actions FEATURE coverity scan on push
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 64da9ae..fb21f66 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -9,10 +9,28 @@
- master
- devel
+env:
+ COVERITY_PROJECT: CESNET%2Flibyang
+
jobs:
+ git-branch:
+ name: Get git branch
+ runs-on: ubuntu-18.04
+ outputs:
+ branch-name: ${{ steps.get-git-branch.outputs.branch-name }}
+ steps:
+ - id: get-git-branch
+ run: |
+ if ${{ github.event_name == 'push' }}
+ then export GIT_BRANCH=`echo ${{ github.ref }} | cut -d'/' -f 3`
+ else
+ export GIT_BRANCH=${{ github.base_ref }}
+ fi
+ echo "::set-output name=branch-name::$GIT_BRANCH"
build:
name: ${{ matrix.config.name }}
runs-on: ${{ matrix.config.os }}
+ needs: git-branch
strategy:
fail-fast: false
matrix:
@@ -24,7 +42,10 @@
cc: "gcc",
options: "-DENABLE_BUILD_TESTS=ON",
packager: "sudo apt-get",
- packages: "libcmocka-dev shunit2"
+ packages: "libcmocka-dev shunit2",
+ snaps: "",
+ make-prepend: "",
+ make-target: ""
}
- {
name: "Release, Ubuntu 18.04, clang",
@@ -33,7 +54,10 @@
cc: "clang",
options: "-DENABLE_BUILD_TESTS=ON",
packager: "sudo apt-get",
- packages: "libcmocka-dev shunit2"
+ packages: "libcmocka-dev shunit2",
+ snaps: "",
+ make-prepend: "",
+ make-target: ""
}
- {
name: "Debug, Ubuntu 18.04, gcc",
@@ -42,7 +66,10 @@
cc: "gcc",
options: "",
packager: "sudo apt-get",
- packages: "libcmocka-dev valgrind shunit2"
+ packages: "libcmocka-dev valgrind shunit2",
+ snaps: "",
+ make-prepend: "",
+ make-target: ""
}
- {
name: "Debug, Ubuntu 18.04, clang",
@@ -51,7 +78,10 @@
cc: "clang",
options: "",
packager: "sudo apt-get",
- packages: "libcmocka-dev valgrind shunit2"
+ packages: "libcmocka-dev valgrind shunit2",
+ snaps: "",
+ make-prepend: "",
+ make-target: ""
}
- {
name: "Release, macOS 10.15, clang",
@@ -60,7 +90,10 @@
cc: "clang",
options: "-DENABLE_BUILD_TESTS=ON",
packager: "brew",
- packages: "cmocka shunit2"
+ packages: "cmocka shunit2",
+ snaps: "",
+ make-prepend: "",
+ make-target: ""
}
- {
name: "ASAN and UBSAN",
@@ -69,13 +102,60 @@
cc: "clang",
options: "-DCMAKE_C_FLAGS=-fsanitize=address,undefined -DENABLE_BUILD_TESTS=ON -DENABLE_VALGRIND_TESTS=OFF",
packager: "sudo apt-get",
- packages: "libcmocka-dev"
+ packages: "libcmocka-dev",
+ snaps: "",
+ make-prepend: "",
+ make-target: ""
+ }
+ - {
+ name: "ABI Check",
+ os: "ubuntu-latest",
+ build-type: "ABICheck",
+ cc: "gcc",
+ options: "",
+ packages: "libcmocka-dev abi-dumper abi-compliance-checker",
+ snaps: "core universal-ctags",
+ make-prepend: "",
+ make-target: "abi-check"
+ }
+ - {
+ name: "Coverity",
+ os: "ubuntu-latest",
+ build-type: "Debug",
+ cc: "clang",
+ options: "",
+ packages: "",
+ snaps: "",
+ make-prepend: "cov-build --dir cov-int",
+ make-target: ""
+ }
