Add coverity analysis

author: jvoisin 2023-08-20 22:51:14 +0200
committer: jvoisin 2023-08-21 13:31:15 +0200
commit: d343ba0b0f7554cad5141cd1b7a3a85e0446b950 (patch)
tree: caf39db47b436addb596a7534fcf378440c0088d /.github
parent: d9feee06053d1f3c006de00b00dd5feb54ca75e5 (diff)
1 files changed, 38 insertions, 0 deletions
diff --git a/.github/workflows/coverity.yaml b/.github/workflows/coverity.yaml
new file mode 100644
index 0000000..5ea99c9
--- /dev/null
+++ b/.github/workflows/coverity.yaml
@@ -0,0 +1,38 @@
+name: Coverity scan
+on:
+  schedule:
+    - cron: '0 18 * * 1' # Weekly at 18:00 UTC on Mondays
+jobs:
+  latest:
+    runs-on: ubuntu-latest
+    container: debian:stable
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+      - name: Install dependencies
+        run: |
+          apt update
+          DEBIAN_FRONTEND=noninteractive apt install -y --no-install-recommends php-dev curl ca-certificates make gcc
+      - name: Download Coverity Build Tool
+        run: |
+          curl https://scan.coverity.com/download/linux64 --form token=$TOKEN --form project=jvoisin/fortify-headers -o cov-analysis-linux64.tar.gz
+          mkdir cov-analysis-linux64
+          tar xzf cov-analysis-linux64.tar.gz --strip-components=1 -C cov-analysis-linux64
+        env:
+          TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
+      - name: Build with cov-build
+        run: ./cov-analysis-linux64/bin/cov-build --dir cov-int make -C tests gcc
+      - name: Submit the result to Coverity Scan
+        run: |
+          tar czf fortify-headers.tgz cov-int
+          curl \
+            --form project=jvoisin/fortify-headers \
+            --form token=$TOKEN \
+            --form file=@fortify-headers.tgz \
+            --form version=master \
+            --form email=julien.voisin+coverity@dustri.org \
+            --form description=master \
+            https://scan.coverity.com/builds?project=jvoisin/fortify-headers
+        env:
+          TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
author	jvoisin	2023-08-20 22:51:14 +0200
committer	jvoisin	2023-08-21 13:31:15 +0200
commit	d343ba0b0f7554cad5141cd1b7a3a85e0446b950 (patch)
tree	caf39db47b436addb596a7534fcf378440c0088d /.github
parent	d9feee06053d1f3c006de00b00dd5feb54ca75e5 (diff)

diff --git a/.github/workflows/coverity.yaml b/.github/workflows/coverity.yaml new file mode 100644 index 0000000..5ea99c9 --- /dev/null +++ b/.github/workflows/coverity.yaml
@@ -0,0 +1,38 @@
	1	name: Coverity scan
	2	on:
	3	schedule:
	4	- cron: '0 18 * * 1' # Weekly at 18:00 UTC on Mondays
	5
	6	jobs:
	7	latest:
	8	runs-on: ubuntu-latest
	9	container: debian:stable
	10	steps:
	11	- name: Checkout code
	12	uses: actions/checkout@v3
	13	- name: Install dependencies
	14	run: \|
	15	apt update
	16	DEBIAN_FRONTEND=noninteractive apt install -y --no-install-recommends php-dev curl ca-certificates make gcc
	17	- name: Download Coverity Build Tool
	18	run: \|
	19	curl https://scan.coverity.com/download/linux64 --form token=$TOKEN --form project=jvoisin/fortify-headers -o cov-analysis-linux64.tar.gz
	20	mkdir cov-analysis-linux64
	21	tar xzf cov-analysis-linux64.tar.gz --strip-components=1 -C cov-analysis-linux64
	22	env:
	23	TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
	24	- name: Build with cov-build
	25	run: ./cov-analysis-linux64/bin/cov-build --dir cov-int make -C tests gcc
	26	- name: Submit the result to Coverity Scan
	27	run: \|
	28	tar czf fortify-headers.tgz cov-int
	29	curl \
	30	--form project=jvoisin/fortify-headers \
	31	--form token=$TOKEN \
	32	--form file=@fortify-headers.tgz \
	33	--form version=master \
	34	--form email=julien.voisin+coverity@dustri.org \
	35	--form description=master \
	36	https://scan.coverity.com/builds?project=jvoisin/fortify-headers
	37	env:
	38	TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}