.github/workflows/coverity.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

# GitHub actions workflow.
# https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions

# https://scan.coverity.com/projects/gentoo-pax-utils
name: Coverity Scan

on:
  push:
    branches: [master]

jobs:
  coverity:
    strategy:
      matrix:
        os: [ubuntu-latest]
        cc: [gcc]
    runs-on: ${{ matrix.os }}
    env:
      COVERITY_EMAIL: vapier@gentoo.org
      COVERITY_PROJECT: gentoo%2Fpax-utils
      CC: ${{ matrix.cc }}
    steps:
    - uses: actions/checkout@v2

    - name: Download Coverity Build Tool
      run: |
        wget -nv https://scan.coverity.com/download/cxx/linux64 \
          --post-data "token=${TOKEN}&project=${COVERITY_PROJECT}" \
          -O cov-analysis-linux64.tar.gz
        mkdir cov-analysis
        tar -xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis
      env:
        TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}

    - name: Build with cov-build
      run: |
        export PATH="${PWD}/cov-analysis/bin:${PATH}"
        cov-build --dir cov-int make

    - name: Submit the result to Coverity Scan
      run: |
        tar -czvf cov-int.tgz cov-int
        curl \
          --form project="${COVERITY_PROJECT}" \
          --form token="${TOKEN}" \
          --form email="${COVERITY_EMAIL}" \
          --form file=@cov-int.tgz \
          --form version="${GITHUB_SHA}" \
          --form description="pax-utils git" \
          "https://scan.coverity.com/builds?project=${COVERITY_PROJECT}"
      env:
        TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}