+ - {
+ name: "Codecov",
+ os: "ubuntu-latest",
+ build-type: "Debug",
+ cc: "gcc",
+ options: "-DENABLE_COVERAGE=ON",
+ packages: "libcmocka-dev lcov",
+ snaps: "",
+ make-prepend: "",
+ make-target: ""
}
steps:
- uses: actions/checkout@v2
- - name: Uncrustify
+ - name: Deps-packages
+ shell: bash
+ run: |
+ ${{ matrix.config.packager }} update
+ if ${{ matrix.config.packages != '' }}
+ then ${{ matrix.config.packager }} install ${{ matrix.config.packages }}
+ fi
+ if ${{ matrix.config.snaps != '' }}
+ then sudo snap install ${{ matrix.config.snaps }}
+ fi
+
+ - name: Deps-uncrustify
shell: bash
working-directory: ${{ github.workspace }}
run: |
@@ -88,11 +168,22 @@
sudo make install
if: ${{ matrix.config.name == 'Debug, Ubuntu 18.04, gcc' }}
- - name: Dependencies
+ - name: Deps-coverity
shell: bash
+ working-directory: ${{ github.workspace }}
run: |
- ${{ matrix.config.packager }} update
- ${{ matrix.config.packager }} install ${{ matrix.config.packages }}
+ wget -q https://scan.coverity.com/download/linux64 --post-data "token=$TOKEN&project=$COVERITY_PROJECT" -O coverity-tools.tar.gz
+ mkdir coverity-tools
+ tar xzf coverity-tools.tar.gz --strip 1 -C coverity-tools
+ env:
+ TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
+ if: ${{ matrix.config.name == 'Coverity' }}
+
+ - name: Deps-coverity-fix-permissions
+ run: |
+ chmod go-w $HOME
+ sudo chmod -R go-w /usr/share
+ if: ${{ matrix.config.name == 'Coverity' }}
- name: Configure
shell: bash
@@ -105,66 +196,34 @@
- name: Build
shell: bash
working-directory: ${{ github.workspace }}/build
- run: make
+ run: |
+ export LC_ALL=C.UTF-8
+ export PATH=/snap/bin:${{ github.workspace }}/coverity-tools/bin:$PATH
+ ${{ matrix.config.make-prepend }} make ${{ matrix.config.make-target }}
- name: Test
shell: bash
working-directory: ${{ github.workspace }}/build
run: ctest --output-on-failure
- abi:
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v2
-
- - name: Dependencies
- shell: bash
- run: |
- sudo apt-get install abi-dumper abi-compliance-checker
- sudo snap install core universal-ctags
-
- - name: Configure
- shell: bash
- working-directory: ${{ github.workspace }}
- run: |
- mkdir build
- cd build
- CC=gcc cmake -DCMAKE_BUILD_TYPE=ABICheck ..
-
- - name: Build
+ - name: Upload to Coverity.com
shell: bash
working-directory: ${{ github.workspace }}/build
- run: LC_ALL=C.UTF-8 PATH=/snap/bin:$PATH make abi-check
-
- coverage:
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v2
-
- - name: Dependencies
- shell: bash
run: |
- sudo apt-get install libcmocka-dev lcov
-
- - name: Configure
- shell: bash
- working-directory: ${{ github.workspace }}
- run: |
- mkdir build
- cd build
- CC=gcc cmake -DCMAKE_BUILD_TYPE=Debug -DENABLE_COVERAGE=ON ..
