coverity-ss-action.yml

# example workflow for Coverity scans using the Black Duck Security Scan Action
# https://github.com/marketplace/actions/black-duck-security-scan
name: coverity-ss-action
on:
  push:
    branches: [ main, master, develop, stage, release ]
  pull_request:
    branches: [ main, master, develop, stage, release ]
  workflow_dispatch:
jobs:
  coverity:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout Source
      uses: actions/checkout@v4
    - name: Setup Java JDK
      uses: actions/setup-java@v4
      with:
        java-version: 17
        distribution: microsoft
        cache: maven
    - name: Coverity Scan
      uses: blackduck-inc/black-duck-security-scan@v2.0.0
      with:
        coverity_url: ${{ vars.COVERITY_URL }}
        coverity_user: ${{ secrets.COV_USER }}
        coverity_passphrase: ${{ secrets.COVERITY_PASSPHRASE }}
        coverity_policy_view: ${{ github.event_name != 'pull_request' && 'Outstanding Issues' || '' }}
        coverity_prComment_enabled: true
        github_token: ${{ secrets.GITHUB_TOKEN }}
        # coverity_local: true
        # include_diagnostics: true
#    - name: Save Logs
#      if: always()
#      uses: actions/upload-artifact@v4
#      with:
#        name: bridge-logs
#        path: ${{ github.workspace }}/.bridge
#        include-hidden-files: true