haproxy/.github/workflows/coverity.yml
Tim Duesterhus 66d28e7045 CI: Fix the coverity builds
In an attempt to fix the use of DEBUG_STRICT commit
7f0f4786d1 unfortunately broke the Coverity
builds completely.

It turns out that Coverity does not properly handle quoting within
`COVERITY_SCAN_BUILD_COMMAND`, instead breaking up single arguments at
whitespace, thus passing `-DDEBUG_USE_ABORT=1` to `make` as-is.

Fix this issue by hijacking the Makefile within the Coverity workflow. We
simply replace the default value of the `DEBUG` option with whatever values we
need. The build command now only includes the TARGET and USE_* flags, each of
which works without any spaces.
2021-01-28 20:40:14 +01:00

42 lines
1.4 KiB
YAML

#
# scan results: https://scan.coverity.com/projects/haproxy
#
name: Coverity
on:
schedule:
- cron: "0 0 * * *"
jobs:
scan:
runs-on: ubuntu-latest
if: ${{ github.repository_owner == 'haproxy' }}
env:
COVERITY_SCAN_PROJECT_NAME: 'Haproxy'
COVERITY_SCAN_BRANCH_PATTERN: '*'
COVERITY_SCAN_NOTIFICATION_EMAIL: 'chipitsine@gmail.com'
COVERITY_SCAN_BUILD_COMMAND: "make CC=clang TARGET=linux-glibc USE_ZLIB=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_LUA=1 USE_OPENSSL=1 USE_SYSTEMD=1 USE_WURFL=1 WURFL_INC=contrib/wurfl WURFL_LIB=contrib/wurfl USE_DEVICEATLAS=1 DEVICEATLAS_SRC=contrib/deviceatlas USE_51DEGREES=1 51DEGREES_SRC=contrib/51d/src/pattern"
steps:
- uses: actions/checkout@v2
- name: Install apt dependencies
run: |
sudo apt-get update
sudo apt-get install -y \
liblua5.3-dev \
libsystemd-dev
- name: Hijack Makefile
run: |
# We cannot pass the DEBUG variable in `COVERITY_SCAN_BUILD_COMMAND`,
# because Coverity splits parameters at whitespaces, without taking
# quoting into account.
sed -i 's/^DEBUG =$/DEBUG = -DDEBUG_STRICT=1 -DDEBUG_USE_ABORT=1/' Makefile
- name: Build WURFL
run: make -C contrib/wurfl
- name: Run Coverity Scan
env:
COVERITY_SCAN_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
run: |
curl -fsSL "https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh" | bash || true