final patch attached. пт, 25 дек. 2020 г. в 17:05, Илья Шипицин <[email protected]>:
> seems we need " ... || true" back > https://github.com/chipitsine/haproxy/runs/1608451465 > > пт, 25 дек. 2020 г. в 16:04, Tim Düsterhus <[email protected]>: > >> Ilya, >> >> Am 25.12.20 um 06:28 schrieb Илья Шипицин: >> > I modified patch to run against my own coverity repo >> 'chipitsine/haproxy' >> > >> > >> > Tim, can you have a look ? >> > >> > https://github.com/chipitsine/haproxy/actions/runs/443552484 >> > >> >> Apparently it is not possible to use secrets within an `if` condition. >> See this one: https://github.com/actions/runner/issues/520. >> >> In one comment the following example was posted: >> >> if: ${{ github.repository_owner == 'haproxy' }} >> >> It's not perfect, because it does not actually check the token, but it >> will prevent the job from running in forks. And for our repository it >> will effectively always have the token. >> >> Best regards >> Tim Düsterhus >> >
From 12c9385c962ab511f143751df99b8f9f5b99124c Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin <[email protected]> Date: Fri, 25 Dec 2020 23:36:52 +0500 Subject: [PATCH] CI: GitHub Actions: enable daily Coverity scan That scan was previously implemented on Travis. Let us migrate it to GitHub Actions. Co-authored-by: Tim Duesterhus <[email protected]> --- .github/workflows/coverity.yml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 .github/workflows/coverity.yml diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml new file mode 100644 index 000000000..51051cc1f --- /dev/null +++ b/.github/workflows/coverity.yml @@ -0,0 +1,34 @@ + +# +# scan results: https://scan.coverity.com/projects/haproxy +# + +name: Coverity + +on: + schedule: + - cron: "0 0 * * *" + +jobs: + scan: + runs-on: ubuntu-latest + if: ${{ github.repository_owner == 'haproxy' }} + env: + COVERITY_SCAN_PROJECT_NAME: 'Haproxy' + COVERITY_SCAN_BRANCH_PATTERN: '*' + COVERITY_SCAN_NOTIFICATION_EMAIL: '[email protected]' + COVERITY_SCAN_BUILD_COMMAND: "make CC=clang DEFINE=-DDEBUG_USE_ABORT TARGET=linux-glibc USE_ZLIB=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_LUA=1 USE_OPENSSL=1 USE_SYSTEMD=1 USE_WURFL=1 WURFL_INC=contrib/wurfl WURFL_LIB=contrib/wurfl USE_DEVICEATLAS=1 DEVICEATLAS_SRC=contrib/deviceatlas USE_51DEGREES=1 51DEGREES_SRC=contrib/51d/src/pattern DEBUG_STRICT=1" + steps: + - uses: actions/checkout@v2 + - name: Install apt dependencies + run: | + sudo apt-get update + sudo apt-get install -y \ + liblua5.3-dev \ + libsystemd-dev + - name: Run Coverity Scan + env: + COVERITY_SCAN_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} + run: | + make -C contrib/wurfl + curl -fsSL "https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh"; | bash || true -- 2.29.2
