56 lines (48 loc) · 1.79 KB
/
coverity.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
name: Coverity
on:
push:
branches:
- master
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Download Coverity Build Tool
run: |
wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=lxc/lxc" -O cov-analysis-linux64.tar.gz
mkdir cov-analysis-linux64
tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64
env:
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
- name: Install dependencies
run: |
sudo apt-get update -qq
sudo apt-get install -qq gcc clang
sudo apt-get install -qq libapparmor-dev libcap-dev libseccomp-dev libselinux1-dev linux-libc-dev docbook2x
- name: Run coverity
run: |
# Configure
export PATH="$(pwd)/cov-analysis-linux64/bin:${PATH}"
export CFLAGS="-Wall -Werror"
export LDFLAGS="-pthread -lpthread"
./autogen.sh
BUILD="$(pwd)/build"
mkdir -p "${BUILD}"
cd "${BUILD}"
../configure --enable-coverity-build --enable-tests --with-distro=unknown --disable-rpath --enable-tests --enable-memfd-rexec --enable-seccomp --enable-static --enable-werror
# Build
cov-build --dir cov-int make -j4
tar czvf lxc.tgz cov-int
# Submit the results
curl \
--form project=lxc/lxc \
--form token=${TOKEN} \
--form email=lxc-devel@lists.linuxcontainers.org \
--form file=@lxc.tgz \
--form version=master \
--form description="${GITHUB_SHA}" \
https://scan.coverity.com/builds?project=lxc/lxc
env:
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}