Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: Review CodeQL config #4133

Merged
merged 3 commits into from
Jan 18, 2023
Merged

chore: Review CodeQL config #4133

merged 3 commits into from
Jan 18, 2023

Conversation

JorTurFer
Copy link
Member

@JorTurFer JorTurFer commented Jan 17, 2023
edited
Loading

Signed-off-by: Jorge Turrado jorge_turrado@hotmail.es

I have split into 2 different workflows, the static analyzers because they need different triggers, in theory both can be executed with a regular pull_request trigger but semgrep still has secrets (the token), so makes sense to have it safely, but CodeQL doesn't use secrets so moving it from pull_request_target to pull_request helps for future changes.

I have added more rules to CodeQL, I'm not 100% sure if it will work or not, but I think so

Checklist

Fixes #4032

@JorTurFer JorTurFer force-pushed the code-ql branch 10 times, most recently from de97612 to 0915fe8 Compare January 17, 2023 23:46
@JorTurFer
use config vars
b185f81 
Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es>
@JorTurFer
split static analysis in 2 files with different triggers
e43c6cf 
Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es>
@JorTurFer JorTurFer marked this pull request as ready for review January 18, 2023 00:26
@JorTurFer JorTurFer requested a review from a team as a code owner January 18, 2023 00:26
@JorTurFer
update changelog
f721ace 
Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es>
@JorTurFer JorTurFer enabled auto-merge (squash) January 18, 2023 00:27
zroubalik
zroubalik approved these changes Jan 18, 2023
View reviewed changes
Copy link
Member

@zroubalik zroubalik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@JorTurFer JorTurFer merged commit a25f1a4 into kedacore:main Jan 18, 2023
@JorTurFer JorTurFer deleted the code-ql branch January 18, 2023 09:33
JorTurFer added a commit to JorTurFer/keda that referenced this pull request Jan 18, 2023
@JorTurFer
chore: Review CodeQL config (kedacore#4133)
e2ba940 
Fixes kedacore#4032
JorTurFer added a commit to JorTurFer/keda that referenced this pull request Jan 18, 2023
@JorTurFer
chore: Review CodeQL config (kedacore#4133)
831a787 
Fixes kedacore#4032

Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es>
JorTurFer added a commit that referenced this pull request Jan 18, 2023
@JorTurFer
feat: Use e2e testing infrastructure (#3753) (#4139)
fde94f9 
* feat: Use e2e testing infrastructure (#3753)

Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es>

* chore: Review CodeQL config (#4133)

Fixes #4032

Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es>

Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zroubalik zroubalik zroubalik approved these changes

Assignees
No one assigned
Labels
skip-e2e
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Review CodeQL rules and enable it on PRs
2 participants
@JorTurFer @zroubalik