--- /dev/null
+---
+name: Trigger specific coverity scan
+
+on:
+ workflow_dispatch:
+ inputs:
+ product:
+ description: Product to build
+ type: choice
+ options:
+ - authoritative
+ - recursor
+ - dnsdist
+
+permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
+ contents: read
+
+jobs:
+ call-coverity:
+ uses: PowerDNS/pdns/.github/workflows/coverity.yml@master
+ with:
+ product: ${{ github.event.inputs.product }}
+ secrets:
+ COVERITY_TOKEN: ${{ secrets.COVERITY_TOKEN }}
+ COVERITY_EMAIL: ${{ secrets.COVERITY_EMAIL }}
--- /dev/null
+---
+name: Coverity scan
+
+on:
+ workflow_call:
+ inputs:
+ product:
+ required: true
+ description: Product to build
+ type: string
+ secrets:
+ COVERITY_TOKEN:
+ required: true
+ COVERITY_EMAIL:
+ required: true
+
+permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
+ contents: read
+
+env:
+ CLANG_VERSION: '12'
+
+jobs:
+ coverity-auth:
+ name: coverity scan of the auth
+ if: ${{ inputs.product == 'authoritative' }}
+ runs-on: ubuntu-22.04
+ env:
+ COVERITY_TOKEN: ${{ secrets.COVERITY_TOKEN }}
+ FUZZING_TARGETS: no
+ SANITIZERS:
+ UNIT_TESTS: no
+ steps:
+ - uses: PowerDNS/pdns/set-ubuntu-mirror@meta
+ - uses: actions/checkout@v4
+ with:
+ fetch-depth: 5
+ submodules: recursive
+ - uses: actions/setup-python@v5
+ with:
+ python-version: '3.11'
+ - run: build-scripts/gh-actions-setup-inv-no-dist-upgrade
+ - run: inv install-clang
+ - run: inv install-auth-build-deps
+ - run: inv install-coverity-tools PowerDNS
+ - run: inv coverity-clang-configure
+ - run: inv ci-autoconf
+ - run: inv ci-auth-configure
+ - run: inv coverity-make
+ - run: inv coverity-tarball auth.tar.bz2
+ - run: inv coverity-upload ${{ secrets.COVERITY_EMAIL }} PowerDNS auth.tar.bz2
+
+ coverity-dnsdist:
+ name: coverity scan of dnsdist
+ if: ${{ inputs.product == 'dnsdist' }}
+ runs-on: ubuntu-22.04
+ env:
+ COVERITY_TOKEN: ${{ secrets.COVERITY_TOKEN }}
+ SANITIZERS:
+ UNIT_TESTS: no
+ REPO_HOME: ${{ github.workspace }}
+ steps:
+ - uses: PowerDNS/pdns/set-ubuntu-mirror@meta
+ - uses: actions/checkout@v4
+ with:
+ fetch-depth: 5
+ submodules: recursive
+ - uses: actions/setup-python@v5
+ with:
+ python-version: '3.11'
+ - run: build-scripts/gh-actions-setup-inv-no-dist-upgrade
+ - run: inv install-clang
+ - run: inv install-dnsdist-build-deps --skipXDP
+ - run: inv install-coverity-tools dnsdist
+ - run: inv coverity-clang-configure
+ - run: inv ci-autoconf
+ working-directory: ./pdns/dnsdistdist/
+ - run: inv ci-install-rust ${{ env.REPO_HOME }}
+ working-directory: ./pdns/dnsdistdist/
+ - run: inv ci-build-and-install-quiche ${{ env.REPO_HOME }}
+ working-directory: ./pdns/dnsdistdist/
+ - run: inv ci-dnsdist-configure full
+ working-directory: ./pdns/dnsdistdist/
+ - run: inv coverity-make
+ working-directory: ./pdns/dnsdistdist/
+ - run: inv coverity-tarball dnsdist.tar.bz2
+ working-directory: ./pdns/dnsdistdist/
+ - run: inv coverity-upload ${{ secrets.COVERITY_EMAIL }} dnsdist dnsdist.tar.bz2
+ working-directory: ./pdns/dnsdistdist/
+
+ coverity-rec:
+ name: coverity scan of the rec
+ if: ${{ inputs.product == 'recursor' }}
+ runs-on: ubuntu-22.04
+ env:
+ COVERITY_TOKEN: ${{ secrets.COVERITY_TOKEN }}
+ SANITIZERS:
+ UNIT_TESTS: no
+ steps:
+ - uses: PowerDNS/pdns/set-ubuntu-mirror@meta
+ - uses: actions/checkout@v4
+ with:
+ fetch-depth: 5
+ submodules: recursive
+ - uses: actions/setup-python@v5
+ with:
+ python-version: '3.11'
+ - run: build-scripts/gh-actions-setup-inv-no-dist-upgrade
+ - run: inv install-clang
+ - run: inv install-rec-build-deps
+ - run: inv install-coverity-tools 'PowerDNS+Recursor'
+ - run: inv coverity-clang-configure
+ - run: inv ci-autoconf
+ working-directory: ./pdns/recursordist/
+ - run: inv ci-rec-configure full
+ working-directory: ./pdns/recursordist/
+ - run: inv coverity-make
+ working-directory: ./pdns/recursordist/
+ - run: inv coverity-tarball recursor.tar.bz2
+ working-directory: ./pdns/recursordist/
