Skip to content

Commit

Permalink
Multi-platform Coverity build (#557)
Browse files Browse the repository at this point in the history
  • Loading branch information
Youw authored May 20, 2023
1 parent 6e3dd57 commit 60fd395
Showing 1 changed file with 131 additions and 63 deletions.
194 changes: 131 additions & 63 deletions .github/workflows/checks.yml
Original file line number Diff line number Diff line change
@@ -1,12 +1,74 @@
name: Checks
run-name: Code checks for ${{ github.ref_name }}

on:
# General comment:
# Coverity doesn't support merging or including reports from multible machine/platforms (at least not officially).
# But otherwise there is no good way to keep the issues from all platforms at Coverity Scans at once.
# This script uses undocumented (but appears to be working) hack:
# The build logs from one machine/platform gets moved to a next once,
# and "fixed" so that cov-build can append logs from the next platform.
# The "fix" is based on the fact, that Coverity perfectly allows appending logs from multiple builds
# that are done *on the same host* machine.

on:
workflow_dispatch:

jobs:
coverity-windows:
runs-on: windows-latest

steps:
- uses: actions/checkout@v3
with:
path: src
- name: Setup MSVC
uses: TheMrMilchmann/setup-msvc-dev@v2.0.0
with:
arch: x64
- name: Configure
run: |
cmake -B build -S src -G"NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DHIDAPI_WITH_TESTS=ON -DHIDAPI_BUILD_HIDTEST=ON
- name: Lookup Coverity Build Tool hash
id: coverity-cache-lookup
run: |
$coverity_hash=Invoke-RestMethod -Uri https://scan.coverity.com/download/cxx/win64 -Method Post -Body @{token='${{ secrets.COVERITY_SCAN_TOKEN }}';project='hidapi';md5=1}
echo "coverity_hash=$coverity_hash" >> $Env:GITHUB_OUTPUT
- name: Get cached Coverity Build Tool
id: cov-build-cache
uses: actions/cache@v3
with:
path: cov-root
key: cov-root-cxx-win64-${{ steps.coverity-cache-lookup.outputs.coverity_hash }}
- name: Get and configure Coverity
if: steps.cov-build-cache.outputs.cache-hit != 'true'
run: |
Invoke-WebRequest -Uri https://scan.coverity.com/download/cxx/win64 -OutFile coverity.zip -Method Post -Body @{token='${{ secrets.COVERITY_SCAN_TOKEN }}';project='hidapi'}
Remove-Item 'cov-root' -Recurse -Force -ErrorAction SilentlyContinue
Expand-Archive coverity.zip -DestinationPath cov-root
$cov_root=Get-ChildItem -Path 'cov-root'
$Env:PATH += ";$($cov_root.FullName)\bin"
cov-configure -msvc
- name: Make Coverity available in PATH
run: |
$cov_root=Get-ChildItem -Path 'cov-root'
echo "$($cov_root.FullName)\bin" >> $Env:GITHUB_PATH
- name: Build with Coverity
working-directory: build
run: |
cov-build --dir cov-int nmake
Rename-Item ".\cov-int\emit\$(hostname)" hostname
- name: Backup Coverity logs
uses: actions/upload-artifact@v3
with:
name: coverity-logs-windows
path: build/cov-int
retention-days: 7


coverity-macos:
runs-on: macos-latest
needs: [coverity-windows]

steps:
- uses: actions/checkout@v3
Expand All @@ -17,40 +79,56 @@ jobs:
- name: Configure
run: |
cmake -B build -S src -GNinja -DCMAKE_BUILD_TYPE=RelWithDebInfo -DHIDAPI_WITH_TESTS=ON -DHIDAPI_BUILD_HIDTEST=ON -DCMAKE_C_COMPILER=clang
- uses: actions/download-artifact@v3
with:
name: coverity-logs-windows
path: build/cov-int
- name: Fixup cov-int
run: |
rm -f build/cov-int/emit/hostname/emit-db.lock build/cov-int/emit/hostname/emit-db.write-lock
mv build/cov-int/emit/hostname build/cov-int/emit/$(hostname)
- name: Lookup Coverity Build Tool hash
id: coverity-cache-lookup
shell: bash
run: |
hash=$(curl https://scan.coverity.com/download/cxx/Darwin --data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=hidapi&md5=1")
echo "coverity_hash=${hash}" >> $GITHUB_OUTPUT
- name: Get cached Coverity Build Tool
id: cov-build-cache
uses: actions/cache@v3
with:
path: cov-root
key: cov-root-cxx-Darwin-${{ steps.coverity-cache-lookup.outputs.coverity_hash }}
- name: Get and configure Coverity
if: steps.cov-build-cache.outputs.cache-hit != 'true'
run: |
curl https://scan.coverity.com/download/cxx/Darwin --output coverity.dmg --data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=hidapi"
hdiutil attach coverity.dmg -mountroot coverity
export COV_DIR_NAME=$(ls -1 --color=never coverity)
rm -rf cov-root
mkdir cov-root
cp ./coverity/${COV_DIR_NAME}/${COV_DIR_NAME}.sh cov-root/
cd cov-root/
./${COV_DIR_NAME}.sh
./bin/cov-configure --clang
echo "$(pwd)/bin" >> $GITHUB_PATH
- name: Make Coverity available in PATH
run: echo "$(pwd)/cov-root/bin" >> $GITHUB_PATH
- name: Build with Coverity
working-directory: build
run: cov-build --dir cov-int ninja
run: |
cov-build --dir cov-int --append-log ninja
mv cov-int/emit/$(hostname) cov-int/emit/hostname
- name: Backup Coverity logs
uses: actions/upload-artifact@v3
with:
name: coverity-logs-macos
name: coverity-logs-windows-macos
path: build/cov-int
retention-days: 7
- name: Submit results to Coverity Scan
working-directory: build
run: |
tar -czf cov-int.tar.gz cov-int
curl --form token=${{ secrets.COVERITY_SCAN_TOKEN }} \
--form email=${{ secrets.COVERITY_SCAN_EMAIL }} \
--form file=@cov-int.tar.gz \
--form version="$GITHUB_SHA" \
--form description="Automatic macOS build" \
https://scan.coverity.com/builds?project=hidapi


