Activate BlockCutTree Tests (#70) #173

Summary
Jobs
- Coverity
Run details
- Usage
- Workflow file

Workflow file for this run

.github/workflows/synopsys-security-scan.yml at 366933d

	# This file is parttly based on https://github.com/marketplace/actions/synopsys-intelligent-security-scan.
	name: Coverity
	on:
	push:
	branches: [ "main" ]
	pull_request:
	branches: [ "main" ]
	schedule:
	- cron: '30 2 * * *' # Run once per day, to avoid Coverity's submission limits
	workflow_dispatch:

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	permissions:
	contents: read

	jobs:
	Coverity:

	runs-on: ubuntu-latest

	env:
	COV_URL: ${{ secrets.SYNOPSYS_ACCESS_URL }}
	COV_USER: ${{ secrets.SYNOPSYS_ACCESS_EMAIL }}
	COVERITY_PASSPHRASE: ${{ secrets.SYNOPSYS_ACCESS_TOKEN }}
	CSA: cov-analysis-linux64-2020.12
	COVERITY_PROJECT: franziska-wegner/egoa
	BLDCMD: mvn -B clean package -DskipTests
	CHECKERS: --webapp-security
	QT_VERSION: "6.2.0"

	steps:
	- name: Checkout EGOA
	uses: actions/checkout@v4

	- name: Coverity Download
	run: \|
	wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$COVERITY_PASSPHRASE&project=franziska-wegner%2Fegoa" -O coverity_tool.tgz
	mkdir cov-scan
	tar ax -f coverity_tool.tgz --strip-components=1 -C cov-scan

	# - name: Coverity Full Scan
	# if: ${{ github.event_name != 'pull_request' }}
	# run: \|
	# export PATH=$PATH:/tmp/$CSA/bin
	# set -x
	# cov-build --dir idir --fs-capture-search $GITHUB_WORKSPACE $BLDCMD
	# cov-analyze --dir idir --ticker-mode none --strip-path $GITHUB_WORKSPACE $CHECKERS
	# cov-commit-defects --dir idir --ticker-mode none --url $COV_URL --stream $COVERITY_PROJECT-${GITHUB_REF##*/} --scm git \
	# --description $GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID --target $RUNNER_OS --version $GITHUB_SHA

	# - name: Coverity Quality Gate
	# if: ${{ github.event_name != 'pull_request' }}
	# run: \|
	# curl -fLsS --user $COV_USER:$COVERITY_PASSPHRASE $COV_URL/api/viewContents/issues/v1/OWASP%20Web%20Top%2010?projectId=$COVERITY_PROJECT > results.json
	# if [ $(cat results.json \| jq .viewContentsV1.totalRows) -ne 0 ]; then cat results.json \| jq .viewContentsV1.rows; exit 1; fi

	# - id: changeset
	# name: Get Pull Request Changeset
	# uses: jitterbit/get-changed-files@v1
	# if: ${{ github.event_name == 'pull_request' }}

	# - name: Coverity Incremental Scan
	# if: ${{ github.event_name == 'pull_request' && steps.changeset.outputs.added_modified != '' }}
	# run: \|
	# export PATH=$PATH:/tmp/$CSA/bin
	# set -x
	# cov-run-desktop --dir idir --url $COV_URL --stream $COVERITY_PROJECT-$GITHUB_BASE_REF --build $BLDCMD
	# cov-run-desktop --dir idir --url $COV_URL --stream $COVERITY_PROJECT-$GITHUB_BASE_REF --present-in-reference false \
	# --ignore-uncapturable-inputs true --exit1-if-defects true ${{ steps.changeset.outputs.added_modified }}

	- name: Setup environment
	run: \|
	echo "$(pwd)/cov-scan/bin" >> $GITHUB_PATH
	echo "NPROC=$(getconf _NPROCESSORS_ONLN)" >> $GITHUB_ENV

	- name: Install Qt
	uses: jurplel/install-qt-action@v3
	with:
	version: ${{ env.QT_VERSION }}
	cache: 'true'
	cache-key-prefix: ${{ runner.os }}-Qt-Cache-${{ env.QT_VERSION }}
	dir: ${{ github.workspace }}/Qt