+ - run: inv coverity-upload ${{ secrets.COVERITY_EMAIL }} 'PowerDNS+Recursor' recursor.tar.bz2
+ working-directory: ./pdns/recursordist/
coverity-auth:
name: coverity scan of the auth
if: ${{ vars.SCHEDULED_MISC_DAILIES }}
- runs-on: ubuntu-22.04
- env:
- COVERITY_TOKEN: ${{ secrets.coverity_auth_token }}
- FUZZING_TARGETS: no
- SANITIZERS:
- UNIT_TESTS: no
- steps:
- - uses: PowerDNS/pdns/set-ubuntu-mirror@meta
- - uses: actions/checkout@v4
- with:
- fetch-depth: 5
- submodules: recursive
- - uses: actions/setup-python@v5
- with:
- python-version: '3.11'
- - run: build-scripts/gh-actions-setup-inv-no-dist-upgrade
- - run: inv install-clang
- - run: inv install-auth-build-deps
- - run: inv install-coverity-tools PowerDNS
- - run: inv coverity-clang-configure
- - run: inv ci-autoconf
- - run: inv ci-auth-configure
- - run: inv coverity-make
- - run: inv coverity-tarball auth.tar.bz2
- - run: inv coverity-upload ${{ secrets.coverity_email }} PowerDNS auth.tar.bz2
+ uses: PowerDNS/pdns/.github/workflows/coverity.yml@master
+ with:
+ product: 'authoritative'
+ secrets:
+ COVERITY_TOKEN: ${{ secrets.COVERITY_TOKEN }}
+ COVERITY_EMAIL: ${{ secrets.COVERITY_EMAIL }}
coverity-dnsdist:
name: coverity scan of dnsdist
if: ${{ vars.SCHEDULED_MISC_DAILIES }}
- runs-on: ubuntu-22.04
- env:
- COVERITY_TOKEN: ${{ secrets.coverity_dnsdist_token }}
- SANITIZERS:
- UNIT_TESTS: no
- REPO_HOME: ${{ github.workspace }}
- steps:
- - uses: PowerDNS/pdns/set-ubuntu-mirror@meta
- - uses: actions/checkout@v4
- with:
- fetch-depth: 5
- submodules: recursive
- - uses: actions/setup-python@v5
- with:
- python-version: '3.11'
- - run: build-scripts/gh-actions-setup-inv-no-dist-upgrade
- - run: inv install-clang
- - run: inv install-dnsdist-build-deps --skipXDP
- - run: inv install-coverity-tools dnsdist
- - run: inv coverity-clang-configure
- - run: inv ci-autoconf
- working-directory: ./pdns/dnsdistdist/
- - run: inv ci-install-rust ${{ env.REPO_HOME }}
- working-directory: ./pdns/dnsdistdist/
- - run: inv ci-build-and-install-quiche ${{ env.REPO_HOME }}
- working-directory: ./pdns/dnsdistdist/
- - run: inv ci-dnsdist-configure full
- working-directory: ./pdns/dnsdistdist/
- - run: inv coverity-make
- working-directory: ./pdns/dnsdistdist/
- - run: inv coverity-tarball dnsdist.tar.bz2
- working-directory: ./pdns/dnsdistdist/
- - run: inv coverity-upload ${{ secrets.coverity_email }} dnsdist dnsdist.tar.bz2
- working-directory: ./pdns/dnsdistdist/
+ uses: PowerDNS/pdns/.github/workflows/coverity.yml@master
+ with:
+ product: 'dnsdist'
+ secrets:
+ COVERITY_TOKEN: ${{ secrets.COVERITY_TOKEN }}
+ COVERITY_EMAIL: ${{ secrets.COVERITY_EMAIL }}
coverity-rec:
name: coverity scan of the rec
if: ${{ vars.SCHEDULED_MISC_DAILIES }}
- runs-on: ubuntu-22.04
- env:
- COVERITY_TOKEN: ${{ secrets.coverity_rec_token }}
- SANITIZERS:
- UNIT_TESTS: no
- steps:
- - uses: PowerDNS/pdns/set-ubuntu-mirror@meta
- - uses: actions/checkout@v4
- with:
- fetch-depth: 5
- submodules: recursive
- - uses: actions/setup-python@v5
- with:
- python-version: '3.11'
- - run: build-scripts/gh-actions-setup-inv-no-dist-upgrade
- - run: inv install-clang
- - run: inv install-rec-build-deps
- - run: inv install-coverity-tools 'PowerDNS+Recursor'
- - run: inv coverity-clang-configure
- - run: inv ci-autoconf
- working-directory: ./pdns/recursordist/
- - run: inv ci-rec-configure full
- working-directory: ./pdns/recursordist/
- - run: inv coverity-make
- working-directory: ./pdns/recursordist/
- - run: inv coverity-tarball recursor.tar.bz2
- working-directory: ./pdns/recursordist/
- - run: inv coverity-upload ${{ secrets.coverity_email }} 'PowerDNS+Recursor' recursor.tar.bz2
- working-directory: ./pdns/recursordist/
+ uses: PowerDNS/pdns/.github/workflows/coverity.yml@master
+ with:
+ product: 'recursor'
+ secrets:
+ COVERITY_TOKEN: ${{ secrets.COVERITY_TOKEN }}
+ COVERITY_EMAIL: ${{ secrets.COVERITY_EMAIL }}
projects / thirdparty / pdns.git / commitdiff
