container: empty list of SARIF events for "push" events

[praiskup]

Fix ubiquitous 'github-code-scanning' PR message

We have to specify the 'push' target to avoid the message

| You have successfully added a new vcs-diff-lint configuration
| .github/workflows/python-diff-lint.yml:python-lint-job. As part of the
| setup process, we have scanned this repository and found no existing
| alerts. In the future, you will see all code scanning alerts on the
| repository Security tab.

... appearing in every single PR.  Without the 'push' trigger defined,
GitHub thinks that the linter action is being added in every single
pull-request.

Though, since the workflow is newly run for 'push' events, we have to do
some reasonable "no-op".  For the first implementation, we simply try to
generate an empty list of issues (therefore the container fix here).

For the vcs-diff-lint case, it doesn't make too much sense to do the
analysis on pushes.  At least not in the "basic" differential use-case
we have now.  We could e.g. do full-scan in the future if there was
demand for it.

So I'm fixing the example in README.md to define "push", too.  While on
it, move the 'if' statements down so the rules are slightly more
readable.

Related: redhat-plumbers-in-action/differential-shellcheck#215
Closes: #17
Closes: #16

[praiskup]

I am updating also the README.md file. Do you think the change still makes sense?

[jamacku]

I am updating also the README.md file. Do you think the change still makes sense?

Looks good

[praiskup]

Ok, tested.

PUSH event does the right thing, I think: https://github.com/fedora-copr/flask-whooshee/actions/runs/4616351572/jobs/8161253979 PR is weird, no "in-line" comments from GitHub: https://github.com/fedora-copr/flask-whooshee/pull/78

The problem with pull-requests doesn't seem to be related to this pull request?

[jamacku]

I think it might be related to the following error:

• https://github.com/fedora-copr/flask-whooshee/actions/runs/4616363421?pr=78

python-lint-job
unable to access 'https://github.com/fedora-copr/flask-whooshee/': Failed to connect to github.com port 443 after 7 ms: Connection refused

Could you please try to add permissions (security-events: write)?

[praiskup]

Well, that did not help. But there are some intermittent issues with GitHub now (my browser fails to load the web UI from time to time today). Perhaps that is related?

[jamacku]

I don't see a release with this change. Could it be the case for missing defects in PR UI?

[praiskup]

Well, nothing has changed in the action.yml file, and we point at the latest quay.io image. Do we need a new release tag?

[praiskup]

BTW, here it seemed to work: https://github.com/devexp-db/distgen/pull/132

[jamacku]

Well, nothing has changed in the action.yml file, and we point at the latest quay.io image. Do we need a new release tag?

Oh, I see. I didn't know that you use the latest container image. So then it's fine. It could really be some issue on the GitHub side.