Move the coverity to singleline, add cat debug for response (#146) #82
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Coverity Scan | |
| on: push | |
| jobs: | |
| verify: | |
| name: Verify Code | |
| runs-on: ubuntu-latest | |
| if: ${{ startsWith(github.repository, 'teragrep/') }} | |
| env: | |
| COVERITY: coverity_tool | |
| services: | |
| mariadb: | |
| image: mariadb:10.5 | |
| env: | |
| MYSQL_DB: pth_06 | |
| MARIADB_ALLOW_EMPTY_ROOT_PASSWORD: true | |
| ports: | |
| - 3306:3306 | |
| options: --health-cmd="mysqladmin ping" --health-interval=5s --health-timeout=2s --health-retries=3 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| fetch-tags: true | |
| - name: Install jq | |
| run: sudo apt-get update && sudo apt-get install jq | |
| - name: Fetch cloud upload url | |
| run: curl -X POST -d version="${{ env.RELEASE_VERSION }}" -d description="automated upload" -d email=${{ secrets.COVERITY_EMAIL }} -d token=${{ secrets.COVERITY_TOKEN }} -d file_name="${{ vars.COVERITY_PROJECT_URL_NAME }}.tgz" https://scan.coverity.com/projects/${{ vars.COVERITY_PROJECT_URL_ID }}/builds/init -o response | |
| - name: Show the response | |
| run: cat response | |
| - name: jq the json | |
| run: jq '.' response | |
| - name: Initialize MariaDB | |
| env: | |
| MARIADB_PORT: ${{ job.services.mariadb.ports[3306] }} | |
| run: | | |
| echo "Creating databases" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} <<< "CREATE DATABASE streamdb CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} <<< "CREATE DATABASE journaldb CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} <<< "CREATE DATABASE bloomdb CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;" | |
| echo "Creating users" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} <<< "grant all privileges on streamdb.* to streamdb@'%' identified by 'streamdb_pass';" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} <<< "grant all privileges on journaldb.* to streamdb@'%' identified by 'streamdb_pass';" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} <<< "grant all privileges on bloomdb.* to streamdb@'%' identified by 'streamdb_pass';" | |
| echo "Importing journaldb" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} -D journaldb < database/journaldb.sql | |
| echo "Importing streamdb" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} -D streamdb < database/streamdb.sql | |
| echo "Importing bloomdb" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} -D bloomdb < database/bloomdb.sql | |
| echo "Flushing privileges" | |
| mysql -u root -h127.0.0.1 -P${MARIADB_PORT} <<< "flush privileges;" | |
| - name: Set up JDK 8 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '8' | |
| distribution: 'temurin' | |
| server-id: github | |
| settings-path: ${{ github.workspace }} | |
| - name: Get version | |
| run: echo "RELEASE_VERSION=$(git describe --tags)" >> $GITHUB_ENV | |
| - name: Generate sources | |
| run: mvn -B -Drevision=${{ env.RELEASE_VERSION }} -Dsha1= -Dchangelist= generate-sources | |
| env: | |
| MARIADB_PORT: ${{ job.services.mariadb.ports[3306] }} | |
| GITHUB_TOKEN: ${{ github.token }} | |
| - name: Inject licenses to generated files | |
| run: bash add_headers_to_generated.sh | |
| - name: Test run | |
| run: mvn -DskipTests -Pbuild-nogenerate -B -Drevision=${{ env.RELEASE_VERSION }} -Dsha1= -Dchangelist= verify | |
| env: | |
| MARIADB_PORT: ${{ job.services.mariadb.ports[3306] }} | |
| GITHUB_TOKEN: ${{ github.token }} | |
| - name: Download Coverity | |
| run: | | |
| wget --quiet https://scan.coverity.com/download/linux64 --post-data "token=${{ secrets.COVERITY_TOKEN }}&project=${{ vars.COVERITY_PROJECT_URL_NAME }}" -O ${{ env.COVERITY }}.tgz | |
| mkdir -p ${{ env.COVERITY }} | |
| tar zxvf ${{ env.COVERITY }}.tgz -C ${{ env.COVERITY }} --strip-components 1 | |
| - name: Compile Coverity | |
| run: | | |
| ${{ env.COVERITY }}/bin/cov-build --dir cov-int mvn -DskipTests -Pbuild-nogenerate -B -Drevision=${{ env.RELEASE_VERSION }} -Dsha1= -Dchangelist= clean compile | |
| tar czvf ${{ vars.COVERITY_PROJECT_URL_NAME }}.tgz cov-int | |
| - name: Prepare response url | |
| run: echo "RESPONSE_URL=$(jq -r '.url' response)" >> $GITHUB_ENV | |
| - name: Upload to Coverity | |
| run: | | |
| curl -X PUT \ | |
| --header 'Content-Type: application/json' \ | |
| --upload-file ${{ vars.COVERITY_PROJECT_URL_NAME }}.tgz \ | |
| "${{ env.RESPONSE_URL }}" | |
| - name: Prepare build id | |
| run: echo "BUILD_ID=$(jq -r '.build_id' response)" >> $GITHUB_ENV | |
| - name: Trigger Coverity build | |
| run: | | |
| curl -X PUT \ | |
| -d token${{ secrets.COVERITY_TOKEN }} \ | |
| "https://scan.coverity.com/projects/${{ vars.COVERITY_PROJECT_URL_ID }}/builds/${{ env.BUILD_ID }}/enqueue" |