Run Coverity Scan #10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Adapted from the file with the same name in the LAMMPS repository | |
| name: "Run Coverity Scan" | |
| on: | |
| schedule: | |
| - cron: "11 1 * * Sun" | |
| workflow_dispatch: | |
| jobs: | |
| analyze: | |
| name: Analyze | |
| if: ${{ github.repository == 'Colvars/colvars' }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Colvars | |
| uses: actions/checkout@v5 | |
| - name: Install build dependencies for library | |
| run: | | |
| sudo apt -y install tcl8.6-dev | |
| - name: Create build and download folder | |
| run: mkdir -p build download | |
| - name: Cache Coverity | |
| id: cache-coverity | |
| uses: actions/cache@v4 | |
| with: | |
| path: ./download/ | |
| key: Coverity-download-${{ hashFiles('**/coverity_tool.*') }} | |
| - name: Download Coverity if cache misses | |
| if: steps.cache-coverity.outputs.cache-hit != 'true' | |
| working-directory: download | |
| run: | | |
| wget -nv https://scan.coverity.com/download/linux64 --post-data "token=${{ secrets.COVERITY_TOKEN }}&project=Colvars/colvars" -O coverity_tool.tgz | |
| wget -nv https://scan.coverity.com/download/linux64 --post-data "token=${{ secrets.COVERITY_TOKEN }}&project=Colvars/colvars&md5=1" -O coverity_tool.md5 | |
| echo " coverity_tool.tgz" >> coverity_tool.md5 | |
| md5sum -c coverity_tool.md5 | |
| - name: Unpack Coverity | |
| run: | | |
| tar xzf download/coverity_tool.tgz | |
| ln -s cov-analysis-linux64-* coverity | |
| - name: Configure Colvars build with CMake | |
| working-directory: build | |
| run: cmake -S ../cmake -DCOLVARS_TCL=ON | |
| - name: Run Coverity Scan | |
| shell: bash | |
| working-directory: build | |
| run: | | |
| export PATH=$GITHUB_WORKSPACE/coverity/bin:$PATH | |
| cov-build --dir cov-int cmake --build . --parallel 2 | |
| - name: Create tarball with scan results | |
| shell: bash | |
| working-directory: build | |
| run: tar czf colvars-coverity.tgz cov-int | |
| - name: Upload scan result to Coverity | |
| shell: bash | |
| run: | | |
| curl \ | |
| --form token=${{ secrets.COVERITY_TOKEN }} \ | |
| --form email=${{ secrets.COVERITY_EMAIL }} \ | |
| --form file=@build/colvars-coverity.tgz \ | |
| --form version=${{ github.sha }} \ | |
| --form description="Colvars test build" \ | |
| https://scan.coverity.com/builds?project=Colvars/colvars |