Coverity Scan #149

Workflow file for this run

.github/workflows/coverity.yml at a46d76a

	name: Coverity Scan
	# Based on https://github.com/arcaneframework/alien/blob/main/.github/workflows/coverity.yml

	on:
	schedule:
	- cron: '12 0 * * *' # Tous les jours à 00:12.
	# A executer lorsque l'on demande.
	workflow_dispatch:


	jobs:
	build:
	# The CMake configure and build commands are platform agnostic and should work equally
	# well on Windows or Mac. You can convert this to a matrix build if you need
	# cross-platform coverage.
	# See: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
	name: ubuntu coverity
	runs-on: ubuntu-latest
	container:
	image: ghcr.io/arcaneframework/ubuntu-2404:gcc-14_full_20240717
	steps:
	- name: Display CPU Infos
	shell: bash
	run: \|
	cat /proc/cpuinfo

	- name: Set C++ compiler and default MPI
	shell: bash
	run: \|
	source /root/scripts/use_openmpi.sh
	source /root/scripts/use_gcc-14.sh

	- name: Checkout
	uses: actions/checkout@v4
	with:
	submodules: true

	- name: Configure CMake
	shell: 'bash'
	# Configure CMake in a 'build' subdirectory. `C MAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make.
	# See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type
	run: \|
	cmake \
	-B build \
	-DCMAKE_BUILD_TYPE=Release \
	-DCMAKE_C_COMPILER=gcc \
	-DCMAKE_CXX_COMPILER=g++ \
	-DARCCORE_CXX_STANDARD=20 \
	-DARCANE_DEFAULT_PARTITIONER=Metis \
	-DARCANE_DISABLE_PERFCOUNTER_TESTS=ON \
	-DCMAKE_DISABLE_FIND_PACKAGE_SWIG=ON

	# Setting up ccache from github cached files
	- name: Prepare coverity
	id: coverity-hash
	# Disabled for `act`
	if: ${{ !env.ACT }}
	env:
	COV_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
	run: \|
	mkdir coverity-tool
	curl https://scan.coverity.com/download/linux64 -o coverity-tool/md5-new \
	-s --data "token=$COV_TOKEN&project=arcaneframework%2Fframework&md5=1"
	echo "m_md5=$(cat coverity-tool/md5-new)" >> $GITHUB_ENV

	- name: Restore cached files
	uses: actions/cache@v4
	# Disabled for `act`
	if: ${{ !env.ACT }}
	with:
	path: coverity-tool
	key: coverity-linux-${{ env.m_md5 }}

	- name: Set up coverity
	shell: bash
	env:
	COV_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
	run: \|
	if cmp -s coverity-tool/md5-new coverity-tool/md5 ; then
	echo "running from cache"
	else
	curl --silent https://scan.coverity.com/download/linux64 \
	--data "token=${COV_TOKEN}&project=arcaneframework%2Fframework" \
	\| tar xz -C coverity-tool --strip-components=1
	fi
	cp coverity-tool/md5-new coverity-tool/md5

	- name: Build with coverity
	shell: bash
	# Build, using cov-build and cov-int directory as output (mandatory)
	run: \|
	export PATH="${PWD}/coverity-tool/bin:${PATH}"
	cov-build --dir cov-int make -C build -j $(nproc)

	- name: Upload log artifact
	uses: actions/upload-artifact@v4
	with:
	name: coverity-artifact
	path: cov-int/build-log.txt
	retention-days: 3

	- name: Submit results to Coverity Scan
	shell: bash
	env:
	COV_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
	COV_EMAIL: ${{ secrets.COVERITY_SCAN_EMAIL }}
	run: \|
	tar -czvf cov-int.tgz cov-int
	curl \
	--form project="${{ inputs.project }}" \
	--form token="$COV_TOKEN" \
	--form email="$COV_EMAIL" \
	--form [email protected] \
	--form version="${{ github.sha }}" \
	--form description="${{ github.repository }} / ${{ github.ref }}" \
	"https://scan.coverity.com/builds?project=arcaneframework%2Fframework"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Coverity Scan #149

Workflow file

Coverity Scan #149

Jobs

Run details

Workflow file for this run