From 91470a0b990e7a2efaeb4a20867528073cc868c3 Mon Sep 17 00:00:00 2001 From: bennylp Date: Tue, 28 Mar 2023 11:52:47 +0700 Subject: [PATCH] Add GH actions for coverity scan --- .github/workflows/coverity-scan-daily.yml | 20 ++++++++++++++++++++ .github/workflows/coverity-scan-manual.yml | 18 ++++++++++++++++++ .gitignore | 1 + tests/coverity-scan/run.sh | 17 +++++++++++------ 4 files changed, 50 insertions(+), 6 deletions(-) create mode 100644 .github/workflows/coverity-scan-daily.yml create mode 100644 .github/workflows/coverity-scan-manual.yml diff --git a/.github/workflows/coverity-scan-daily.yml b/.github/workflows/coverity-scan-daily.yml new file mode 100644 index 000000000..20a1718b5 --- /dev/null +++ b/.github/workflows/coverity-scan-daily.yml @@ -0,0 +1,20 @@ +# Note: this only runs on master + +name: coverity-scan-daily + +on: + schedule: + - cron: '0 12 * * *' # Daily at 12:00 UTC + +jobs: + ubuntu-default-full-bundle: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + ref: master + - name: Run all + run: | + tests/coverity-scan/run.sh + env: + COV_TOKEN: ${{ secrets.PJSIP_COVERITY_SCAN_TOKEN }} diff --git a/.github/workflows/coverity-scan-manual.yml b/.github/workflows/coverity-scan-manual.yml new file mode 100644 index 000000000..f94047694 --- /dev/null +++ b/.github/workflows/coverity-scan-manual.yml @@ -0,0 +1,18 @@ +# This allows running coverity scan at any time and on any branch. Invoke this +# action manually from https://github.com/pjsip/pjproject/actions + +name: coverity-scan-manual + +on: + workflow_dispatch + +jobs: + ubuntu-default-full-bundle: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Run all + run: | + tests/coverity-scan/run.sh + env: + COV_TOKEN: ${{ secrets.PJSIP_COVERITY_SCAN_TOKEN }} diff --git a/.gitignore b/.gitignore index fd8d7d56f..3a68aeed4 100644 --- a/.gitignore +++ b/.gitignore @@ -85,3 +85,4 @@ tests/fuzz/*.o # Coverity scan stuff cov-int/ getversion.mak +configure.out diff --git a/tests/coverity-scan/run.sh b/tests/coverity-scan/run.sh index cba0773c9..08beccee7 100755 --- a/tests/coverity-scan/run.sh +++ b/tests/coverity-scan/run.sh @@ -41,6 +41,7 @@ include version.mak all: @echo \$(PJ_VERSION) EOF +export MQUIET='--quiet' export PJ_VERSION=`make -f getversion.mak` export GIT_BRANCH=`git branch --show-current` echo PJSIP version $PJ_VERSION on $GIT_BRANCH @@ -78,7 +79,7 @@ if ! [ -f silk-src-1.0.9.zip ] ; then fi unzip -o -qq silk-src-1.0.9.zip cd silk-1.0.9/sources/SILK_SDK_SRC_FLP_v1.0.9 -make -s +make $MQUIET export SILK_DIR=`pwd` popd @@ -86,7 +87,7 @@ echo echo =============================== echo Configure echo =============================== -make distclean +make $MQUIET distclean ./configure --with-silk=$SILK_DIR | tee configure.out echo configure output is in configure.out @@ -127,9 +128,10 @@ echo echo =============================== echo Build PJPROJECT echo =============================== -make dep clean +echo make dep clean.. +make $MQUIET dep clean rm -rf cov-int -cov-build --dir cov-int make +cov-build --dir cov-int make $MQUIET echo @@ -141,12 +143,15 @@ rm -f tmp/cov-int.bz2 tar caf tmp/cov-int.bz2 cov-int if [ "$TESTING" == "1" ] ; then + echo Testing mode, showing curl command: CURL="echo curl" + SAFE_COV_TOKEN='****' else CURL="curl" + SAFE_COV_TOKEN=$COV_TOKEN fi -$CURL --form token=${COV_TOKEN} --form email=bennylp@pjsip.org --form file=@tmp/cov-int.bz2 \ +$CURL --form token=${SAFE_COV_TOKEN} --form email=bennylp@pjsip.org --form file=@tmp/cov-int.bz2 \ --form version=\"$PJ_VERSION@$GIT_BRANCH\" --form description=- \ https://scan.coverity.com/builds?project=PJSIP @@ -154,5 +159,5 @@ exit 0 echo swig bindings -cd pjsip-apps/src/swig && make +cd pjsip-apps/src/swig && make $MQUIET