# GitHub actions workflow.
# https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions

name: Coverity Scan

on:
  push:
    branches: [ main ]

  schedule:
    # The GH mirroring from Google GoB does not trigger push actions.
    # Fire it once a week to provide some coverage.
    - cron: '39 2 * * WED'

  # Allow for manual triggers from the web.
  workflow_dispatch:

env:
  COVERITY_SUPPRESS_ASSERT: 2564

jobs:
  coverity:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Update apt
        run: sudo apt-get update
      - name: Install packages
        run: >-
          sudo apt-get install -y
          make
          automake
          autoconf
          g++
          libpcre2-dev
          libncurses-dev
          libsqlite3-dev
          libbz2-dev
          libcurl4-openssl-dev
          libreadline-dev
          pipx
          tshark
          zlib1g-dev
      - name: Install python packages
        run: pipx install check-jsonschema
      - name: autogen
        run: ./autogen.sh
      - name: configure
        run: ./configure --disable-static
      - uses: vapier/coverity-scan-action@v1
        with:
          command: make -j$(getconf _NPROCESSORS_CONF)
          email: ${{ secrets.COVERITY_SCAN_EMAIL }}
          token: ${{ secrets.COVERITY_SCAN_TOKEN }}
      - name: Upload a Build Artifact
        uses: actions/upload-artifact@v3
        with:
          # Artifact name
          name: lnav-cov-int.zip
          # A file, directory or wildcard pattern that describes what to upload
          path: cov-int/build-log.txt