[ci] Add GitHub action for Coverity Scan
Signed-off-by: Michael Brown <mcb30@ipxe.org>
diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
new file mode 100644
index 0000000..b5496f5
--- /dev/null
+++ b/.github/workflows/coverity.yml
@@ -0,0 +1,39 @@
+name: Coverity Scan
+
+on:
+ push:
+ branches:
+ - coverity_scan
+ schedule:
+ - cron: '30 0 * * *'
+
+jobs:
+ submit:
+ name: Submit
+ runs-on: ubuntu-20.04
+ steps:
+ - name: Check out code
+ uses: actions/checkout@v2
+ - name: Download Coverity Scan
+ run: |
+ curl --form token=${{ secrets.COVERITY_SCAN_TOKEN }} \
+ --form project=${{ github.repository }} \
+ --output coverity.tar.gz \
+ https://scan.coverity.com/download/cxx/linux64
+ mkdir -p /opt/coverity
+ sudo tar xvzf coverity.tar.gz --strip 1 --directory /opt/coverity
+ - name: Build via Coverity Scan
+ run: |
+ make -C src bin/deps
+ /opt/coverity/bin/cov-build --dir cov-int make -C src bin/blib.a
+ - name: Create submission
+ run : |
+ tar cvzf cov-int.tar.gz cov-int
+ - name: Submit to Coverity Scan
+ run: |
+ curl --form token=${{ secrets.COVERITY_SCAN_TOKEN }} \
+ --form email=${{ secrets.COVERITY_SCAN_EMAIL }} \
+ --form file=@cov-int.tar.gz \
+ --form version=${{ github.sha }} \
+ --form description=${{ github.ref }} \
+ https://scan.coverity.com/builds?project=${{ github.repository }}
