-
Notifications
You must be signed in to change notification settings - Fork 2
31 lines (26 loc) · 1.29 KB
/
coverity-selfhosted.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
name: Coverity self-hosted
on:
workflow_dispatch:
jobs:
scan:
runs-on: self-hosted
env:
COVERITY_TOOL_HOME: '/opt/cov-analysis-linux64-2021.12.0'
steps:
- uses: actions/checkout@v2
- name: Coverity scan
run: |
${{ env.COVERITY_TOOL_HOME }}/bin/cov-build --dir idir mvn -Drat.skip=true -DskipTests=true clean package
${{ env.COVERITY_TOOL_HOME }}/bin/cov-analyze --dir idir --ticker-mode none --all --disable-fb --webapp-security --enable-audit-mode --strip-path $PWD
${{ env.COVERITY_TOOL_HOME }}/bin/cov-format-errors --dir idir --json-output-v7 coverity-results.json
- name: Convert Coverity results to SARIF
run: |
${{ env.COVERITY_TOOL_HOME }}/node/bin/node ${{ env.COVERITY_TOOL_HOME }}/SARIF/cov-format-sarif-for-github.js -i coverity-results.json -r gubraun/commons-fileupload -c gubraun/commons-fileupload `pwd` `git rev-parse HEAD` -o coverity-results.sarif
- name: Upload SARIF file to GitHub UI
uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: coverity-results.sarif
- name: Parse Coverity JSON
uses: synopsys-sig/[email protected]
with:
json-file-path: coverity-results.json