.github/workflows/coverity.yml #14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
schedule: | |
- cron: '0 0 1,15 * *' | |
workflow_dispatch: | |
permissions: | |
contents: read | |
env: | |
COVERITY_SCAN_PROJECT_NAME: linuxwacom/xf86-input-wacom | |
COVERITY_SCAN_NOTIFICATION_EMAIL: [email protected] | |
COVERITY_SCAN_BUILD_COMMAND_PREPEND: | |
COVERITY_SCAN_BUILD_COMMAND: make | |
COVERITY_SCAN_BRANCH_PATTERN: .* | |
COVERITY_URL: https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh | |
COVERITY_SCAN_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} | |
jobs: | |
coverity: | |
runs-on: ubuntu-22.04 | |
environment: coverity | |
if: ${{ github.repository == '$COVERITY_SCAN_PROJECT_NAME' }} | |
steps: | |
- name: Checkout the repo | |
uses: actions/checkout@v3 | |
- name: Set up build environment / dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y --no-install-recommends \ | |
xutils-dev xserver-xorg-dev libx11-dev libxi-dev \ | |
libxrandr-dev libxinerama-dev libudev-dev | |
mkdir _build | |
- name: Coverity download | |
run: | | |
curl -fs "$COVERITY_URL" > coverity.sh | |
sed -i 's/"$status_code" != "201"/"$status_code" -lt 200 -o "$status_code" -ge 300/' coverity.sh | |
chmod +x coverity.sh | |
- name: Coverity build / upload | |
run: | | |
pushd _build > /dev/null | |
# We don't want our CFLAGS (especially -Werror) to apply at `configure` | |
# time so short-circuit our environment at that moment and provide the | |
# flags to `make` instead. Not doing so results in an incorrect config: | |
# 'checking for rint in -lm... no' because of a builtin-declaration-mismatch | |
# warning (error) in the auto-generated feature test. | |
CFLAGS="" ../autogen.sh --disable-silent-rules | |
bash ../coverity.sh | |
popd > /dev/null |