Coverity Scan #180
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Coverity Scan | |
on: | |
schedule: | |
- cron: '5 0 * * *' | |
workflow_dispatch: | |
env: | |
PROJECT_NAME: Infix | |
CONTACT_EMAIL: [email protected] | |
jobs: | |
coverity: | |
if: ${{github.repository_owner == 'kernelkit'}} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Fetch latest Coverity Scan MD5 | |
id: var | |
env: | |
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} | |
run: | | |
wget -q https://scan.coverity.com/download/cxx/linux64 \ | |
--post-data "token=$TOKEN&project=${PROJECT_NAME}&md5=1" \ | |
-O coverity-latest.tar.gz.md5 | |
echo "md5=$(cat coverity-latest.tar.gz.md5)" | tee -a $GITHUB_OUTPUT | |
- uses: actions/cache@v4 | |
id: cache | |
with: | |
path: coverity-latest.tar.gz | |
key: ${{ runner.os }}-coverity-${{ steps.var.outputs.md5 }} | |
restore-keys: | | |
${{ runner.os }}-coverity-${{ steps.var.outputs.md5 }} | |
${{ runner.os }}-coverity- | |
${{ runner.os }}-coverity | |
- name: Download Coverity Scan | |
env: | |
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} | |
run: | | |
if [ ! -f coverity-latest.tar.gz ]; then | |
wget -q https://scan.coverity.com/download/cxx/linux64 \ | |
--post-data "token=$TOKEN&project=${PROJECT_NAME}" \ | |
-O coverity-latest.tar.gz | |
else | |
echo "Latest Coverity Scan available from cache :-)" | |
md5sum coverity-latest.tar.gz | |
fi | |
mkdir coverity | |
tar xzf coverity-latest.tar.gz --strip 1 -C coverity | |
- name: Install dependencies | |
run: | | |
sudo apt-get -y update | |
sudo apt-get -y install pkg-config libjansson-dev libev-dev \ | |
libcrypt-dev libglib2.0-dev libpcre2-dev \ | |
libuev-dev libite-dev | |
- name: Build dependencies | |
run: | | |
git clone https://github.com/CESNET/libyang.git | |
mkdir libyang/build | |
(cd libyang/build && cmake .. && make all && sudo make install) | |
git clone https://github.com/sysrepo/sysrepo.git | |
mkdir sysrepo/build | |
(cd sysrepo/build && cmake .. && make all && sudo make install) | |
make dep | |
- name: Check applications | |
run: | | |
export PATH=`pwd`/coverity/bin:$PATH | |
cov-build --dir cov-int make check | |
- name: Submit results to Coverity Scan | |
env: | |
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} | |
run: | | |
tar czvf ${PROJECT_NAME}.tgz cov-int | |
curl \ | |
--form token=$TOKEN \ | |
--form email=${CONTACT_EMAIL} \ | |
--form file=@${PROJECT_NAME}.tgz \ | |
--form version=$(git rev-parse HEAD) \ | |
--form description="${PROJECT_NAME} $(git rev-parse HEAD)" \ | |
https://scan.coverity.com/builds?project=${PROJECT_NAME} | |
- name: Upload build.log | |
uses: actions/upload-artifact@v4 | |
with: | |
name: coverity-build.log | |
path: cov-int/build-log.txt |