name: coverity-linux on: [push, pull_request] permissions: contents: read jobs: coverity_scan: runs-on: ubuntu-latest name: Coverity Scan steps: - uses: actions/checkout@v4 - name: Install dependencies run: | sudo apt-get update sudo apt-get install -y curl build-essential cmake pkg-config libsystemd-dev - name: Download Coverity Tool run: | curl -s -L --output coverity_tool.tgz "https://scan.coverity.com/download/linux64?token=${{ secrets.COVERITY_TOKEN }}&project=gabime%2Fspdlog" mkdir coverity_tool tar -C coverity_tool --strip-components=1 -xf coverity_tool.tgz echo "$PWD/coverity_tool/bin" >> $GITHUB_PATH - name: Build with Coverity run: | mkdir build && cd build cmake .. -DCMAKE_BUILD_TYPE=Release -DCMAKE_CXX_STANDARD=17 cd .. cov-build --dir cov-int make -C build -j4 - name: Submit results to Coverity run: | tar czf cov-int.tgz cov-int response=$(curl --silent --show-error --fail \ --form email="${{ secrets.EMAIL }}" \ --form token="${{ secrets.COVERITY_TOKEN }}" \ --form file=@cov-int.tgz \ --form version="GitHub PR #${{ github.event.pull_request.number }}" \ --form description="CI run for PR" \ https://scan.coverity.com/builds?project=gabime%2Fspdlog) echo "$response" if echo "$response" | grep -qi "Build successfully submitted"; then echo "Coverity upload succeeded" else echo "Coverity upload failed or was rejected" exit 1 fi