Skip to content

Coverity Scan

Coverity Scan #723

Workflow file for this run

name: Coverity Scan
on:
push:
branches:
- coverity_scan
schedule:
- cron: '13 4 */2 * *'
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-20.04
env:
COVERITY_SCAN_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
COVERITY_SCAN_PROG_URL: https://scan.coverity.com/download/cxx/linux64
COVERITY_SCAN_PROJECT_NAME: sipwise/rtpengine
COVERITY_SCAN_NOTIFICATION_EMAIL: [email protected]
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Update APT cache
run: |
sudo apt-get update
- name: Get build dependencies
run: |
echo "Generating Debian source for usage on Ubuntu/focal / ubuntu-20.04"
cd pkg/deb/
./generator.sh
./backports/focal
rm -rf debian
mv focal debian
echo "Installing Debian packages"
sudo apt-get install -q -y --no-install-recommends git ca-certificates curl
sudo apt-get build-dep -q -y -Ppkg.ngcp-rtpengine.nobcg729 .
- name: Get coverity scan
run: |
curl -o cov-analysis.tgz \
$COVERITY_SCAN_PROG_URL \
--form project=$COVERITY_SCAN_PROJECT_NAME \
--form token=$COVERITY_SCAN_TOKEN
tar xfz cov-analysis.tgz
# We need to disable glib deprecation warnings, as coverity-scan does
# not support __attributes__ in enums.
- name: Analyze
run: |
DEB_BUILD_PROFILES="pkg.ngcp-rtpengine.nobcg729" \
CPPFLAGS="-DGLIB_DISABLE_DEPRECATION_WARNINGS" \
cov-analysis-*/bin/cov-build --dir cov-int make -j4 coverity
- name: Submit result
run: |
tar cfz cov-int.tar.gz cov-int
curl \
https://scan.coverity.com/builds?project=$COVERITY_SCAN_PROJECT_NAME \
--form token=$COVERITY_SCAN_TOKEN \
--form email=$COVERITY_SCAN_NOTIFICATION_EMAIL \
--form [email protected] \
--form version="`git describe --tags --always`" \
--form description="`git describe --tags --always` / $CI_COMMIT_TITLE / $CI_COMMIT_REF_NAME:$CI_PIPELINE_ID"