Skip to content

Run Coverity Scan

Run Coverity Scan #27

Workflow file for this run

name: "Run Coverity Scan"
on:
schedule:
- cron: "0 0 * * FRI"
workflow_dispatch:
jobs:
analyze:
name: Analyze
if: ${{ github.repository == 'lammps/lammps' }}
runs-on: ubuntu-latest
container:
image: lammps/buildenv:ubuntu20.04
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 2
- name: Create Build and Download Folder
run: mkdir build download
- name: Cache Coverity
id: cache-coverity
uses: actions/cache@v4
with:
path: ./download/
key: ${{ runner.os }}-download-${{ hashFiles('**/coverity_tool.*') }}
- name: Download Coverity if necessary
if: steps.cache-coverity.outputs.cache-hit != 'true'
working-directory: download
run: |
wget -nv https://scan.coverity.com/download/linux64 --post-data "token=${{ secrets.COVERITY_TOKEN }}&project=LAMMPS" -O coverity_tool.tgz
wget -nv https://scan.coverity.com/download/linux64 --post-data "token=${{ secrets.COVERITY_TOKEN }}&project=LAMMPS&md5=1" -O coverity_tool.md5
echo " coverity_tool.tgz" >> coverity_tool.md5
md5sum -c coverity_tool.md5
- name: Setup Coverity
run: |
tar xzf download/coverity_tool.tgz
ln -s cov-analysis-linux64-* coverity
- name: Configure LAMMPS via CMake
shell: bash
working-directory: build
run: |
cmake \
-C ../cmake/presets/clang.cmake \
-C ../cmake/presets/most.cmake \
-C ../cmake/presets/kokkos-openmp.cmake \
-D CMAKE_BUILD_TYPE="RelWithDebug" \
-D CMAKE_TUNE_FLAGS="-Wall -Wextra -Wno-unused-result" \
-D BUILD_MPI=on \
-D BUILD_OMP=on \
-D BUILD_SHARED_LIBS=on \
-D LAMMPS_SIZES=SMALLBIG \
-D LAMMPS_EXCEPTIONS=off \
-D PKG_ATC=on \
-D PKG_AWPMD=on \
-D PKG_H5MD=on \
-D PKG_INTEL=on \
-D PKG_LATBOLTZ=on \
-D PKG_MANIFOLD=on \
-D PKG_MDI=on \
-D PKG_MGPT=on \
-D PKG_ML-PACE=on \
-D PKG_ML-RANN=on \
-D PKG_MOLFILE=on \
-D PKG_NETCDF=on \
-D PKG_PTM=on \
-D PKG_QTB=on \
-D PKG_SMTBQ=on \
../cmake
- name: Run Coverity Scan
shell: bash
working-directory: build
run: |
export PATH=$GITHUB_WORKSPACE/coverity/bin:$PATH
cov-build --dir cov-int cmake --build . --parallel 2
- name: Create tarball with scan results
shell: bash
working-directory: build
run: tar czf lammps.tgz cov-int
- name: Upload scan result to Coverity
shell: bash
run: |
curl --form token=${{ secrets.COVERITY_TOKEN }} \
--form email=${{ secrets.COVERITY_EMAIL }} \
--form file=@build/lammps.tgz \
--form version=${{ github.sha }} \
--form description="LAMMPS automated build" \
https://scan.coverity.com/builds?project=LAMMPS