-
Notifications
You must be signed in to change notification settings - Fork 95
70 lines (61 loc) · 2.4 KB
/
coverity-scan.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
name: Coverity Scan
on:
workflow_dispatch:
schedule:
- cron: '0 4 * * 1' ## every Monday morning
env:
COVERITY_SCAN_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
COVERITY_SCAN_EMAIL: ${{ secrets.COVERITY_SCAN_EMAIL }}
COVERITY_PROJECT: Dynamips
COV_TOOLS_DIR: ${{ github.workspace }}/cov-analysis-linux64
COV_BUILD_DIR: ${{ github.workspace }}/coverity-build
COV_RESULTS_DIR: cov-int
COV_RESULTS_FILE: analysis-results.tgz
jobs:
coverity_scan:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
- name: Set up environment
run: |
sudo apt-get -yq update
sudo apt-get -yq install libelf-dev libpcap0.8-dev
- name: Download and install Coverity Build Tool
run: |
wget -q https://scan.coverity.com/download/cxx/linux64 \
--post-data "token=${COVERITY_SCAN_TOKEN}&project=${COVERITY_PROJECT}" \
-O cov-analysis-linux64.tar.gz
mkdir ${COV_TOOLS_DIR}
tar xzf cov-analysis-linux64.tar.gz --strip 1 -C ${COV_TOOLS_DIR}
- name: Prepare CMake build
run: |
mkdir ${COV_BUILD_DIR}
cd ${COV_BUILD_DIR}
cmake ${CMAKE_BUILD_OPTIONS} ..
env:
CMAKE_BUILD_OPTIONS: "-DCMAKE_BUILD_TYPE=Release -DDYNAMIPS_CODE=both"
- name: Run Coverity Scan Analysis Tool
run: |
export PATH=${COV_TOOLS_DIR}/bin:$PATH
cd ${COV_BUILD_DIR}
cov-build --dir ${COV_RESULTS_DIR} make -j 2
cov-import-scm --dir ${COV_RESULTS_DIR} --scm git --log ${COV_RESULTS_DIR}/scm-log.txt 2>&1
- name: Upload Coverity Scan Analysis results
run: |
cd ${COV_BUILD_DIR}
tar czf ${COV_RESULTS_FILE} ${COV_RESULTS_DIR}
curl \
--form project=${COVERITY_PROJECT} \
--form token=${COVERITY_SCAN_TOKEN} \
--form email=${COVERITY_SCAN_EMAIL} \
--form file=@${COV_RESULTS_FILE} \
--form version=${GITHUB_SHA} \
--form description="GitHub Action - Coverity Scan" \
https://scan.coverity.com/builds?project=${COVERITY_PROJECT}
- name: Upload scan logs as artifacts
uses: actions/upload-artifact@v2
with:
name: scan-logs
path: |
${{ env.COV_BUILD_DIR }}/${{ env.COV_RESULTS_DIR }}/scm-log.txt
${{ env.COV_BUILD_DIR }}/${{ env.COV_RESULTS_DIR }}/build-log.txt