diff options
Diffstat (limited to '.github/workflows/coverity.yml')
| -rw-r--r-- | .github/workflows/coverity.yml | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml new file mode 100644 index 0000000..35f1ea5 --- /dev/null +++ b/.github/workflows/coverity.yml @@ -0,0 +1,63 @@ +name: coverity + +on: + schedule: + # every day at 9:00 UTC + - cron: '0 9 * * *' + +env: + CORES: 2 + BUILD_MODE: normal + GPG_VERSION: stable + RNP_TESTS: '' + USE_STATIC_DEPENDENCIES: yes + +jobs: + scan: + runs-on: ubuntu-latest + timeout-minutes: 20 + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 1 + submodules: true + - name: Setup environment + run: | + . ci/gha/setup-env.inc.sh + ci/install_noncacheable_dependencies.sh + - name: Cache + id: cache + uses: actions/cache@v3 + with: + path: ${{ env.CACHE_DIR }} + key: ${{ github.workflow }}-${{ runner.os }}-${{ env.BUILD_MODE }}-gpg-${{ env.GPG_VERSION }}-${{ hashFiles('ci/**') }}-${{ hashFiles('.github/workflows/**') }} + - name: Build cache + if: steps.cache.outputs.cache-hit != 'true' + run: | + set -x + ci/install_cacheable_dependencies.sh botan jsonc + - name: Download Coverity + env: + TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} + run: | + wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=$GITHUB_REPOSITORY" -O cov-analysis-linux64.tar.gz + mkdir cov-analysis-linux64 + tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64 + - name: Build + run: | + set -x + export PATH="$PWD/cov-analysis-linux64/bin:$PATH" + cov-build --dir cov-int ci/main.sh + - name: Submit + env: + TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} + run: | + tar czvf results.tgz cov-int + curl \ + --form project=$GITHUB_REPOSITORY \ + --form token=$TOKEN \ + --form email=packaging@ribose.com \ + --form file=@results.tgz \ + --form version=$GITHUB_REF \ + --form description=$GITHUB_SHA \ + https://scan.coverity.com/builds?project=$GITHUB_REPOSITORY |