coverity-scan #239
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: coverity-scan | |
| on: | |
| push: | |
| branches: | |
| - coverity_scan | |
| schedule: | |
| - cron: '0 4 * * 2' # Tuesday at 4:00 UTC | |
| jobs: | |
| Coverity: | |
| if: github.repository == 'CESNET/UltraGrid' || github.event.schedule == null | |
| runs-on: ubuntu-latest | |
| env: | |
| SDK_URL: ${{ secrets.SDK_URL }} | |
| coverity_token: ${{ secrets.coverity_token }} | |
| steps: | |
| - name: Check Coverity token presence | |
| if: env.coverity_token == '' | |
| run: | | |
| echo "secrects.coverity_token not present, skipping the analysis!" | |
| exit 1 | |
| - name: Get Coverity tool name # the file name contains version and is used as the cache key | |
| id: tool | |
| run: | | |
| FILENAME=$(curl -LIf "https://scan.coverity.com/download/linux64\ | |
| ?token=$coverity_token&project=UltraGrid" | | |
| sed -n '/content-disposition/s/.*\"\(.*\)\"/\1/p') | |
| echo "filename=$FILENAME" >> $GITHUB_OUTPUT | |
| - name: Run actions/cache for Coverity build tool | |
| id: cache-coverity-tool | |
| uses: actions/cache@main | |
| with: | |
| path: ~/coverity_tool.tgz | |
| key: cache-coverity-tool-${{ steps.tool.outputs.filename }} | |
| - name: Download Coverity build tool | |
| if: steps.cache-coverity-tool.outputs.cache-hit != 'true' | |
| run: | | |
| wget --no-verbose https://scan.coverity.com/download/linux64 --post-data "token=$coverity_token&project=UltraGrid" -O ~/coverity_tool.tgz | |
| - name: Extract Coverity build tool | |
| run: | | |
| tar xaf ~/coverity_tool.tgz | |
| mv cov-analysis* /tmp/cov-analysis | |
| - uses: actions/checkout@v4 | |
| - name: Fetch SDKs ETags | |
| id: etags | |
| run: | | |
| $GITHUB_WORKSPACE/.github/scripts/get-etag.sh ndi\ | |
| https://downloads.ndi.tv/SDK/NDI_SDK_Linux/\ | |
| Install_NDI_SDK_v6_Linux.tar.gz >> $GITHUB_OUTPUT | |
| - name: Run actions/cache for NDI | |
| id: cache-ndi | |
| uses: actions/cache@main | |
| with: | |
| path: /var/tmp/Install_NDI_SDK_Linux.tar.gz | |
| key: cache-ndi-${{ runner.os }}-${{ steps.etags.outputs.ndi }} | |
| - name: Download NDI | |
| if: steps.cache-ndi.outputs.cache-hit != 'true' | |
| run: "curl -Lf https://downloads.ndi.tv/SDK/NDI_SDK_Linux/\ | |
| Install_NDI_SDK_v6_Linux.tar.gz -o /var/tmp/Install_NDI_SDK_Linux.tar.gz" | |
| - name: Cache FFmpeg | |
| uses: actions/cache@main | |
| with: | |
| path: '/var/tmp/ffmpeg' | |
| key: cache-${{ github.workflow }}-ffmpeg-${{ runner.os }}-${{ hashFiles( '.github/scripts/Linux/install_ffmpeg.sh', '.github/scripts/Linux/install_other.sh', '.github/scripts/Linux/ffmpeg-patches/*') }} | |
| - name: Cache SDL | |
| uses: actions/cache@main | |
| with: | |
| path: '/var/tmp/sdl' | |
| key: cache-${{ github.workflow }}-sdl-${{ runner.os }}-${{ hashFiles( '.github/scripts/Linux/install_sdl.sh' ) }} | |
| - name: Cache GLFW | |
| uses: actions/cache@main | |
| with: | |
| path: '/var/tmp/glfw' | |
| key: cache-${{ github.workflow }}-glfw-${{ runner.os }}-${{ hashFiles( '.github/scripts/Linux/install_glfw.sh' ) }} | |
| - name: bootstrap | |
| run: | | |
| . .github/scripts/environment.sh | |
| .github/scripts/Linux/prepare.sh | |
| - name: configure | |
| run: ./autogen.sh $FEATURES | |
| - name: Build with cov-build | |
| run: | | |
| /tmp/cov-analysis/bin/cov-build --dir cov-int make -j2 | |
| - name: Submit the result to Coverity Scan | |
| run: | | |
| tar caf ultragrid.tar.xz cov-int | |
| result=$(curl -Sf --form token=$coverity_token \ | |
| --form [email protected] \ | |
| --form [email protected] \ | |
| --form version="$(date +%F)" \ | |
| --form description="master build" \ | |
| https://scan.coverity.com/builds?project=UltraGrid) | |
| echo "$result" | |
| if ! expr "$result" : 'Build successfully submitted.' >/dev/null; then | |
| exit 1 | |
| fi | |
| # vi: set expandtab sw=2: |