--- /dev/null
+---
+# vi: ts=2 sw=2 et:
+#
+name: Coverity
+
+on:
+ schedule:
+ # Run Coverity daily at midnight
+ - cron: '0 0 * * *'
+
+jobs:
+ build:
+ runs-on: ubuntu-20.04
+ if: github.repository == 'systemd/systemd'
+ env:
+ COVERITY_SCAN_BRANCH_PATTERN: "${{ github.ref}}"
+ COVERITY_SCAN_NOTIFICATION_EMAIL: ""
+ COVERITY_SCAN_PROJECT_NAME: "${{ github.repository }}"
+ # Set in repo settings -> secrets -> repository secrets
+ COVERITY_SCAN_TOKEN: "${{ secrets.COVERITY_SCAN_TOKEN }}"
+ CURRENT_REF: "${{ github.ref }}"
+ steps:
+ - name: Repository checkout
+ uses: actions/checkout@v1
+ # https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-commands-for-github-actions#setting-an-environment-variable
+ - name: Set the $COVERITY_SCAN_NOTIFICATION_EMAIL env variable
+ run: echo "COVERITY_SCAN_NOTIFICATION_EMAIL=$(git log -1 ${{ github.sha }} --pretty=\"%aE\")" >> $GITHUB_ENV
+ - name: Install Coverity tools
+ run: tools/get-coverity.sh
+ # Reuse the setup phase of the unit test script to avoid code duplication
+ - name: Install build dependencies
+ run: sudo -E .github/workflows/ubuntu-unit-tests.sh SETUP
+ # Preconfigure with meson to prevent Coverity from capturing meson metadata
+ - name: Preconfigure the build directory
+ run: meson cov-build -Dman=false
+ - name: Build
+ run: tools/coverity.sh build
+ - name: Upload the results
+ run: tools/coverity.sh upload
+++ /dev/null
----
-# vi: ts=2 sw=2 et:
-
-language: bash
-dist: bionic
-services:
- - docker
-
-env:
- global:
- - AUTHOR_EMAIL="$(git log -1 $TRAVIS_COMMIT --pretty=\"%aE\")"
- - CI_MANAGERS="$TRAVIS_BUILD_DIR/travis-ci/managers"
- - CI_TOOLS="$TRAVIS_BUILD_DIR/travis-ci/tools"
- - REPO_ROOT="$TRAVIS_BUILD_DIR"
-
-stages:
- # Run Coverity periodically instead of for each commit/PR
- - name: Coverity
- if: type = cron
-
-jobs:
- include:
- - stage: Coverity
- language: bash
- env:
- - FEDORA_RELEASE="31"
- - TOOL_BASE="/var/tmp/coverity-scan-analysis"
- - CONT_NAME="coverity-fedora-$FEDORA_RELEASE"
- - DOCKER_EXEC="docker exec -ti $CONT_NAME"
- - DOCKER_RUN="docker run -v $TOOL_BASE:$TOOL_BASE:rw --env-file .cov-env"
- # Coverity env variables
- - PLATFORM="$(uname)"
- - TOOL_ARCHIVE="/var/tmp/cov-analysis-$PLATFORM.tgz"
- - SCAN_URL="https://scan.coverity.com"
- - UPLOAD_URL="https://scan.coverity.com/builds"
- - COVERITY_SCAN_PROJECT_NAME="$TRAVIS_REPO_SLUG"
- - COVERITY_SCAN_NOTIFICATION_EMAIL="${AUTHOR_EMAIL}"
- - COVERITY_SCAN_BRANCH_PATTERN="$TRAVIS_BRANCH"
