Skip to content
Coverity scan

Coverity scan #38

Sign in to view logs

Coverity scan

Coverity scan #38

Workflow file for this run

.github/workflows/coverity.yaml at 3375426
name: Coverity scan
on:
schedule:
- cron: '0 18 * * 1' # Weekly at 18:00 UTC on Mondays
jobs:
latest:
runs-on: ubuntu-latest
container: debian:stable
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Install dependencies
run: |
apt update
DEBIAN_FRONTEND=noninteractive apt install -y --no-install-recommends curl ca-certificates make wget
- name: Cache musl toolchain
uses: actions/cache@v3
id: cache-musl
with:
path: x86_64-linux-musl-native
key: musl
- name: Downloading musl-based toolchain
if: steps.cache-musl.outputs.cache-hit != 'true'
run: wget --quiet https://musl.cc/x86_64-linux-musl-native.tgz
- name: Extracting musl-based toolchain
if: steps.cache-musl.outputs.cache-hit != 'true'
run: tar xzf ./x86_64-linux-musl-native.tgz
- name: Download Coverity Build Tool
run: |
curl https://scan.coverity.com/download/linux64 --form token=$TOKEN --form project=jvoisin/fortify-headers -o cov-analysis-linux64.tar.gz
mkdir cov-analysis-linux64
tar xzf cov-analysis-linux64.tar.gz --strip-components=1 -C cov-analysis-linux64
env:
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
- name: Build with cov-build
run: ./cov-analysis-linux64/bin/cov-build --dir cov-int make -C tests gcc
- name: Submit the result to Coverity Scan
run: |
tar czf fortify-headers.tgz cov-int
curl \
--form project=jvoisin/fortify-headers \
--form token=$TOKEN \
--form file=@fortify-headers.tgz \
--form version=master \
--form email=julien.voisin+coverity@dustri.org \
--form description=master \
https://scan.coverity.com/builds?project=jvoisin/fortify-headers
env:
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}