forked from neomutt/neomutt
-
Notifications
You must be signed in to change notification settings - Fork 0
72 lines (61 loc) · 2.21 KB
/
coverity.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
name: Coverity
on:
schedule:
- cron: '0 3 * * 1'
# Mondays at 03:00
workflow_dispatch:
jobs:
build:
name: Coverity
runs-on: ubuntu-latest
container: ghcr.io/neomutt/docker-build
env:
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
OPTIONS: --autocrypt --bdb --disable-doc --disable-idn --fmemopen --gdbm --gnutls --gpgme --gss --idn2 --kyotocabinet --lmdb --lua --lz4 --mixmaster --notmuch --pcre2 --qdbm --rocksdb --sasl --tdb --tokyocabinet --with-lock=fcntl --zlib --zstd
COV_TOOLS: cov-tools
COV_RESULTS: cov-int
steps:
- name: Check Secret
run: |
[ -n "${{ secrets.COVERITY_SCAN_TOKEN }}" ]
- name: Checkout Code
uses: actions/checkout@v3
- name: Configure NeoMutt
run: ./configure $OPTIONS
- name: Download Coverity
run: |
wget --quiet https://scan.coverity.com/download/linux64 --post-data "token=$TOKEN&project=neomutt%2Fneomutt" -O "$COV_TOOLS.tar.gz"
mkdir "$COV_TOOLS"
tar xzf "$COV_TOOLS.tar.gz" --strip 1 -C "$COV_TOOLS"
ls -l "$COV_TOOLS"
- name: Build with Coverity
run: |
export PATH="$(pwd)/$COV_TOOLS/bin:$PATH"
cov-build --dir $COV_RESULTS make -j 2
# Filter out private info
sed -i '/TOKEN=/d' cov-int/build-log.txt
- name: Upload build log
uses: actions/upload-artifact@v3
with:
name: build-log
path: cov-int/build-log.txt
retention-days: 10
- name: Submit Results
run: |
tar -czf neomutt.tgz $COV_RESULTS
ls -lh neomutt.tgz
git config --global --add safe.directory "$GITHUB_WORKSPACE"
GIT_HASH="$(git rev-parse --short HEAD)"
echo "HASH: $GIT_HASH"
GIT_DESC="$(git log -n1 --format="%s" $GIT_HASH)"
echo "DESC: $GIT_DESC"
curl --fail --output curl.log \
--form token=$TOKEN \
--form [email protected] \
--form [email protected] \
--form version="$GIT_HASH" \
--form description="$GIT_DESC" \
https://scan.coverity.com/builds?project=neomutt%2Fneomutt
# If we go over quota, alert the user
cat curl.log
grep -qv "quota.*reached" curl.log || false