- # Encrypted COVERITY_SCAN_TOKEN env variable
- # Generated using `travis encrypt -r systemd/systemd COVERITY_SCAN_TOKEN=xxxx`
- - secure: "jKSz+Y1Mv8xMpQHh7g5lzW7E6HQGndFz/vKDJQ1CVShwFoyjV3Zu+MFS3UYKlh1236zL0Z4dvsYFx/b3Hq8nxZWCrWeZs2NdXgy/wh8LZhxwzcGYigp3sIA/cYdP5rDjFJO0MasNkl25/rml8+eZWz+8/xQic98UQHjSco/EOWtssoRcg0J0c4eDM7bGLfIQWE73NNY1Q1UtWjKmx1kekVrM8dPmHXJ9aERka7bmcbJAcKd6vabs6DQ5AfWccUPIn/EsRYqIJTRxJrFYU6XizANZ1a7Vwk/DWHZUEn2msxcZw5BbAMDTMx0TbfrNkKSHMHuvQUCu6KCBAq414i+LgkMfmQ2SWwKiIUsud1kxXX3ZPl9bxDv1HkvVdcniC/EM7lNEEVwm4meOnjuhI2lhOyOjmP3FTSlMHGP7xlK8DS2k9fqL58vn0BaSjwWgd+2+HuL2+nJmxcK1eLGzKqaostFxrk2Xs2vPZkUdV2nWY/asUrcWHml6YlWDn2eP83pfwxHYsMiEHY/rTKvxeVY+iirO/AphoO+eaYu7LvjKZU1Yx5Z4u/SnGWAiCH0yhMis0bWmgi7SCbw+sDd2uya+aoiLIGiB2ChW7hXHXCue/dif6/gLU7b+L8R00pQwnWdvKUPoIJCmZJYCluTeib4jpW+EmARB2+nR8wms2K9FGKM="
- before_install:
- - sudo apt-get -y -o Dpkg::Options::="--force-confnew" install docker-ce
- - docker --version
- install:
- # Install Coverity on the host
- - $CI_TOOLS/get-coverity.sh
- # Export necessary env variables for Coverity
- - env | grep -E "TRAVIS|COV|TOOL|URL" > .cov-env
- # Pull a Docker image and start a new container
- - $CI_MANAGERS/fedora.sh SETUP
- script:
- - set -e
- # Preconfigure with meson to prevent Coverity from capturing meson metadata
- - $DOCKER_EXEC meson cov-build -Dman=false
- # Run Coverity
- - $DOCKER_EXEC tools/coverity.sh build
- - $DOCKER_EXEC tools/coverity.sh upload
-
- - set +e
- after_script:
- - $CI_MANAGERS/fedora.sh CLEANUP
[ -z "$COVERITY_SCAN_BUILD_COMMAND" ] && echo "ERROR: COVERITY_SCAN_BUILD_COMMAND must be set" && exit 1
[ -z "$COVERITY_SCAN_TOKEN" ] && echo "ERROR: COVERITY_SCAN_TOKEN must be set" && exit 1
-# Do not run on pull requests
-if [ "${TRAVIS_PULL_REQUEST}" = "true" ]; then
- echo -e "\033[33;1mINFO: Skipping Coverity Analysis: branch is a pull request.\033[0m"
- exit 0
-fi
-
# Verify this branch should run
-if [[ "${TRAVIS_BRANCH^^}" =~ "${COVERITY_SCAN_BRANCH_PATTERN^^}" ]]; then
- echo -e "\033[33;1mCoverity Scan configured to run on branch ${TRAVIS_BRANCH}\033[0m"
+if [[ "${CURRENT_REF^^}" =~ "${COVERITY_SCAN_BRANCH_PATTERN^^}" ]]; then
+ echo -e "\033[33;1mCoverity Scan configured to run on branch ${CURRENT_REF}\033[0m"
else
- echo -e "\033[33;1mCoverity Scan NOT configured to run on branch ${TRAVIS_BRANCH}\033[0m"
+ echo -e "\033[33;1mCoverity Scan NOT configured to run on branch ${CURRENT_REF}\033[0m"
exit 1
fi
projects / thirdparty / systemd.git / commitdiff