coverity-ubuntu:
runs-on: ubuntu-latest
needs: [coverity-macos]

steps:
- uses: actions/checkout@v3
Expand All @@ -61,64 +139,54 @@ jobs:
- name: Configure
run: |
cmake -B build -S src -GNinja -DCMAKE_BUILD_TYPE=RelWithDebInfo -DHIDAPI_WITH_TESTS=ON -DHIDAPI_BUILD_HIDTEST=ON -DCMAKE_C_COMPILER=gcc
- uses: vapier/coverity-scan-action@v1
- uses: actions/download-artifact@v3
with:
email: ${{ secrets.COVERITY_SCAN_EMAIL }}
token: ${{ secrets.COVERITY_SCAN_TOKEN }}
project: hidapi
command: ninja
working-directory: build
description: 'Automatic Linux build'
- name: Backup Coverity logs
uses: actions/upload-artifact@v3
with:
name: coverity-logs-linux
name: coverity-logs-windows-macos
path: build/cov-int
retention-days: 7


coverity-windows:
runs-on: windows-latest

steps:
- uses: actions/checkout@v3
with:
path: src
- name: Setup MSVC
uses: TheMrMilchmann/setup-msvc-dev@v2.0.0
with:
arch: x64
- name: Configure
- name: Fixup cov-int
run: |
cmake -B build -S src -G"NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DHIDAPI_WITH_TESTS=ON -DHIDAPI_BUILD_HIDTEST=ON
rm -f build/cov-int/emit/hostname/emit-db.lock build/cov-int/emit/hostname/emit-db.write-lock
mv build/cov-int/emit/hostname build/cov-int/emit/$(hostname)
- name: Lookup Coverity Build Tool hash
id: coverity-cache-lookup
shell: bash
run: |
hash=$(curl https://scan.coverity.com/download/cxx/linux64 --data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=hidapi&md5=1")
echo "coverity_hash=${hash}" >> $GITHUB_OUTPUT
- name: Get cached Coverity Build Tool
id: cov-build-cache
uses: actions/cache@v3
with:
path: cov-root
key: cov-root-cxx-linux64-${{ steps.coverity-cache-lookup.outputs.coverity_hash }}
- name: Get and configure Coverity
if: steps.cov-build-cache.outputs.cache-hit != 'true'
run: |
Invoke-WebRequest -Uri https://scan.coverity.com/download/cxx/win64 -OutFile coverity.zip -Method Post -Body @{token='${{ secrets.COVERITY_SCAN_TOKEN }}';project='hidapi'}
Expand-Archive coverity.zip -DestinationPath cov-root
$cov_root=Get-ChildItem -Path 'cov-root'
$Env:PATH += ";$($cov_root.FullName)\bin"
cov-configure -msvc
echo "$($cov_root.FullName)\bin" >> $Env:GITHUB_PATH
curl https://scan.coverity.com/download/cxx/linux64 --output coverity.tar.gz --data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=hidapi"
rm -rf cov-root
mkdir cov-root
tar -xzf coverity.tar.gz --strip 1 -C cov-root
./cov-root/bin/cov-configure --gcc
- name: Make Coverity available in PATH
run: echo "$(pwd)/cov-root/bin" >> $GITHUB_PATH
- name: Build with Coverity
working-directory: build
run: cov-build --dir cov-int nmake
run: |
cov-build --dir cov-int --append-log ninja
- name: Submit results to Coverity Scan
working-directory: build
run: |
tar -czf cov-int.tar.gz cov-int
curl --form token=${{ secrets.COVERITY_SCAN_TOKEN }} \
--form email=${{ secrets.COVERITY_SCAN_EMAIL }} \
--form file=@cov-int.tar.gz \
--form version="$GITHUB_SHA" \
--form description="Automatic HIDAPI build" \
https://scan.coverity.com/builds?project=hidapi
mv cov-int/emit/$(hostname) cov-int/emit/hostname
- name: Backup Coverity logs
uses: actions/upload-artifact@v3
with:
name: coverity-logs-windows
name: coverity-logs-windows-macos-linux
path: build/cov-int
retention-days: 7
- name: Submit results to Coverity Scan
working-directory: build
run: |
tar -czf cov-int.tar.gz cov-int
Invoke-RestMethod -Uri 'https://scan.coverity.com/builds?project=hidapi' `
-Method Post -Form @{ `
email='${{ secrets.COVERITY_SCAN_EMAIL }}'; `
token='${{ secrets.COVERITY_SCAN_TOKEN }}'; `
file=Get-Item 'cov-int.tar.gz'; `
version=$Env:GITHUB_SHA; `
description='Automatic Windows build' `
}

0 comments on commit 60fd395

Please sign in to comment.