coverity-scan #81
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: coverity-scan | |
| # Controls when the action will run. | |
| on: | |
| # Run this action on a schedule (we're allowed a maximum of two per day) | |
| schedule: | |
| - cron: '0 18 * * SUN' # Sunday at 18:00 UTC | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| # A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
| jobs: | |
| build: | |
| runs-on: ubuntu-20.04 | |
| if: github.repository == 'MapServer/MapServer' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install Libraries | |
| run: | | |
| # This currently fails as of https://lists.osgeo.org/pipermail/ubuntu/2023-October/002046.html | |
| # sudo add-apt-repository -y ppa:ubuntugis/ubuntugis-unstable | |
| sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 6B827C12C2D425E227EDCA75089EBE08314DF160 | |
| sudo add-apt-repository -y http://ppa.launchpad.net/ubuntugis/ubuntugis-unstable/ubuntu/ | |
| sudo apt-get update | |
| sudo apt-get install --allow-unauthenticated protobuf-c-compiler libprotobuf-c-dev bison flex libfribidi-dev cmake librsvg2-dev colordiff libpq-dev libpng-dev libjpeg-dev libgif-dev libgeos-dev libfreetype6-dev libfcgi-dev libcurl4-gnutls-dev libcairo2-dev libgdal-dev libproj-dev libxml2-dev libexempi-dev lcov lftp postgis libharfbuzz-dev gdal-bin ccache curl postgresql-server-dev-12 postgresql-12-postgis-3 postgresql-12-postgis-3-scripts swig | |
| - name: Build MapServer | |
| run: | | |
| mkdir build | |
| touch src/maplexer.l | |
| touch src/mapparser.y | |
| flex --nounistd -Pmsyy -i -osrc/maplexer.c src/maplexer.l | |
| yacc -d -osrc/mapparser.c src/mapparser.y | |
| cd build | |
| cmake -G "Unix Makefiles" \ | |
| -DWITH_CLIENT_WMS=1 -DWITH_CLIENT_WFS=1 -DWITH_SOS=1 \ | |
| -DWITH_PYTHON=0 -DWITH_JAVA=0 -DWITH_PHP=0 -DWITH_PERL=0 \ | |
| -DWITH_FCGI=0 -DWITH_EXEMPI=1 -DWITH_KML=1 -DWITH_THREAD_SAFETY=1 \ | |
| -DWITH_RSVG=1 -DWITH_CURL=1 -DWITH_FRIBIDI=1 -DWITH_HARFBUZZ=1 \ | |
| .. | |
| pwd | |
| - name: Download Coverity Build Tool | |
| run: | | |
| wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=mapserver%2Fmapserver" -O cov-analysis-linux64.tar.gz | |
| mkdir cov-analysis-linux64 | |
| tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64 | |
| env: | |
| TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} | |
| - name: Build with cov-build | |
| run: | | |
| pwd | |
| export PATH=`pwd`/cov-analysis-linux64/bin:$PATH | |
| cov-build --dir cov-int make | |
| - name: Submit to Coverity Scan | |
| run: | | |
| tar czvf mapserver.tgz cov-int | |
| curl \ | |
| --form project=mapserver%2Fmapserver \ | |
| --form token=$TOKEN \ | |
| --form [email protected] \ | |
| --form [email protected] \ | |
| --form version=main \ | |
| --form description="`git rev-parse --abbrev-ref HEAD` `git rev-parse --short HEAD`" \ | |
| https://scan.coverity.com/builds?project=mapserver%2Fmapserver | |
| env: | |
| TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} |