	- name: Set reusable strings
	# Turn repeated input strings (such as the build output directory) into step outputs. These step outputs can be used throughout the workflow file.
	id: strings
	shell: bash
	run: \|
	echo "build-output-dir=${{ github.workspace }}/build" >> "$GITHUB_OUTPUT"

	- name: Configure egoa
	env:
	CMAKE_PREFIX_PATH: ${{env.Qt6_DIR}}
	CMAKE_MODULE_PATH: ${{env.Qt6_DIR}}
	run: >
	cmake -B ${{ steps.strings.outputs.build-output-dir }}
	-DCMAKE_CXX_COMPILER=g++
	-DCMAKE_C_COMPILER=gcc
	-DEGOA_BUILD_TYPE=Release
	-DCMAKE_BUILD_TYPE=Release
	-DBoost_NO_SYSTEM_PATHS=TRUE
	-DEGOA_DOWNLOAD_CPPAD=OFF
	-DEGOA_DOWNLOAD_EIGEN=OFF
	-DEGOA_DOWNLOAD_GOOGLE_TEST_FRAMEWORK=OFF
	-DEGOA_DOWNLOAD_IEEE=OFF
	-DEGOA_DOWNLOAD_PYPSA_EUR=OFF
	-DEGOA_DOWNLOAD_PYPSA_ITI_COLLABORATION=OFF
	-DEGOA_DOWNLOAD_SCIGRID=OFF
	-DEGOA_DOWNLOAD_WINDFARM=OFF
	-DEGOA_ENABLE_ASSERTION=ON
	-DEGOA_ENABLE_BONMIN=OFF
	-DEGOA_ENABLE_BOOST=OFF
	-DEGOA_ENABLE_CPLEX=OFF
	-DEGOA_ENABLE_DOCUMENTATION=OFF
	-DEGOA_ENABLE_EXCEPTION_HANDLING=ON
	-DEGOA_ENABLE_GUROBI=OFF
	-DEGOA_ENABLE_IPOPT=OFF
	-DEGOA_ENABLE_OGDF=OFF
	-DEGOA_ENABLE_OPENMP=OFF
	-DEGOA_ENABLE_TESTS=OFF
	-DEGOA_ENABLE_VERBOSE_MAKEFILE=ON
	-DEGOA_PEDANTIC_AS_ERRORS=OFF
	-DEGOA_PEDANTIC_MODE=ON
	-DEGOA_TEST_FRAMEWORK=OfflineGoogleTestFramework
	-DEGOA_TEST_FRAMEWORK_LOCATION=external/GoogleTestFramework
	-DEGOA_THREAD_LIMIT=0
	-DEGOA_WARNINGS_AS_ERRORS=ON
	-DBONMIN_ROOT_DIR="NONE-DIR"
	-DBoost_DIRECTORIES="/opt/homebrew/opt/boost/"
	-DCOIN_INCLUDE_DIR="NONE-DIR"
	-DCOIN_LIBRARY_DIR="NONE-DIR"
	-DCPLEX_HOME="NONE-DIR"
	-DGUROBI_ROOT_DIR="NONE-DIR"
	-DOGDF_AUTOGEN_INCLUDE_DIR="NONE-DIR"
	-DOGDF_INCLUDE_DIR="NONE-DIR"
	-DOGDF_LIBRARY_DIR="NONE-DIR"
	-DOPENMP_INCLUDES="/opt/homebrew/opt/llvm/include"
	-DOPENMP_LIBRARIES="/opt/homebrew/opt/llvm/lib"
	-S ${{ github.workspace }}

	- name: Run coverity build/scan
	run: \|
	cd build && cov-build --dir cov-int make -j${NPROC}

	- name: Submit results
	run: \|
	cd build
	tar zcf cov-scan.tgz cov-int
	curl --form token=$COVERITY_PASSPHRASE \
	--form email=$COV_USER \
	--form [email protected] \
	--form version="$(git rev-parse HEAD)" \
	--form description="Automatic GHA scan" \
	'https://scan.coverity.com/builds?project=franziska-wegner%2Fegoa'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Activate BlockCutTree Tests (#70) #173

Workflow file

Activate BlockCutTree Tests (#70) #173

Jobs

Run details

Workflow file for this run