-
Notifications
You must be signed in to change notification settings - Fork 70
32 lines (29 loc) · 1.3 KB
/
coverity.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
name: Coverity
on:
push:
branches: ['main']
pull_request:
branches: ['main']
env:
PACKAGE_NAME: aws-iot-device-client
ECR_BASE_REPO: aws-iot-device-client/aws-iot-device-client-base-images
jobs:
build-wrapper:
runs-on: ubuntu-latest
if: (github.event_name == 'push') || ((github.event_name == 'pull_request') && (github.event.pull_request.head.repo.full_name != github.repository))
steps:
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.ECR_USER_AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.ECR_USER_AWS_KEY_SECRET }}
aws-region: us-east-1
- name: Login to ECR
run: aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
- name: Checkout Sources
uses: actions/checkout@v1
- name: coverity script
run: |
export DOCKER_IMAGE=public.ecr.aws/${ECR_BASE_REPO}:x86_64-ubuntu-latest
docker pull $DOCKER_IMAGE
docker run --mount type=bind,source=$(pwd),target=/src --workdir /src --entrypoint /src/static-checks/coverity-build.sh --env COVERITY_TOKEN="${{ secrets.COVERITY_TOKEN }}" --env COVERITY_EMAIL="${{ secrets.COVERITY_EMAIL }}" $DOCKER_IMAGE