-
Notifications
You must be signed in to change notification settings - Fork 49
185 lines (158 loc) · 6.33 KB
/
coverity.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
name: Coverity
# Controls when the workflow will run
on:
# Trigger the workflow based on cron.
schedule:
- cron: '0 0 * * 6'
workflow_dispatch:
# Workflow with 1 stage: Build.
# Each of the sub-stages in the build job run in parallel.
jobs:
build:
# Use the latest ubuntu image: https://github.com/actions/runner-images
runs-on: ubuntu-latest
name: LArContent - Coverity
# Only run in the PandoraPFA repos.
if: github.repository_owner == 'PandoraPFA'
# Defines the build matrix, so what combinatorics of compiler etc. to test.
strategy:
fail-fast: false # Don't quit other jobs if one job fails.
matrix:
compiler: [ {cpp: g++-9, c: gcc-9} ]
monitoring: [ "ON" ]
torch: [ "ON" ]
# Set the compiler env vars to ensure the correct compiler is used.
env:
CC: ${{ matrix.compiler.c }}
CXX: ${{ matrix.compiler.cpp }}
steps:
# Install ROOT dependencies to start with
- name: apt Install Dependencies
run: sudo apt install -y xlibmesa-glu-dev
# Make a central location to build from.
- name: Create build folder
run: sudo mkdir -m 0777 -p /pandora
# Cache the build tool, to speed up subsequent runs.
- name: Cache Coverity Build Tool
id: cov-build-cache
uses: actions/cache@v3
with:
path: /pandora/coverity/
key: cov-build-2022.6
# Get Coverity build tool
- name: Get Coverity Build Tool
if: steps.cov-build-cache.outputs.cache-hit != 'true'
run: |
mkdir -p /pandora/coverity/ && cd /pandora/coverity/
curl https://scan.coverity.com/download/cxx/linux64/ \
--no-progress-meter \
--output cov-analysis.tar.gz \
--data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=${{ secrets.COVERITY_REPO }}"
mkdir cov-analysis
tar -zxf cov-analysis.tar.gz --strip 1 -C cov-analysis
pwd
ls
ls *
rm cov-analysis.tar.gz
export PATH="${PWD}/cov-analysis/bin:${PATH}"
cov-configure -co $(which ${CXX}) -- -std=c++17 -fPIC
# Pull and Install Eigen
- name: Pull Eigen
run: wget https://gitlab.com/libeigen/eigen/-/archive/3.3.5/eigen-3.3.5.tar.gz
- name: Unpack Eigen
run: tar -xf eigen-3.3.5.tar.gz && rm eigen-3.3.5.tar.gz && mv eigen-3.3.5 Eigen3
- name: Build Eigen
run: |
cd Eigen3 && mkdir build && cd build
cmake -DCMAKE_INSTALL_PREFIX=/pandora/Eigen3 ..
make -j$(nproc) install
# Sort ROOT install out.
# TODO: Does the version need to change with compiler?
- name: Pull ROOT
if: matrix.monitoring == 'ON'
run: wget https://root.cern/download/root_v6.26.14.Linux-ubuntu22-x86_64-gcc11.4.tar.gz
- name: Unpack ROOT
if: matrix.monitoring == 'ON'
run: tar -xzvf root_v6.26.14.Linux-ubuntu22-x86_64-gcc11.4.tar.gz && mv root/ /pandora/root
# Sort LibTorch install out.
- name: Pull Torch
if: matrix.torch == 'ON'
run: wget https://download.pytorch.org/libtorch/cpu/libtorch-cxx11-abi-shared-with-deps-1.13.0%2Bcpu.zip
- name: Unpack Torch
if: matrix.torch == 'ON'
run: unzip libtorch-cxx11-abi-shared-with-deps-1.13.0+cpu.zip && mv libtorch/ /pandora/libtorch
# Pull the various dependencies and LArContent.
- name: Pull PandoraPFA
uses: actions/checkout@v3
with:
repository: 'PandoraPFA/PandoraPFA'
path: PandoraPFA
- name: Pull PandoraSDK
uses: actions/checkout@v3
with:
repository: 'PandoraPFA/PandoraSDK'
path: PandoraSDK
- name: Pull PandoraMonitoring
if: matrix.monitoring == 'ON'
uses: actions/checkout@v3
with:
repository: 'PandoraPFA/PandoraMonitoring'
path: PandoraMonitoring
- name: Pull LArContent
uses: actions/checkout@v3
with:
repository: 'PandoraPFA/LArContent'
path: LArContent
- name: Pull LArReco
uses: actions/checkout@v3
with:
repository: 'PandoraPFA/LArReco'
path: LArReco
# Lets move all the repos to a central /pandora/ path, for easier pathing.
- name: Update Repo Locations
run: |
mv Pandora* /pandora/
mv LAr* /pandora/
# Build the SDK then monitoring (if required).
- name: Build PandoraSDK
run: |
mkdir -p /pandora/PandoraSDK/build && cd /pandora/PandoraSDK/build
cmake -DCMAKE_MODULE_PATH=/pandora/PandoraPFA/cmakemodules /pandora/PandoraSDK/
make -j$(nproc) install
- name: Build PandoraMonitoring
if: matrix.monitoring == 'ON'
run: |
mkdir -p /pandora/PandoraMonitoring/build && cd /pandora/PandoraMonitoring/build
cmake \
-DCMAKE_MODULE_PATH=/pandora/PandoraPFA/cmakemodules \
-DROOT_DIR=/pandora/root/cmake \
-DPandoraSDK_DIR=/pandora/PandoraSDK \
/pandora/PandoraMonitoring/
make -j$(nproc) install
# Now build LArContent.
- name: Build LArContent
run: |
mkdir -p /pandora/LArContent/build && cd /pandora/LArContent/build
cmake \
-DCMAKE_MODULE_PATH=/pandora/PandoraPFA/cmakemodules \
-DPandoraSDK_DIR=/pandora/PandoraSDK \
-DEigen3_DIR=/pandora/Eigen3/share/eigen3/cmake \
-DROOT_DIR=/pandora/root/cmake \
-DPANDORA_MONITORING=${{ matrix.monitoring }} \
-DPandoraMonitoring_DIR=/pandora/PandoraMonitoring \
-DPANDORA_LIBTORCH=${{ matrix.torch }} \
-DCMAKE_PREFIX_PATH=/pandora/libtorch/ \
/pandora/LArContent/
export PATH="/pandora/coverity/cov-analysis/bin:${PATH}"
cov-build --dir cov-int make -j$(nproc)
tar -czvf coverity_build.tar.gz cov-int
- name: Upload to Coverity
run: |
cd /pandora/LArContent/build
curl \
--form token="${{ secrets.COVERITY_SCAN_TOKEN }}" \
--form email="${{ secrets.COVERITY_EMAIL }}" \
--form file=@coverity_build.tar.gz \
--form version="${{ github.sha }}" \
--form description="$(date)" \
"https://scan.coverity.com/builds?project=${{ secrets.COVERITY_REPO }}"