-
Notifications
You must be signed in to change notification settings - Fork 408
198 lines (187 loc) · 7.52 KB
/
checks.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
name: Checks
run-name: Code checks for '${{ github.ref_name }}'
# General comment:
# Coverity doesn't support merging or including reports from multible machine/platforms (at least not officially).
# But otherwise there is no good way to keep the issues from all platforms at Coverity Scans at once.
# This script uses undocumented (but appears to be working) hack:
# The build logs from one machine/platform gets moved to a next once,
# and "fixed" so that cov-build can append logs from the next platform.
# The "fix" is based on the fact, that Coverity perfectly allows appending logs from multiple builds
# that are done *on the same host* machine.
on:
# On-demand run
workflow_dispatch:
# Weekly run
schedule:
- cron: '30 5 * * 0'
jobs:
coverity-windows:
runs-on: windows-latest
steps:
- uses: actions/checkout@v3
with:
path: src
- name: Setup MSVC
uses: TheMrMilchmann/[email protected]
with:
arch: x64
- name: Configure
run: |
cmake -B build -S src -G"NMake Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DHIDAPI_WITH_TESTS=ON -DHIDAPI_BUILD_HIDTEST=ON
- name: Lookup Coverity Build Tool hash
id: coverity-cache-lookup
run: |
$coverity_hash=Invoke-RestMethod -Uri https://scan.coverity.com/download/cxx/win64 -Method Post -Body @{token='${{ secrets.COVERITY_SCAN_TOKEN }}';project='hidapi';md5=1}
echo "coverity_hash=$coverity_hash" >> $Env:GITHUB_OUTPUT
- name: Get cached Coverity Build Tool
id: cov-build-cache
uses: actions/cache@v3
with:
path: cov-root
key: cov-root-cxx-win64-${{ steps.coverity-cache-lookup.outputs.coverity_hash }}
- name: Get and configure Coverity
if: steps.cov-build-cache.outputs.cache-hit != 'true'
run: |
Invoke-WebRequest -Uri https://scan.coverity.com/download/cxx/win64 -OutFile coverity.zip -Method Post -Body @{token='${{ secrets.COVERITY_SCAN_TOKEN }}';project='hidapi'}
Remove-Item 'cov-root' -Recurse -Force -ErrorAction SilentlyContinue
Expand-Archive coverity.zip -DestinationPath cov-root
$cov_root=Get-ChildItem -Path 'cov-root'
$Env:PATH += ";$($cov_root.FullName)\bin"
cov-configure -msvc
- name: Make Coverity available in PATH
run: |
$cov_root=Get-ChildItem -Path 'cov-root'
echo "$($cov_root.FullName)\bin" >> $Env:GITHUB_PATH
- name: Build with Coverity
working-directory: build
run: |
cov-build --dir cov-int nmake
Rename-Item ".\cov-int\emit\$(hostname)" hostname
- name: Backup Coverity logs
uses: actions/upload-artifact@v4
with:
name: coverity-logs-windows
path: build/cov-int
retention-days: 7
coverity-macos:
runs-on: macos-13
needs: [coverity-windows]
steps:
- uses: actions/checkout@v3
with:
path: src
- name: Install dependencies
run: brew install ninja
- name: Configure
run: |
cmake -B build -S src -GNinja -DCMAKE_BUILD_TYPE=RelWithDebInfo -DHIDAPI_WITH_TESTS=ON -DHIDAPI_BUILD_HIDTEST=ON -DCMAKE_C_COMPILER=clang
- uses: actions/download-artifact@v4
with:
name: coverity-logs-windows
path: build/cov-int
- name: Fixup cov-int
run: |
rm -f build/cov-int/emit/hostname/emit-db.lock build/cov-int/emit/hostname/emit-db.write-lock
mv build/cov-int/emit/hostname build/cov-int/emit/$(hostname)
- name: Lookup Coverity Build Tool hash
id: coverity-cache-lookup
shell: bash
run: |
hash=$(curl https://scan.coverity.com/download/cxx/Darwin --data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=hidapi&md5=1")
