From 58d8b0c028fa92dd9faa81e6804453bb7e0ce14e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Svensson?= Date: Wed, 6 Sep 2023 08:53:02 +0200 Subject: [PATCH] Use coverity-scan-action in CI Simplifies the CI job and adds a cache to avoid downloading the 1GB+ tool archive on every run. See: https://github.com/vapier/coverity-scan-action Only run this job when a commit is pushed to the default branch 2.0 (like when a PR is merged) since the required Coverity token/secret is not available when this job is triggered by forks. --- .github/workflows/coverity.yml | 34 +++++++++++----------------------- 1 file changed, 11 insertions(+), 23 deletions(-) diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml index cdc88f5..7ba136d 100644 --- a/.github/workflows/coverity.yml +++ b/.github/workflows/coverity.yml @@ -1,5 +1,7 @@ name: coverity -on: [push, pull_request] +on: + push: + branches: [2.0] jobs: analyze: @@ -7,27 +9,13 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - name: Download Coverity - run: | - cd .. - wget -q https://scan.coverity.com/download/linux64 --post-data "token=${{secrets.COVERITY_TOKEN}}&project=r3" -O coverity-linux64.tgz - mkdir coverity - tar xzf coverity-linux64.tgz --strip 1 -C coverity - echo "$(pwd)/coverity/bin" >> $GITHUB_PATH - - - name: Build with Coverity + - uses: actions/checkout@v3 + - name: Prepare run: | ./autogen.sh - ./configure --enable-check --enable-debug - cov-build --dir cov-int make V=1 - - - name: Submit the result to Coverity - run: | - tar czvf r3.tgz cov-int - curl \ - --form token=${{secrets.COVERITY_TOKEN}} \ - --form email=yoanlin93+github@gmail.com \ - --form file=@r3.tgz \ - --form version=${GITHUB_SHA} \ - https://scan.coverity.com/builds?project=r3 + ./configure --enable-check + - uses: vapier/coverity-scan-action@v1 + with: + project: r3 + email: yoanlin93+github@gmail.com + token: ${{ secrets.COVERITY_TOKEN }}