search

mongodb / laravel-mongodb

A MongoDB based Eloquent model and Query builder for Laravel (Moloquent)
https://www.mongodb.com/compatibility/mongodb-laravel-integration
MIT License
6.96k stars 1.42k forks source link

Upload code scanning results to correct ref when releasing #3006

Closed alcaeus closed 2 weeks ago

alcaeus commented 2 weeks ago

Same issue as with https://github.com/mongodb/mongo-php-library/pull/1346.

When running the static analysis workflow from the release workflow, the github.ref and github.sha point to the release branch instead of the release tag. We have to account for this when uploading the sarif. Using inputs.ref works, but the sarif-upload action also expects a sha input when ref is given. To account for this, we get the ref for HEAD on workflow_dispatch events so the code scanning results are correctly attached to the release tag.

alcaeus commented 2 weeks ago

Note: fixed a wrong filename due to copy/paste. The PHPStan workflow should now pass again.