Fix #31 Force codeql analysis to use internal repos #12
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| workflow_call: | |
| inputs: | |
| java_version: | |
| type: string | |
| description: set version of java used to run the maven | |
| default: '17' | |
| version: | |
| type: string | |
| description: project/build version - use commit sha or maven version of artifact | |
| required: true | |
| description: | |
| type: string | |
| description: desription/tag of the build - use RC for Release Candidate | |
| required: true | |
| project-name: | |
| type: string | |
| description: project name in Coverity Scan | |
| required: true | |
| directory_path: | |
| type: string | |
| description: directory with pom.xml to be executed | |
| default: . | |
| java_version: | |
| type: string | |
| description: set version of java used to run the maven | |
| default: '17' | |
| jobs: | |
| build: | |
| name: Coverity Scan | |
| runs-on: ubuntu-latest | |
| container: ghcr.io/wultra/coverity:latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Set up JDK ${{ inputs.java_version }} | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: ${{ inputs.java_version }} | |
| distribution: 'temurin' | |
| cache: maven | |
| - name: Prepare Analysis | |
| run: | | |
| cd ${{ inputs.directory_path }} | |
| cov-build --dir cov-int mvn -DskipTests=true -DuseInternalRepo=true compile | |
| tar czvf ${{ inputs.project-name }}.tgz cov-int | |
| mkdir result && cp ${{ inputs.project-name }}.tgz result | |
| - name: Storing Generated Artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: Analysis | |
| path: result | |
| retention-days: 35 | |
| if-no-files-found: ignore | |
| - name: Upload to Coverity Scan Dashboard | |
| run: | | |
| cd ${{ inputs.directory_path }} | |
| curl --form token=${{ secrets.COVERITY_SCAN_TOKEN }} \ | |
| --form email=${{ secrets.COVERITY_USER }} \ | |
| --form file=@${{ inputs.project-name }}.tgz \ | |
| --form version="${{ inputs.version }}" \ | |
| --form description="${{ inputs.description }}" \ | |
| https://scan.coverity.com/builds?project=wultra%2F${{ inputs.project-name }} |