[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH 1/2] github: add workflow to run Coverity scans
On 18/02/2022 12:00, Roger Pau Monne wrote: > Add a workflow that performs a build like it's done by osstest > Coverity flight and uploads the result to Coverity for analysis. The > build process is exactly the same as the one currently used in > osstest, and it's also run at the same time (bi-weekly). > > This has one big benefit over using osstest: we no longer have to care > about keeping the Coverity tools up to date in osstest. > > Suggested-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> > Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> > --- > .github/workflows/coverity.yml | 35 ++++++++++++++++++++++++++++++++++ > 1 file changed, 35 insertions(+) > create mode 100644 .github/workflows/coverity.yml > > diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml > new file mode 100644 > index 0000000000..12fc9c782b > --- /dev/null > +++ b/.github/workflows/coverity.yml > @@ -0,0 +1,35 @@ > +name: Coverity Scan > + > +# We only want to test official release code, not every pull request. > +on: > + schedule: > + - cron: '18 9 * * WED,SUN' # Bi-weekly at 9:18 UTC > + > +jobs: > + coverity: > + runs-on: ubuntu-latest > + steps: > + - name: Install build dependencies > + run: | > + sudo apt-get install -y wget git bcc bin86 gawk bridge-utils \ > + iproute2 libcurl4-openssl-dev bzip2 libpci-dev build-essential \ > + make gcc libc6-dev libc6-dev-i386 linux-libc-dev zlib1g-dev \ > + libncurses5-dev patch libvncserver-dev libssl-dev libsdl-dev iasl \ > + libbz2-dev e2fslibs-dev git-core uuid-dev ocaml libx11-dev \ > + ocaml-findlib xz-utils gettext libyajl-dev libpixman-1-dev \ > + libaio-dev libfdt-dev cabextract libglib2.0-dev autoconf automake \ > + libtool libfuse-dev liblzma-dev ninja-build \ > + kpartx python3-dev python3-pip golang python-dev libsystemd-dev We dropped gettext as a dependency a few releases ago, and we don't need python3-pip either. Can fix on commit. > + - uses: actions/checkout@v2 I think we want - uses: actions/checkout@v2 with: ref: staging Can also fix on commit. Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> (mainly because I can see that Coverity has done the right thing with this.) > + - name: Configure Xen > + run: | > + ./configure > + - name: Pre build stuff > + run: | > + make -C tools/firmware/etherboot all && make mini-os-dir > + - uses: vapier/coverity-scan-action@v1 > + with: > + command: make xen tools && make -C extras/mini-os/ > + project: XenProject > + email: ${{ secrets.COVERITY_SCAN_EMAIL }} > + token: ${{ secrets.COVERITY_SCAN_TOKEN }}
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |