Skip to content

coverity-scan

coverity-scan #189

Workflow file for this run

name: coverity-scan
on:
schedule:
- cron: '0 20 * * *' # Daily at 20:00 UTC
workflow_dispatch:
jobs:
latest:
runs-on: ubuntu-latest
steps:
- name: Check submission cache
id: check_submit
uses: actions/cache/restore@v3
with:
path: |
cov-int
key: check-submit-${{ github.sha }}
- name: Install dependencies
if: steps.check_submit.outputs.cache-hit != 'true'
run: sudo apt update && sudo apt install -y libcap-dev libjsoncpp-dev liblzo2-dev liblz4-dev libssl-dev swig
- name: Checkout OpenVPN 3
if: steps.check_submit.outputs.cache-hit != 'true'
uses: actions/checkout@v3
with:
path: openvpn3
- name: Checkout asio
if: steps.check_submit.outputs.cache-hit != 'true'
uses: actions/checkout@v3
with:
repository: chriskohlhoff/asio
path: asio
ref: asio-1-28-0
- name: Checkout xxHash
if: steps.check_submit.outputs.cache-hit != 'true'
uses: actions/checkout@v3
with:
repository: Cyan4973/xxHash
path: xxHash
ref: v0.8.2
- uses: lukka/get-cmake@latest
if: steps.check_submit.outputs.cache-hit != 'true'
- name: Download Coverity Build Tool
if: steps.check_submit.outputs.cache-hit != 'true'
run: |
wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=OpenVPN%2Fopenvpn3" -O cov-analysis-linux64.tar.gz
mkdir cov-analysis-linux64
tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64
env:
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
- name: CMake configure
if: steps.check_submit.outputs.cache-hit != 'true'
run: cmake -S openvpn3 -B cmake -DDEP_DIR=$PWD -GNinja
- name: Build with cov-build
if: steps.check_submit.outputs.cache-hit != 'true'
run: |
PATH=`pwd`/cov-analysis-linux64/bin:$PATH
cov-build --dir cov-int cmake --build cmake
- name: Submit the result to Coverity Scan
if: steps.check_submit.outputs.cache-hit != 'true'
run: |
tar czvf openvpn.tgz cov-int
curl --form token=$TOKEN \
--form email=$EMAIL \
--form file=@openvpn.tgz \
--form version="$GITHUB_SHA" \
--form description="master" \
https://scan.coverity.com/builds?project=OpenVPN%2Fopenvpn3
env:
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
EMAIL: ${{ secrets.COVERITY_SCAN_EMAIL }}
- name: Cache submission
if: steps.check_submit.outputs.cache-hit != 'true'
uses: actions/cache/save@v3
with:
path: |
cov-int
key: ${{ steps.check_submit.outputs.cache-primary-key }}