Files
systemd/.github/workflows/coverity.yml
Evgeny Vereshchagin 10139b4e3c ci: validate actions and fix actionlint warnings
some actions like Coverity and CFLite aren't run on every PR so to make
sure they are more or less fine when they are changed it makes sense to
at least check them with superlinter/actionlint: https://github.com/rhysd/actionlint

The following warnings were fixed along the way:
```
.github/workflows/mkosi.yml:55:7: shellcheck reported issue in this script: SC2086:info:6:14: Double quote to prevent globbing and word splitting [shellcheck]
   |
55 |       run: |
   |       ^~~~
.github/workflows/mkosi.yml:55:7: shellcheck reported issue in this script: SC2046:warning:6:40: Quote this to prevent word splitting [shellcheck]
   |
55 |       run: |
   |       ^~~~
.github/workflows/mkosi.yml:55:7: shellcheck reported issue in this script: SC2006:style:6:40: Use $(...) notation instead of legacy backticked `...` [shellcheck]
   |
55 |       run: |
   |       ^~~~
```
```
.github/workflows/coverity.yml:31:9: shellcheck reported issue in this script: SC2086:info:1:93: Double quote to prevent globbing and word splitting [shellcheck]
   |
31 |         run: echo "COVERITY_SCAN_NOTIFICATION_EMAIL=$(git log -1 ${{ github.sha }} --pretty=\"%aE\")" >> $GITHUB_ENV
   |         ^~~~
```
2022-02-09 17:32:41 +09:00

44 lines
1.6 KiB
YAML

---
# vi: ts=2 sw=2 et:
# SPDX-License-Identifier: LGPL-2.1-or-later
#
name: Coverity
on:
schedule:
# Run Coverity daily at midnight
- cron: '0 0 * * *'
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-20.04
if: github.repository == 'systemd/systemd'
env:
COVERITY_SCAN_BRANCH_PATTERN: "${{ github.ref}}"
COVERITY_SCAN_NOTIFICATION_EMAIL: ""
COVERITY_SCAN_PROJECT_NAME: "${{ github.repository }}"
# Set in repo settings -> secrets -> repository secrets
COVERITY_SCAN_TOKEN: "${{ secrets.COVERITY_SCAN_TOKEN }}"
CURRENT_REF: "${{ github.ref }}"
steps:
- name: Repository checkout
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
# https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-commands-for-github-actions#setting-an-environment-variable
- name: Set the $COVERITY_SCAN_NOTIFICATION_EMAIL env variable
run: echo "COVERITY_SCAN_NOTIFICATION_EMAIL=$(git log -1 ${{ github.sha }} --pretty=\"%aE\")" >> "$GITHUB_ENV"
- name: Install Coverity tools
run: tools/get-coverity.sh
# Reuse the setup phase of the unit test script to avoid code duplication
- name: Install build dependencies
run: sudo -E .github/workflows/unit_tests.sh SETUP
# Preconfigure with meson to prevent Coverity from capturing meson metadata
- name: Preconfigure the build directory
run: meson cov-build -Dman=false
- name: Build
run: tools/coverity.sh build
- name: Upload the results
run: tools/coverity.sh upload