Skip to content

Coverity

Coverity #18

Workflow file for this run

name: Coverity
on:
schedule:
- cron: "0 0 * * *"
workflow_dispatch:
permissions:
contents: read
jobs:
scan:
runs-on: ubuntu-latest
if: ${{ github.repository_owner == 'FreeRDP' }}
steps:
- uses: actions/checkout@v4
- name: Install apt dependencies
run: |
sudo apt-get update
sudo apt-get install -y \
libxrandr-dev \
libxinerama-dev \
libusb-1.0-0-dev \
xserver-xorg-dev \
libswscale-dev \
libswresample-dev \
libavutil-dev \
libavcodec-dev \
libcups2-dev \
libpulse-dev \
libasound2-dev \
libpcsclite-dev \
libv4l-dev \
libxcb-cursor-dev \
libxcursor-dev \
libcairo2-dev \
libfaac-dev \
libfaad-dev \
libjpeg-dev \
libgsm1-dev \
ninja-build \
libxfixes-dev \
libxkbcommon-dev \
libwayland-dev \
libpam0g-dev \
libxdamage-dev \
libxcb-damage0-dev \
ccache \
libxtst-dev \
libfuse3-dev \
libsystemd-dev \
libcairo2-dev \
libsoxr-dev \
libsdl2-dev \
libkrb5-dev \
libcjson-dev \
libsdl2-ttf-dev \
libsdl2-image-dev \
libwebkit2gtk-4.0-dev \
clang \
libopus-dev \
libwebp-dev \
libpng-dev \
libjpeg-dev \
liburiparser-dev
- name: Download Coverity build tool
run: |
wget -c -N https://scan.coverity.com/download/linux64 --post-data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=FreeRDP" -O coverity_tool.tar.gz
mkdir coverity_tool
tar xzf coverity_tool.tar.gz --strip 1 -C coverity_tool
- name: Build with Coverity build tool
run: |
export PATH=`pwd`/coverity_tool/bin:$PATH
export CC=/usr/bin/clang
export CXX=/usr/bin/clang++
# in source build is used to help coverity to determine relative file path
cmake \
-GNinja \
-C ci/cmake-preloads/config-coverity.txt \
-DALLOW_IN_SOURCE_BUILD=true \
-B. \
-S.
cov-build --dir cov-int cmake --build .
- name: Submit build result to Coverity Scan
run: |
tar czvf cov.tar.gz cov-int
curl --form token=${{ secrets.COVERITY_SCAN_TOKEN }} \
--form [email protected] \
--form [email protected] \
--form version="Commit $GITHUB_SHA" \
--form description="Build submitted via CI" \
https://scan.coverity.com/builds?project=FreeRDP