Skip to content

Commit

Permalink
Coverity workflow refactoring
Browse files Browse the repository at this point in the history
  • Loading branch information
maxirmx committed Oct 30, 2023
1 parent 05f59e9 commit 01f6e33
Showing 1 changed file with 18 additions and 45 deletions.
63 changes: 18 additions & 45 deletions .github/workflows/coverity.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,6 @@ on:
# every day at 9:00 UTC
- cron: '0 9 * * *'

env:
CORES: 2
BUILD_MODE: normal
GPG_VERSION: stable
RNP_TESTS: ''
USE_STATIC_DEPENDENCIES: yes

jobs:
scan:
runs-on: ubuntu-latest
Expand All @@ -21,43 +14,23 @@ jobs:
with:
fetch-depth: 1
submodules: true
- name: Setup environment
run: |
. ci/gha/setup-env.inc.sh
ci/install_noncacheable_dependencies.sh
- name: Cache
id: cache
uses: actions/cache@v3
with:
path: ${{ env.CACHE_DIR }}
key: ${{ github.workflow }}-${{ runner.os }}-${{ env.BUILD_MODE }}-gpg-${{ env.GPG_VERSION }}-${{ hashFiles('ci/**') }}-${{ hashFiles('.github/workflows/**') }}
- name: Build cache
if: steps.cache.outputs.cache-hit != 'true'
run: |
set -x
ci/install_cacheable_dependencies.sh botan jsonc
- name: Download Coverity
env:
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
run: |
wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=$GITHUB_REPOSITORY" -O cov-analysis-linux64.tar.gz
mkdir cov-analysis-linux64
tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64
- name: Build

- name: Install dependencies
run: |
set -x
export PATH="$PWD/cov-analysis-linux64/bin:$PATH"
cov-build --dir cov-int ci/main.sh
- name: Submit
env:
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
sudo apt-get -y update
sudo apt-get -y install cmake libjson-c-dev libbotan-2-dev asciidoctor
- name: Configure
run: |
tar czvf results.tgz cov-int
curl \
--form project=$GITHUB_REPOSITORY \
--form token=$TOKEN \
--form [email protected] \
--form [email protected] \
--form version=$GITHUB_REF \
--form description=$GITHUB_SHA \
https://scan.coverity.com/builds?project=$GITHUB_REPOSITORY
echo CORES="$(nproc --all)" >> $GITHUB_ENV
cmake -B build -DBUILD_SHARED_LIBS=ON \
-DCRYPTO_BACKEND=botan \
-DDOWNLOAD_GTEST=ON \
-DCMAKE_BUILD_TYPE=Release .
- name: Coverity Scan
uses: vapier/coverity-scan-action@v1
with:
email: [email protected]
token: ${{ secrets.COVERITY_SCAN_TOKEN }}
command: cmake --build build --parallel $CORES

0 comments on commit 01f6e33

Please sign in to comment.