spdlog/.github/workflows/coverity_scan.yml

name: coverity-linux

on: [pull_request]

permissions:
  contents: read

jobs:
  coverity_scan:
    runs-on: ubuntu-latest
    name: Coverity Scan
    steps:
      - uses: actions/checkout@v4

      - name: Install dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y curl build-essential cmake pkg-config libsystemd-dev

      - name: Download Coverity Tool
        run: |
          curl -s -L --output coverity_tool.tgz "https://scan.coverity.com/download/linux64?token=${{ secrets.COVERITY_TOKEN }}&project=gabime%2Fspdlog"
          mkdir coverity_tool
          tar -C coverity_tool --strip-components=1 -xf coverity_tool.tgz
          echo "$PWD/coverity_tool/bin" >> $GITHUB_PATH

      - name: Build with Coverity
        run: |
          mkdir build && cd build
          cmake .. -DCMAKE_BUILD_TYPE=Release -DCMAKE_CXX_STANDARD=17
          cd ..
          cov-build --dir cov-int make -C build -j4

      - name: Submit results to Coverity
        run: |
          tar czf cov-int.tgz cov-int
          response=$(curl --silent --show-error --fail \
            --form token="${{ secrets.COVERITY_TOKEN }}" \
            --form file=@cov-int.tgz \
            --form version="GitHub PR #${{ github.event.pull_request.number }}" \
            --form description="CI run for PR" \
            https://scan.coverity.com/builds?project=gabime%2Fspdlog)

          echo "$response"

          if echo "$response" | grep -qi "Build successfully submitted"; then
            echo "Coverity upload succeeded"
          else
            echo "Coverity upload failed or was rejected"
            exit 1
          fi