Land #896

author: Joshua Sing <joshua@hypera.dev> 2023-08-10 18:10:05 +1000
committer: Joshua Sing <joshua@hypera.dev> 2023-08-10 18:10:05 +1000
commit: cfe98db7ad573df0ae7981b673377fc1d4ccfd65 (patch)
tree: 8feffcf6303a8cfa8df0c451bf24da1609263f8d
parent: 61025c5a5e182f0487f4ce801f979798063b0ffc (diff)
parent: 30c240160d0054441d42b243f64db86b1606911d (diff)
download: portable-cfe98db7ad573df0ae7981b673377fc1d4ccfd65.tar.gz
portable-cfe98db7ad573df0ae7981b673377fc1d4ccfd65.tar.bz2
portable-cfe98db7ad573df0ae7981b673377fc1d4ccfd65.zip
1 files changed, 28 insertions, 10 deletions
diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
index bc0ee0d..85799f1 100644
--- a/.github/workflows/coverity.yml
+++ b/.github/workflows/coverity.yml
@@ -9,20 +9,38 @@ jobs:
  scan:
    runs-on: ubuntu-latest
    if: ${{ github.repository_owner == 'libressl' }}
-    env:
-      COVERITY_SCAN_PROJECT_NAME: 'libressl-portable/portable'
-      COVERITY_SCAN_BRANCH_PATTERN: '*'
-      COVERITY_SCAN_NOTIFICATION_EMAIL: 'libressl-security@openbsd.org'
-      COVERITY_SCAN_BUILD_COMMAND_PREPEND: "./autogen.sh && ./configure && make dist && tar zxf libressl-*.tar.gz && rm libressl-*.tar.gz && cd libressl-* && mkdir build-static && mkdir build-shared && cmake -GNinja -DBUILD_SHARED_LIBS=ON .."
-      COVERITY_SCAN_BUILD_COMMAND: "ninja"
    steps:
    - uses: actions/checkout@main
    - name: Install apt dependencies
      run: |
        sudo apt-get update
        sudo apt-get install -y cmake ninja-build
-    - name: Run Coverity Scan
+    - name: Download Coverity build tool
-      env:
-        COVERITY_SCAN_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
      run: |
-        curl -fsSL "https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh" | bash || true
+        wget -c -N https://scan.coverity.com/download/linux64 --post-data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=libressl-portable%2Fportable" -O coverity_tool.tar.gz
+        mkdir coverity_tool
+        tar xzf coverity_tool.tar.gz --strip 1 -C coverity_tool
+    - name: Configure
+      run: |
+        ./autogen.sh
+        ./configure
+        make dist
+        tar zxf libressl-*.tar.gz
+        rm libressl-*.tar.gz
+        cd libressl-*
+        mkdir build-static
+        mkdir build-shared 
+        cmake -GNinja -DBUILD_SHARED_LIBS=ON ..
+    - name: Build with Coverity build tool
+      run: |
+        export PATH=`pwd`/coverity_tool/bin:$PATH
+        cov-build --dir cov-int ninja
+    - name: Submit build result to Coverity Scan
+      run: |
+        tar czvf cov.tar.gz cov-int
+        curl --form token=${{ secrets.COVERITY_SCAN_TOKEN }} \
+          --form email=libressl-security@openbsd.org \
+          --form file=@cov.tar.gz \
+          --form version="Commit $GITHUB_SHA" \
+          --form description="Build submitted via CI" \
+          https://scan.coverity.com/builds?project=libressl-portable%2Fportable
author	Joshua Sing <joshua@hypera.dev>	2023-08-10 18:10:05 +1000
committer	Joshua Sing <joshua@hypera.dev>	2023-08-10 18:10:05 +1000
commit	cfe98db7ad573df0ae7981b673377fc1d4ccfd65 (patch)
tree	8feffcf6303a8cfa8df0c451bf24da1609263f8d
parent	61025c5a5e182f0487f4ce801f979798063b0ffc (diff)
parent	30c240160d0054441d42b243f64db86b1606911d (diff)
download	portable-cfe98db7ad573df0ae7981b673377fc1d4ccfd65.tar.gz portable-cfe98db7ad573df0ae7981b673377fc1d4ccfd65.tar.bz2 portable-cfe98db7ad573df0ae7981b673377fc1d4ccfd65.zip

diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml index bc0ee0d..85799f1 100644 --- a/.github/workflows/coverity.yml +++ b/.github/workflows/coverity.yml
@@ -9,20 +9,38 @@ jobs:
9	scan:	9	scan:
10	runs-on: ubuntu-latest	10	runs-on: ubuntu-latest
11	if: ${{ github.repository_owner == 'libressl' }}	11	if: ${{ github.repository_owner == 'libressl' }}
12	env:
13	COVERITY_SCAN_PROJECT_NAME: 'libressl-portable/portable'
14	COVERITY_SCAN_BRANCH_PATTERN: '*'
15	COVERITY_SCAN_NOTIFICATION_EMAIL: 'libressl-security@openbsd.org'
16	COVERITY_SCAN_BUILD_COMMAND_PREPEND: "./autogen.sh && ./configure && make dist && tar zxf libressl-.tar.gz && rm libressl-.tar.gz && cd libressl-* && mkdir build-static && mkdir build-shared && cmake -GNinja -DBUILD_SHARED_LIBS=ON .."
17	COVERITY_SCAN_BUILD_COMMAND: "ninja"
18	steps:	12	steps:
19	- uses: actions/checkout@main	13	- uses: actions/checkout@main
20	- name: Install apt dependencies	14	- name: Install apt dependencies
21	run: \|	15	run: \|
22	sudo apt-get update	16	sudo apt-get update
23	sudo apt-get install -y cmake ninja-build	17	sudo apt-get install -y cmake ninja-build
24	- name: Run Coverity Scan	18	- name: Download Coverity build tool
25	env:
26	COVERITY_SCAN_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
27	run: \|	19	run: \|
28	curl -fsSL "https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh" \| bash \|\| true	20	wget -c -N https://scan.coverity.com/download/linux64 --post-data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=libressl-portable%2Fportable" -O coverity_tool.tar.gz
		21	mkdir coverity_tool
		22	tar xzf coverity_tool.tar.gz --strip 1 -C coverity_tool
		23	- name: Configure
		24	run: \|
		25	./autogen.sh
		26	./configure
		27	make dist
		28	tar zxf libressl-*.tar.gz
		29	rm libressl-*.tar.gz
		30	cd libressl-*
		31	mkdir build-static
		32	mkdir build-shared
		33	cmake -GNinja -DBUILD_SHARED_LIBS=ON ..
		34	- name: Build with Coverity build tool
		35	run: \|
		36	export PATH=`pwd`/coverity_tool/bin:$PATH
		37	cov-build --dir cov-int ninja
		38	- name: Submit build result to Coverity Scan
		39	run: \|
		40	tar czvf cov.tar.gz cov-int
		41	curl --form token=${{ secrets.COVERITY_SCAN_TOKEN }} \
		42	--form email=libressl-security@openbsd.org \
		43	--form file=@cov.tar.gz \
		44	--form version="Commit $GITHUB_SHA" \
		45	--form description="Build submitted via CI" \
		46	https://scan.coverity.com/builds?project=libressl-portable%2Fportable