| |
| # |
| # scan results: https://scan.coverity.com/projects/haproxy |
| # |
| |
| name: Coverity |
| |
| on: |
| schedule: |
| - cron: "0 0 * * *" |
| |
| permissions: |
| contents: read |
| |
| jobs: |
| scan: |
| runs-on: ubuntu-latest |
| if: ${{ github.repository_owner == 'haproxy' }} |
| env: |
| COVERITY_SCAN_PROJECT_NAME: 'Haproxy' |
| COVERITY_SCAN_BRANCH_PATTERN: '*' |
| COVERITY_SCAN_NOTIFICATION_EMAIL: 'chipitsine@gmail.com' |
| COVERITY_SCAN_BUILD_COMMAND: "make CC=clang TARGET=linux-glibc USE_ZLIB=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_LUA=1 USE_OPENSSL=1 USE_QUIC=1 USE_SYSTEMD=1 USE_WURFL=1 WURFL_INC=addons/wurfl/dummy WURFL_LIB=addons/wurfl/dummy USE_DEVICEATLAS=1 DEVICEATLAS_SRC=addons/deviceatlas/dummy USE_51DEGREES=1 51DEGREES_SRC=addons/51degrees/dummy/pattern ADDLIB=\"-Wl,-rpath,$HOME/opt/lib/\" SSL_LIB=${HOME}/opt/lib SSL_INC=${HOME}/opt/include" |
| steps: |
| - uses: actions/checkout@v2 |
| - name: Install apt dependencies |
| run: | |
| sudo apt-get update |
| sudo apt-get install -y \ |
| liblua5.3-dev \ |
| libsystemd-dev |
| - name: Install QUICTLS |
| run: | |
| QUICTLS=yes scripts/build-ssl.sh |
| - name: Hijack Makefile |
| run: | |
| # We cannot pass the DEBUG variable in `COVERITY_SCAN_BUILD_COMMAND`, |
| # because Coverity splits parameters at whitespaces, without taking |
| # quoting into account. |
| sed -i 's/^DEBUG =$/DEBUG = -DDEBUG_STRICT=1 -DDEBUG_USE_ABORT=1/' Makefile |
| - name: Build WURFL |
| run: make -C addons/wurfl/dummy |
| - name: Run Coverity Scan |
| env: |
| COVERITY_SCAN_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} |
| run: | |
| curl -fsSL "https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh" | bash || true |