commit d343ba0b0f7554cad5141cd1b7a3a85e0446b950 parent d9feee06053d1f3c006de00b00dd5feb54ca75e5 Author: jvoisin <julien.voisin@dustri.org> Date: Sun, 20 Aug 2023 22:51:14 +0200 Add coverity analysis Diffstat:
| A | .github/workflows/coverity.yaml | | | 38 | ++++++++++++++++++++++++++++++++++++++ |
1 file changed, 38 insertions(+), 0 deletions(-)
diff --git a/.github/workflows/coverity.yaml b/.github/workflows/coverity.yaml @@ -0,0 +1,38 @@ +name: Coverity scan +on: + schedule: + - cron: '0 18 * * 1' # Weekly at 18:00 UTC on Mondays + +jobs: + latest: + runs-on: ubuntu-latest + container: debian:stable + steps: + - name: Checkout code + uses: actions/checkout@v3 + - name: Install dependencies + run: | + apt update + DEBIAN_FRONTEND=noninteractive apt install -y --no-install-recommends php-dev curl ca-certificates make gcc + - name: Download Coverity Build Tool + run: | + curl https://scan.coverity.com/download/linux64 --form token=$TOKEN --form project=jvoisin/fortify-headers -o cov-analysis-linux64.tar.gz + mkdir cov-analysis-linux64 + tar xzf cov-analysis-linux64.tar.gz --strip-components=1 -C cov-analysis-linux64 + env: + TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} + - name: Build with cov-build + run: ./cov-analysis-linux64/bin/cov-build --dir cov-int make -C tests gcc + - name: Submit the result to Coverity Scan + run: | + tar czf fortify-headers.tgz cov-int + curl \ + --form project=jvoisin/fortify-headers \ + --form token=$TOKEN \ + --form file=@fortify-headers.tgz \ + --form version=master \ + --form email=julien.voisin+coverity@dustri.org \ + --form description=master \ + https://scan.coverity.com/builds?project=jvoisin/fortify-headers + env: + TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}