity [https://scan.coverity.com/] is a powerful static analysis tool
> that helps prevent vulnerabilities. It is free to use by open source
> projects, and Git benefits from this, as well as Git for Windows. As is the
> case with many powerful tools, using Coverity comes with its own set of
> challenges, one of which being that submitting a build is quite laborious.
> ...
One thing that caught my eye was the asterisks around "22" that look
as if they were designed to confuse readers and cause them wonder if
there are other codes like 122 and 224 that we would also want to
catch there. Unless they know what the case statement replaced,
that is---the old code to match http_code that was scraped from a
text file may not have the code alone and may contain other cruft,
so it is entirely understandable, but the new one checks $? and
there is no reason other than to catch 122 and 224 to use *22*.
> -+ http_code="$(sed -n 1p <"$RUNNER_TEMP"/headers.txt)"
> -+ case "$http_code" in
> -+ *200*) ;; # okay
> -+ *401*) # access denied
> -+ echo "::error::incorrect token or project? ($http_code)" >&2
> + --fail \
> + --form token='${{ secrets.COVERITY_SCAN_TOKEN }}' \
> + --form project="$COVERITY_PROJECT" \
> +- --form md5=1) &&
> ++ --form md5=1)
> ++ case $? in
> ++ 0) ;; # okay
> ++ *22*) # 40x, i.e. access denied
> ++ echo "::error::incorrect token or project?" >&2
> + exit 1
> + ;;
> + *) # other error
> -+ echo "::error::HTTP error $http_code" >&2
> ++ echo "::error::Failed to retrieve MD5" >&2
> + exit 1
> + ;;
> + esac
Other than that, while I was watching from the sideline, I am very
happy to see that you, with Peff's constructive input, came up with
a new iteration that looks simpler and more consistent in its use of
curl.
Will replace but I may be tempted to edit those asterisks out myself
while queueing.
Thanks.
next prev parent reply other threads:[~2023-09-25 17:20 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-22 10:41 [PATCH 0/6] Add a GitHub workflow to submit builds to Coverity Scan Johannes Schindelin via GitGitGadget
2023-09-22 10:41 ` [PATCH 1/6] ci: add a GitHub workflow to submit Coverity scans Johannes Schindelin via GitGitGadget
2023-09-23 6:49 ` Jeff King
2023-09-25 11:52 ` Johannes Schindelin
2023-09-25 12:09 ` Jeff King
2023-09-22 10:41 ` [PATCH 2/6] coverity: cache the Coverity Build Tool Johannes Schindelin via GitGitGadget
2023-09-23 6:58 ` Jeff King
2023-09-25 11:52 ` Johannes Schindelin
2023-09-22 10:42 ` [PATCH 3/6] coverity: allow overriding the Coverity project Johannes Schindelin via GitGitGadget
2023-09-23 7:00 ` Jeff King
2023-09-25 11:52 ` Johannes Schindelin
2023-09-25 12:11 ` Jeff King
2023-09-26 14:02 ` Johannes Schindelin
2023-09-26 14:19 ` Junio C Hamano
2023-09-26 14:39 ` Jeff King
2023-09-26 16:50 ` Junio C Hamano
2023-09-26 14:45 ` Jeff King
2023-09-22 10:42 ` [PATCH 4/6] coverity: support building on Windows Johannes Schindelin via GitGitGadget
2023-09-23 7:03 ` Jeff King
2023-09-22 10:42 ` [PATCH 5/6] coverity: allow running on macOS Johannes Schindelin via GitGitGadget
2023-09-23 7:06 ` Jeff King
2023-09-25 11:52 ` Johannes Schindelin
2023-09-25 12:13 ` Jeff King
2023-09-22 10:42 ` [PATCH 6/6] coverity: detect and report when the token or project is incorrect Johannes Schindelin via GitGitGadget
2023-09-23 7:07 ` Jeff King
2023-09-25 11:52 ` Johannes Schindelin
2023-09-25 12:17 ` Jeff King
2023-09-25 11:50 ` [PATCH v2 0/6] Add a GitHub workflow to submit builds to Coverity Scan Johannes Schindelin via GitGitGadget
2023-09-25 11:50 ` [PATCH v2 1/6] ci: add a GitHub workflow to submit Coverity scans Johannes Schindelin via GitGitGadget
2023-09-25 11:50 ` [PATCH v2 2/6] coverity: cache the Coverity Build Tool Johannes Schindelin via GitGitGadget
2023-09-25 11:50 ` [PATCH v2 3/6] coverity: allow overriding the Coverity project Johannes Schindelin via GitGitGadget
2023-09-25 11:51 ` [PATCH v2 4/6] coverity: support building on Windows Johannes Schindelin via GitGitGadget
2023-09-25 11:51 ` [PATCH v2 5/6] coverity: allow running on macOS Johannes Schindelin via GitGitGadget
2023-09-25 11:51 ` [PATCH v2 6/6] coverity: detect and report when the token or project is incorrect Johannes Schindelin via GitGitGadget
2023-09-25 12:25 ` [PATCH v2 0/6] Add a GitHub workflow to submit builds to Coverity Scan Jeff King
2023-09-25 17:20 ` Junio C Hamano [this message]
2023-09-26 13:57 ` Johannes Schindelin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqy1guuq3w.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=gitgitgadget@gmail.com \
--cc=johannes.schindelin@gmx.de \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).