From 397288fc3c8be6d5dc6b31f7270d0754ce028100 Mon Sep 17 00:00:00 2001
From: Danilo Egea Gondolfo <danilo.egea.gondolfo@canonical.com>
Date: Thu, 10 Aug 2023 17:24:58 +0100
Subject: [PATCH] github: only run the coverity workflow on our repository

Also, build a version ID based on the latest tag + commit so we can
easily identify what revision was scanned.
---
 .github/workflows/coverity.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
index 24eb0f899..ad40408a4 100644
--- a/.github/workflows/coverity.yml
+++ b/.github/workflows/coverity.yml
@@ -6,6 +6,7 @@ on:
 
 jobs:
   coverity:
+    if: github.repository == 'canonical/netplan'
     runs-on: ubuntu-22.04
 
     steps:
@@ -29,4 +30,7 @@ jobs:
           tar czf netplan.tar.gz cov-int
       - name: Upload results
         run: |
-          curl --form token=${{ secrets.COVERITY_TOKEN }} --form email=${{ secrets.COVERITY_EMAIL }} --form file=@netplan.tar.gz --form version="0.106" --form description="Coverity scan" https://scan.coverity.com/builds?project=Netplan
+          TAG=$(git describe --tags $(git rev-list --tags --max-count=1))  # find latest (stable) tag
+          REV=$(git rev-parse --short HEAD)  # get current git revision
+          VER="$TAG+git~$REV"
+          curl --form token=${{ secrets.COVERITY_TOKEN }} --form email=${{ secrets.COVERITY_EMAIL }} --form file=@netplan.tar.gz --form version="${VER}" --form description="Coverity scan" https://scan.coverity.com/builds?project=Netplan