-
Notifications
You must be signed in to change notification settings - Fork 80
132 lines (110 loc) · 4.83 KB
/
coverity-scan.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: coverity-scan
on:
push:
branches:
- coverity
permissions:
contents: read
jobs:
build-deps:
runs-on: ubuntu-latest
strategy:
matrix:
compiler: [ gnu ]
hdf5: [ V110 ]
netcdf: [ 4.9.2 ]
cgns: [ 4.4.0 ]
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install System dependencies
shell: bash -l {0}
run: sudo apt update && sudo apt install -y libaec-dev zlib1g-dev automake autoconf libcurl4-openssl-dev libjpeg-dev wget curl bzip2 m4 flex bison cmake libzip-dev openmpi-bin libopenmpi-dev
###
# Installing TPL
###
- name: Cache TPL-${{ matrix.compiler }}-${{ matrix.hdf5 }}-${{ matrix.netcdf }}-${{ matrix.cgns }}
id: cache-TPL
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: ~/environments/${{ matrix.compiler }}-${{ matrix.hdf5 }}-${{ matrix.netcdf }}-${{ matrix.cgns }}
key: TPL-v2-${{ runner.os }}-${{ matrix.compiler }}-${{ matrix.hdf5 }}-${{ matrix.netcdf }}-${{ matrix.cgns }}
- name: Build TPL-${{ matrix.compiler }}-${{ matrix.hdf5 }}-${{ matrix.netcdf }}-${{ matrix.cgns }}
if: steps.cache-TPL.outputs.cache-hit != 'true'
run: |
echo $HOME
set -x
COMPILER=${{ matrix.compiler }} H5VERSION=${{ matrix.hdf5}} GNU_PARALLEL=OFF INSTALL_PATH=${HOME}/environments/${{ matrix.compiler }}-${{ matrix.hdf5 }}-${{ matrix.netcdf }}-${{ matrix.cgns }} ./install-tpl.sh
ls ${HOME} && ls ${HOME}/environments && ls ${HOME}/environments/${{ matrix.compiler }}-${{ matrix.hdf5 }}-${{ matrix.netcdf }}-${{ matrix.cgns }} && ls ${HOME}/environments/${{ matrix.compiler }}-${{ matrix.hdf5 }}-${{ matrix.netcdf }}-${{ matrix.cgns }}/lib
###
# Fetch Cache
###
seacas-build:
needs: build-deps
runs-on: ubuntu-latest
strategy:
matrix:
compiler: [ gnu ]
hdf5: [ V110 ]
netcdf: [ 4.9.2 ]
cgns: [ 4.4.0 ]
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install System dependencies
shell: bash -l {0}
run: sudo apt update && sudo apt install -y libaec-dev zlib1g-dev automake autoconf libcurl4-openssl-dev libjpeg-dev wget curl bzip2 m4 flex bison cmake libzip-dev openmpi-bin libopenmpi-dev
- name: Fetch TPL Cache
id: cache-TPL
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: ~/environments/${{ matrix.compiler }}-${{ matrix.hdf5 }}-${{ matrix.netcdf }}-${{ matrix.cgns }}
key: TPL-v2-${{ runner.os }}-${{ matrix.compiler }}-${{ matrix.hdf5 }}-${{ matrix.netcdf }}-${{ matrix.cgns }}
- name: Check Cache
shell: bash -l {0}
run: ls ${HOME} && ls ${HOME}/environments && ls ${HOME}/environments/${{ matrix.compiler }}-${{ matrix.hdf5 }}-${{ matrix.netcdf }}-${{ matrix.cgns }} && ls ${HOME}/environments/${{ matrix.compiler }}-${{ matrix.hdf5 }}-${{ matrix.netcdf }}-${{ matrix.cgns }}/lib
###
# Configure and build
###
- name: Download Coverity Build Tool
run: |
wget -q https://scan.coverity.com/download/linux64 --post-data "token=$TOKEN&project=gsjaardema%2Fseacas" -O coverity_tool.tgz
mkdir cov-analysis-linux64
tar xzf coverity_tool.tgz --strip 1 -C cov-analysis-linux64
env:
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
- name: Run cmake
shell: bash -l {0}
run: |
echo $HOME
mkdir build
cd build
ZOLTAN=NO INSTALL_PATH=${HOME}/environments/${{ matrix.compiler }}-${{ matrix.hdf5 }}-${{ matrix.netcdf }}-${{ matrix.cgns }} bash ../cmake-config coverity
- name: Build
shell: bash -l {0}
run: |
cd build
mkdir cov-int
../cov-analysis-linux64/bin/cov-build --dir cov-int make -j 4
if: ${{ success() }}
- name: Submit the result to Coverity Scan
run: |
cd build
tail cov-int/build-log.txt
tar czf seacas.tgz cov-int
curl \
--form token="$TOKEN" \
--form [email protected] \
--form [email protected] \
--form version="master" \
--form description="SEACAS Github Actions Coverity Scan" \
https://scan.coverity.com/builds?project=gsjaardema%2Fseacas
env:
TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
if: ${{ success() }}