-
- - name: Build
- shell: bash
- working-directory: ${{ github.workspace }}/build
- run: make
-
- - name: Test
- shell: bash
- working-directory: ${{ github.workspace }}/build
- run: ctest --output-on-failure
+ tar czvf libyang.tgz cov-int
+ curl \
+ --form token=$TOKEN \
+ --form email=mvasko@cesnet.cz \
+ --form file=libyang.tgz \
+ --form version="`./yanglint -v | cut -d\" \" -f2`" \
+ --form description="libyang YANG library" \
+ https://scan.coverity.com/builds?project=$COVERITY_PROJECT
+ env:
+ TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
+ if: ${{ matrix.config.name == 'Coverity' && github.event_name == 'push' && needs.git-branch.outputs.branch-name == 'devel' }}
- name: Upload to Codecov.io
shell: bash
working-directory: ${{ github.workspace }}/build
run: bash <(curl -s https://codecov.io/bash)
+ if: ${{ matrix.config.name == 'Codecov' && github.event_name == 'push' }}
diff --git a/.github/workflows/coverity-scan.yml b/.github/workflows/coverity-scan.yml
deleted file mode 100644
index 68311db..0000000
--- a/.github/workflows/coverity-scan.yml
+++ /dev/null
@@ -1,57 +0,0 @@
-name: coverity-scan
-on:
- schedule:
- - cron: '0 6 * * *' # Dayly at 06:00 UTC
-
-jobs:
- coverity-scan:
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v1
- with:
- ref: devel
-
- - name: Download Coverity Build Tool
- shell: bash
- working-directory: ${{ github.workspace }}
- run: |
- wget -q https://scan.coverity.com/download/linux64 --post-data "token=$TOKEN&project=CESNET%2Flibyang" -O coverity-tools.tar.gz
- mkdir coverity-tools
- tar xzf coverity-tools.tar.gz --strip 1 -C coverity-tools
- env:
- TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
-
- - name: Fixed world writable dirs
- run: |
- chmod go-w $HOME
- sudo chmod -R go-w /usr/share
-
- - name: Configure
- shell: bash
- working-directory: ${{ github.workspace }}
- run: |
- mkdir build
- cd build
- CC=clang cmake -DCMAKE_BUILD_TYPE=Debug ..
-
- - name: Build with cov-build
- shell: bash
- working-directory: ${{ github.workspace }}/build
- run: |
- export PATH=${{ github.workspace }}/coverity-tools/bin:$PATH
- cov-build --dir cov-int make
-
- - name: Submit the result to Coverity Scan
- shell: bash
- working-directory: ${{ github.workspace }}/build
- run: |
- tar czvf libyang.tgz cov-int
- curl \
- --form token=$TOKEN \
- --form email=rkrejci@cesnet.cz \
- --form file=@libyang.tgz \
- --form version="`./yanglint -v | cut -d\" \" -f2`" \
- --form description="libyang library" \
- https://scan.coverity.com/builds?project=CESNET%2Flibyang
- env:
- TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
diff --git a/README.md b/README.md
index 6bb6567..070dbe8 100644
--- a/README.md
+++ b/README.md
@@ -3,8 +3,8 @@
[](https://opensource.org/licenses/BSD-3-Clause)
[](https://github.com/CESNET/libyang/actions?query=workflow%3A%22libyang+CI%22)
[](https://netopeer.liberouter.org/doc/libyang/)
-[](https://codecov.io/github/CESNET/libyang?branch=master)
[](https://scan.coverity.com/projects/5259)
+[](https://codecov.io/github/CESNET/libyang?branch=master)
[](https://www.openhub.net/p/libyang)
libyang is a YANG data modelling language parser and toolkit written (and
diff --git a/codecov.yml b/codecov.yml
new file mode 100644
index 0000000..3ce0684
--- /dev/null
+++ b/codecov.yml
@@ -0,0 +1,31 @@
+comment:
+ layout: header, changes, diff
+
+coverage:
+ precision: 2
+ round: nearest
+
+ ignore:
+ - compat/.*
+ - tests/.*
+
+ status:
+ project:
+ default:
+ target: auto
+ if_no_uploads: error
+
+ patch:
+ default:
+ if_no_uploads: error
+
+ changes: true
+
+ parsers:
+ gcov:
+ branch_detection:
+ macro: no
+ loop: no
+ conditional: no
+ method: no
+