-
Notifications
You must be signed in to change notification settings - Fork 15
134 lines (121 loc) · 4.62 KB
/
coverity.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
name: Coverity Scan
# Based on https://github.com/arcaneframework/alien/blob/main/.github/workflows/coverity.yml
on:
schedule:
- cron: '12 0 * * *' # Tous les jours à 00:12.
# A executer lorsque l'on demande.
workflow_dispatch:
jobs:
build:
# The CMake configure and build commands are platform agnostic and should work equally
# well on Windows or Mac. You can convert this to a matrix build if you need
# cross-platform coverage.
# See: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
name: ubuntu coverity
runs-on: ubuntu-latest
container:
image: ghcr.io/arcaneframework/ubuntu-2404:gcc-14_full_20240717
steps:
- name: Display CPU Infos
shell: bash
run: |
cat /proc/cpuinfo
- name: Set C++ compiler and default MPI
shell: bash
run: |
source /root/scripts/use_openmpi.sh
source /root/scripts/use_gcc-14.sh
- name: Checkout
uses: actions/checkout@v4
with:
submodules: true
- name: Configure CMake
shell: 'bash'
# Configure CMake in a 'build' subdirectory. `C MAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make.
# See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type
run: |
cmake \
-B build \
-DCMAKE_BUILD_TYPE=Release \
-DCMAKE_C_COMPILER=gcc \
-DCMAKE_CXX_COMPILER=g++ \
-DARCCORE_CXX_STANDARD=20 \
-DARCANE_DEFAULT_PARTITIONER=Metis \
-DARCANE_DISABLE_PERFCOUNTER_TESTS=ON \
-DCMAKE_DISABLE_FIND_PACKAGE_SWIG=ON
# Setting up ccache from github cached files
- name: Prepare coverity
id: coverity-hash
# Disabled for `act`
if: ${{ !env.ACT }}
env:
COV_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
run: |
mkdir coverity-tool
curl https://scan.coverity.com/download/linux64 -o coverity-tool/md5-new \
-s --data "token=$COV_TOKEN&project=arcaneframework%2Fframework&md5=1"
echo "m_md5=$(cat coverity-tool/md5-new)" >> $GITHUB_ENV
- name: Restore cached files
uses: actions/cache@v4
# Disabled for `act`
if: ${{ !env.ACT }}
with:
path: coverity-tool
key: coverity-linux-${{ env.m_md5 }}
- name: Set up coverity
shell: bash
env:
COV_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
run: |
if cmp -s coverity-tool/md5-new coverity-tool/md5 ; then
echo "running from cache"
else
curl --silent https://scan.coverity.com/download/linux64 \
--data "token=${COV_TOKEN}&project=arcaneframework%2Fframework" \
| tar xz -C coverity-tool --strip-components=1
fi
cp coverity-tool/md5-new coverity-tool/md5
- name: Build with coverity
shell: bash
# Build, using cov-build and cov-int directory as output (mandatory)
run: |
export PATH="${PWD}/coverity-tool/bin:${PATH}"
cov-build --dir cov-int make -C build -j $(nproc)
- name: Upload log artifact
uses: actions/upload-artifact@v4
with:
name: coverity-artifact
path: cov-int/build-log.txt
retention-days: 3
- name: Install jq
shell: bash
run: |
apt-get update
apt-get install -y jq
- name: Submit results to Coverity Scan
shell: bash
env:
COV_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
COV_EMAIL: ${{ secrets.COVERITY_SCAN_EMAIL }}
run: |
tar -czvf cov-int.tgz cov-int
du -sh cov-int.tgz
curl -X POST \
-d version="${{ github.sha }}" \
-d description="${{ github.repository }} / ${{ github.ref }}" \
-d email="$COV_EMAIL" \
-d token="$COV_TOKEN" \
-d file_name="cov-int.tgz" \
-o response \
https://scan.coverity.com/projects/24734/builds/init
echo "::add-mask::$(jq -r '.url' response)"
echo "::add-mask::$(jq -r '.build_id' response)"
upload_url=$(jq -r '.url' response)
build_id=$(jq -r '.build_id' response)
curl -X PUT \
--header 'Content-Type: application/json' \
--upload-file cov-int.tgz \
$upload_url
curl -X PUT \
-d token="$COV_TOKEN" \
https://scan.coverity.com/projects/24734/builds/$build_id/enqueue