-
Notifications
You must be signed in to change notification settings - Fork 510
41 lines (35 loc) · 1.05 KB
/
scan_coverity.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# Scan the C/C++ code for vulnerabilities using Coverity.
name: Coverity
on:
workflow_call:
secrets:
COVERITY_SCAN_NOTIFICATION_EMAIL:
required: true
COVERITY_SCAN_TOKEN:
required: true
env:
GITHUB_REPO: pmem/pmdk
DOCKER_REPO: ghcr.io/pmem/pmdk
COVERITY_SCAN_NOTIFICATION_EMAIL: ${{ secrets.COVERITY_SCAN_NOTIFICATION_EMAIL }}
COVERITY_SCAN_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
HOST_WORKDIR: /home/runner/work/pmdk/pmdk
WORKDIR: utils/docker
PMDK_CC: gcc
PMDK_CXX: g++
VALGRIND: 1
COVERITY: 1
permissions: {}
jobs:
linux:
name: Linux
runs-on: ubuntu-latest
strategy:
matrix:
CONFIG: ["OS=ubuntu OS_VER=22.04"]
steps:
- name: Clone the git repo
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Pull or rebuild the image
run: cd $WORKDIR && ${{ matrix.CONFIG }} ./pull-or-rebuild-image.sh
- name: Run the build
run: cd $WORKDIR && ${{ matrix.CONFIG }} ./build-CI.sh