echo "coverity_hash=${hash}" >> $GITHUB_OUTPUT
- name: Get cached Coverity Build Tool
id: cov-build-cache
uses: actions/cache@v3
with:
path: cov-root
key: cov-root-cxx-Darwin-${{ steps.coverity-cache-lookup.outputs.coverity_hash }}
- name: Get and configure Coverity
if: steps.cov-build-cache.outputs.cache-hit != 'true'
run: |
curl https://scan.coverity.com/download/cxx/Darwin --output coverity.dmg --data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=hidapi"
hdiutil attach coverity.dmg -mountroot coverity
export COV_DIR_NAME=$(ls -1 --color=never coverity)
rm -rf cov-root
mkdir cov-root
cp ./coverity/${COV_DIR_NAME}/${COV_DIR_NAME}.sh cov-root/
cd cov-root/
./${COV_DIR_NAME}.sh
./bin/cov-configure --clang
- name: Make Coverity available in PATH
run: echo "$(pwd)/cov-root/bin" >> $GITHUB_PATH
- name: Build with Coverity
working-directory: build
run: |
cov-build --dir cov-int --append-log ninja
mv cov-int/emit/$(hostname) cov-int/emit/hostname
- name: Backup Coverity logs
uses: actions/upload-artifact@v4
with:
name: coverity-logs-windows-macos
path: build/cov-int
retention-days: 7
coverity-ubuntu:
runs-on: ubuntu-latest
needs: [coverity-macos]
steps:
- uses: actions/checkout@v3
with:
path: src
- name: Install dependencies
run: |
sudo apt update
sudo apt install libudev-dev libusb-1.0-0-dev ninja-build
- name: Configure
run: |
cmake -B build -S src -GNinja -DCMAKE_BUILD_TYPE=RelWithDebInfo -DHIDAPI_WITH_TESTS=ON -DHIDAPI_BUILD_HIDTEST=ON -DCMAKE_C_COMPILER=gcc
- uses: actions/download-artifact@v4
with:
name: coverity-logs-windows-macos
path: build/cov-int
- name: Fixup cov-int
run: |
rm -f build/cov-int/emit/hostname/emit-db.lock build/cov-int/emit/hostname/emit-db.write-lock
mv build/cov-int/emit/hostname build/cov-int/emit/$(hostname)
- name: Lookup Coverity Build Tool hash
id: coverity-cache-lookup
shell: bash
run: |
hash=$(curl https://scan.coverity.com/download/cxx/linux64 --data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=hidapi&md5=1")
echo "coverity_hash=${hash}" >> $GITHUB_OUTPUT
- name: Get cached Coverity Build Tool
id: cov-build-cache
uses: actions/cache@v3
with:
path: cov-root
key: cov-root-cxx-linux64-${{ steps.coverity-cache-lookup.outputs.coverity_hash }}
- name: Get and configure Coverity
if: steps.cov-build-cache.outputs.cache-hit != 'true'
run: |
curl https://scan.coverity.com/download/cxx/linux64 --output coverity.tar.gz --data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=hidapi"
rm -rf cov-root
mkdir cov-root
tar -xzf coverity.tar.gz --strip 1 -C cov-root
./cov-root/bin/cov-configure --gcc
- name: Make Coverity available in PATH
run: echo "$(pwd)/cov-root/bin" >> $GITHUB_PATH
- name: Build with Coverity
working-directory: build
run: |
cov-build --dir cov-int --append-log ninja
- name: Submit results to Coverity Scan
working-directory: build
run: |
tar -czf cov-int.tar.gz cov-int
curl --form token=${{ secrets.COVERITY_SCAN_TOKEN }} \
--form email=${{ secrets.COVERITY_SCAN_EMAIL }} \
--form [email protected] \
--form version="$GITHUB_SHA" \
--form description="Automatic HIDAPI build" \
https://scan.coverity.com/builds?project=hidapi
mv cov-int/emit/$(hostname) cov-int/emit/hostname
- name: Backup Coverity logs
uses: actions/upload-artifact@v4
with:
name: coverity-logs-windows-macos-linux
path: build/cov-int
retention-days: 7