1# Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved. 2# 3# Licensed under the Apache License 2.0 (the "License"). You may not use 4# this file except in compliance with the License. You can obtain a copy 5# in the file LICENSE in the source distribution or at 6# https://www.openssl.org/source/license.html 7 8name: Static Analysis 9 10#Run once a day 11on: 12 schedule: 13 - cron: '20 0 * * *' 14 15permissions: 16 contents: read 17 18jobs: 19 coverity: 20 runs-on: ubuntu-latest 21 steps: 22 - uses: actions/checkout@v4 23 - name: tool download 24 run: | 25 wget https://scan.coverity.com/download/linux64 \ 26 --post-data "token=${{ secrets.COVERITY_TOKEN }}&project=openssl%2Fopenssl" \ 27 --progress=dot:giga -O coverity_tool.tgz 28 - name: config 29 run: CC=gcc ./config --banner=Configured --debug enable-fips enable-rc5 enable-md2 enable-ssl3 enable-nextprotoneg enable-ssl3-method enable-weak-ssl-ciphers enable-zlib enable-ec_nistp_64_gcc_128 no-shared enable-buildtest-c++ enable-external-tests -DPEDANTIC 30 - name: config dump 31 run: ./configdata.pm --dump 32 - name: tool install 33 run: tar xzf coverity_tool.tgz 34 - name: make 35 run: ./cov-analysis*/bin/cov-build --dir cov-int make -s -j4 36 - name: archive 37 run: tar czvf openssl.tgz cov-int 38 - name: Coverity upload 39 run: | 40 curl --form token="${{ secrets.COVERITY_TOKEN }}" \ 41 --form email=openssl-commits@openssl.org \ 42 --form file=@openssl.tgz \ 43 --form version="`date -u -I` `git rev-parse --short HEAD`" \ 44 --form description="analysis of `git branch --show-current`" \ 45 https://scan.coverity.com/builds?project=openssl%2Fopenssl 46