Welcome to mirror list, hosted at ThFree Co, Russian Federation.

coverity.yml « workflows « .github - github.com/dosbox-staging/dosbox-staging.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/.github/workflows/coverity.yml
blob: 10c6c77b1464c6cc8f82a6fa432a577fde3fd96c (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

name: Coverity Scan analysis

on:
  push:
    branches:
      - main

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

env:
  COVERITY_EMAIL: ${{ secrets.CoverityEmail }}
  COVERITY_TOKEN: ${{ secrets.CoverityToken }}
  BASE_DIR: "/dev/shm"
  PACKAGE: "/dev/shm/coverity-package/coverity.tar.zst"
  PACKAGE_DIR: "/dev/shm/coverity-package"
  # Latest package: https://scan.coverity.com/download
  PACKAGE_VERSION: "2021.12.1"
  # One-time download, then lives in GitHub cache
  TARBALL_URL: "https://kcgen.duckdns.org/coverity.tar.zst"
  TARBALL_SHA256: "db872225984b588e178e42faecf597382d20e185c949512c93c485debd42d8d9"

jobs:
  coverity_scan:
    name: Coverity static analyzer
    runs-on: ubuntu-20.04
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
        with:
          submodules: false

      - run:  sudo apt-get update

      - name: Log and setup environment
        run: |
          ./scripts/log-env.sh
          mkdir -p "${PACKAGE_DIR}"

      - name: Install C++ compiler and dependencies
        run: |
          sudo apt-get install curl zstd clang $(cat packages/ubuntu-20.04-apt.txt)
          sudo pip3 install --upgrade meson ninja

      - name: Prepare the Coverity package cache
        uses: actions/cache@v3.0.11
        id: cache-coverity
        with:
          path: ${{ env.PACKAGE_DIR }}
          key: coverity-${{ env.PACKAGE_VERSION }}
      - name:  Fetch the Coverity package
        if:    steps.cache-coverity.outputs.cache-hit != 'true'
        run:   curl -L "${TARBALL_URL}" > "${PACKAGE}"

      - name: Install the Coverity package
        run: |
          set -xeuo pipefail
          tee >(tar -I zstd -C "${BASE_DIR}" -x) < "${PACKAGE}" \
          | sha256sum -c <(echo "${TARBALL_SHA256} -" )

      - name: Build and instrument the project
        run: |
          set -xeu
          CC="clang" CXX="clang++" meson setup \
          -Dbuildtype=debug \
          -Dunit_tests=disabled \
          -Dsystem_libraries=speexdsp \
          -Duse_alsa=false \
          -Duse_fluidsynth=false \
          -Duse_mt32emu=false \
          -Duse_opengl=false \
          -Duse_png=false \
          -Duse_sdl2_net=false \
          -Duse_slirp=false \
          build
          PATH="${BASE_DIR}/cov-analysis-linux64-${PACKAGE_VERSION}/bin:${PATH}"
          cov-build --dir cov-int meson compile -C build
          tar -cvaf package.tar.gz cov-int

      - name: Upload the package to Coverity
        run: |
          curl \
          --form token="${COVERITY_TOKEN}" \
          --form email="${COVERITY_EMAIL}" \
          --form file=@package.tar.gz \
          --form version="${GITHUB_REF}" \
          --form description="${GITHUB_REPOSITORY}" \
          "https://scan.coverity.com/builds?project=dosbox-staging"
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-05 05:42:52 +0300