From 01f6e33eed6b72f6064233dfd68de071b704b804 Mon Sep 17 00:00:00 2001 From: "Maxim [maxirmx] Samsonov" Date: Mon, 30 Oct 2023 21:00:45 +0300 Subject: [PATCH] Coverity workflow refactoring --- .github/workflows/coverity.yml | 63 ++++++++++------------------------ 1 file changed, 18 insertions(+), 45 deletions(-) diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml index 35f1ea5078..3e16728206 100644 --- a/.github/workflows/coverity.yml +++ b/.github/workflows/coverity.yml @@ -5,13 +5,6 @@ on: # every day at 9:00 UTC - cron: '0 9 * * *' -env: - CORES: 2 - BUILD_MODE: normal - GPG_VERSION: stable - RNP_TESTS: '' - USE_STATIC_DEPENDENCIES: yes - jobs: scan: runs-on: ubuntu-latest @@ -21,43 +14,23 @@ jobs: with: fetch-depth: 1 submodules: true - - name: Setup environment - run: | - . ci/gha/setup-env.inc.sh - ci/install_noncacheable_dependencies.sh - - name: Cache - id: cache - uses: actions/cache@v3 - with: - path: ${{ env.CACHE_DIR }} - key: ${{ github.workflow }}-${{ runner.os }}-${{ env.BUILD_MODE }}-gpg-${{ env.GPG_VERSION }}-${{ hashFiles('ci/**') }}-${{ hashFiles('.github/workflows/**') }} - - name: Build cache - if: steps.cache.outputs.cache-hit != 'true' - run: | - set -x - ci/install_cacheable_dependencies.sh botan jsonc - - name: Download Coverity - env: - TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} - run: | - wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=$GITHUB_REPOSITORY" -O cov-analysis-linux64.tar.gz - mkdir cov-analysis-linux64 - tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64 - - name: Build + + - name: Install dependencies run: | - set -x - export PATH="$PWD/cov-analysis-linux64/bin:$PATH" - cov-build --dir cov-int ci/main.sh - - name: Submit - env: - TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} + sudo apt-get -y update + sudo apt-get -y install cmake libjson-c-dev libbotan-2-dev asciidoctor + + - name: Configure run: | - tar czvf results.tgz cov-int - curl \ - --form project=$GITHUB_REPOSITORY \ - --form token=$TOKEN \ - --form email=packaging@ribose.com \ - --form file=@results.tgz \ - --form version=$GITHUB_REF \ - --form description=$GITHUB_SHA \ - https://scan.coverity.com/builds?project=$GITHUB_REPOSITORY + echo CORES="$(nproc --all)" >> $GITHUB_ENV + cmake -B build -DBUILD_SHARED_LIBS=ON \ + -DCRYPTO_BACKEND=botan \ + -DDOWNLOAD_GTEST=ON \ + -DCMAKE_BUILD_TYPE=Release . + + - name: Coverity Scan + uses: vapier/coverity-scan-action@v1 + with: + email: packaging@ribose.com + token: ${{ secrets.COVERITY_SCAN_TOKEN }} + command: cmake --build build --parallel $CORES