Build and run coverity inside RUNNER_TEMP (#134) #73
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Coverity Scan | |
| on: push | |
| jobs: | |
| verify: | |
| name: Verify Code | |
| runs-on: ubuntu-latest | |
| env: | |
| COVERITY: coverity_tool | |
| services: | |
| mariadb: | |
| image: mariadb:10.5 | |
| env: | |
| MYSQL_DB: pth_06 | |
| MARIADB_ALLOW_EMPTY_ROOT_PASSWORD: true | |
| ports: | |
| - 3306:3306 | |
| options: --health-cmd="mysqladmin ping" --health-interval=5s --health-timeout=2s --health-retries=3 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| - name: Initialize MariaDB | |
| env: | |
| MARIADB_PORT: ${{ job.services.mariadb.ports[3306] }} | |
| run: | | |
| echo "Creating databases" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} <<< "CREATE DATABASE streamdb CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} <<< "CREATE DATABASE journaldb CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} <<< "CREATE DATABASE bloomdb CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" | |
| echo "Creating users" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} <<< "grant all privileges on streamdb.* to streamdb@'%' identified by 'streamdb_pass';" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} <<< "grant all privileges on journaldb.* to streamdb@'%' identified by 'streamdb_pass';" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} <<< "grant all privileges on bloomdb.* to streamdb@'%' identified by 'streamdb_pass';" | |
| echo "Importing journaldb" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} -D journaldb < database/journaldb.sql | |
| echo "Importing streamdb" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} -D streamdb < database/streamdb.sql | |
| echo "Importing bloomdb" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} -D bloomdb < database/bloomdb.sql | |
| echo "Flushing privileges" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} <<< "flush privileges;" | |
| - name: Set up JDK 8 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '8' | |
| distribution: 'temurin' | |
| server-id: github | |
| settings-path: ${{ github.workspace }} | |
| - name: Get version | |
| run: echo "RELEASE_VERSION=$(git describe --tags)" >> $GITHUB_ENV | |
| - name: Generate sources | |
| run: mvn -B -Drevision=${{ env.RELEASE_VERSION }} -Dsha1= -Dchangelist= generate-sources | |
| env: | |
| MARIADB_PORT: ${{ job.services.mariadb.ports[3306] }} | |
| GITHUB_TOKEN: ${{ github.token }} | |
| - name: Inject licenses to generated files | |
| run: bash add_headers_to_generated.sh | |
| - name: Test run | |
| run: mvn -Pbuild-nogenerate -B -Drevision=${{ env.RELEASE_VERSION }} -Dsha1= -Dchangelist= verify | |
| env: | |
| MARIADB_PORT: ${{ job.services.mariadb.ports[3306] }} | |
| GITHUB_TOKEN: ${{ github.token }} | |
| - name: Download Coverity | |
| run: | | |
| wget --quiet https://scan.coverity.com/download/linux64 --post-data "token=${{ secrets.COVERITY_TOKEN }}&project=pth_06" -O ${{ env.RUNNER_TEMP }}/${{ env.COVERITY }}.tgz | |
| mkdir -p ${{ env.RUNNER_TEMP }}/${{ env.COVERITY }} | |
| tar zxvf ${{ env.RUNNER_TEMP }}/${{ env.COVERITY }}.tgz -C ${{ env.RUNNER_TEMP }}/${{ env.COVERITY }} --strip-components 1 | |
| - name: Compile Coverity | |
| run: | | |
| ${{ env.RUNNER_TEMP }}/${{ env.COVERITY }}/bin/cov-configure --java | |
| ${{ env.RUNNER_TEMP }}/${{ env.COVERITY }}/bin/cov-build --dir ${{ env.RUNNER_TEMP }}/cov-int mvn -Pbuild-nogenerate -B -Drevision=${{ env.RELEASE_VERSION }} -Dsha1= -Dchangelist= -DskipTests=true clean compile | |
| tar czvf ${{ env.RUNNER_TEMP }}/pth_06.tgz ${{ env.RUNNER_TEMP }}/cov-int | |
| - name: Debug find src contents | |
| run: find src/ -exec ls -l {} \; | |
| - name: Print all directory sizes | |
| run: du -sh * | |
| - name: Debug print contents | |
| run: tar tvzf pth_06.tgz | |
| - name: Debug print size | |
| run: du -sh pth_06.tgz | |
| - name: Debug find cov-int | |
| run: find cov-int | |
| - name: Debug search ${{ env.RUNNER_TEMP }} | |
| run: find ${{ env.RUNNER_TEMP }} -exec ls -l {} \; | |
| - name: Debug size ${{ env.RUNNER_TEMP }} | |
| run: du -sh ${{ env.RUNNER_TEMP }}/* | |
| - name: Upload to Coverity | |
| run: | | |
| curl --silent --form token=${{ secrets.COVERITY_TOKEN }} \ | |
| --form email=${{ secrets.COVERITY_EMAIL }} \ | |
| --form file=@${{ env.RUNNER_TEMP }}/pth_06.tgz \ | |
| --form version="${GITHUB_REF##*/}" \ | |
| --form description="automated upload" \ | |
| https://scan.coverity.com/builds?project=pth_06 |