Coverity Scan Cron Job #53

	name: Coverity Scan Cron Job

	on:
	schedule:
	- cron: '0 0 * * 1,3,5'

	permissions:
	contents: read

	jobs:
	scan:
	if: github.repository == 'zeek/zeek'
	runs-on: ubuntu-20.04

	steps:
	- uses: actions/checkout@v3
	with:
	submodules: "recursive"

	- name: Fetch Dependencies
	run: \|
	sudo apt-get update
	sudo apt-get -y install \
	git \
	cmake \
	make \
	gcc \
	g++ \
	flex \
	bison \
	libpcap-dev \
	libssl-dev \
	python3 \
	python3-dev \
	python3-pip \
	swig \
	zlib1g-dev \
	libmaxminddb-dev \
	libkrb5-dev \
	bsdmainutils \
	sqlite3 \
	curl \
	wget

	- name: Configure
	run: ./configure --build-type=debug --disable-broker-tests --disable-spicy

	- name: Fetch Coverity Tools
	env:
	COVERITY_TOKEN: ${{ secrets.COVERITY_TOKEN }}
	run: \|
	wget \
	-nv https://scan.coverity.com/download/cxx/linux64 \
	--post-data "token=${COVERITY_TOKEN}&project=Bro" \
	-O coverity_tool.tgz
	tar xzf coverity_tool.tgz
	rm coverity_tool.tgz
	mv cov-analysis* coverity-tools

	- name: Build
	run: \|
	export PATH=`pwd`/coverity-tools/bin:$PATH
	( cd build && cov-build --dir cov-int make -j $(nproc) )
	cat build/cov-int/build-log.txt

	- name: Submit
	env:
	COVERITY_TOKEN: ${{ secrets.COVERITY_TOKEN }}
	run: \|
	cd build
	tar czf myproject.tgz cov-int
	curl \
	--form token=${COVERITY_TOKEN} \
	--form [email protected] \
	--form [email protected] \
	--form "version=`cat ../VERSION`" \
	--form "description=`git rev-parse HEAD`" \
	https://scan.coverity.com/builds?project=Bro

Provide feedback