Skip to content

coverity-unified-runtime #402

coverity-unified-runtime

coverity-unified-runtime #402

Workflow file for this run

# Coverity - static analysis build. It requires Coverity's token (set in CI's secret).
name: coverity-unified-runtime
on:
workflow_dispatch:
schedule:
# Run every day at 22:00 UTC
- cron: '0 22 * * *'
permissions:
contents: read
jobs:
coverity:
name: Coverity
# run only on upstream; forks don't have token for upstream's cov project
if: github.repository == 'oneapi-src/unified-runtime'
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
- name: Install dependencies
run: |
wget https://developer.download.nvidia.com/compute/cuda/repos/ubuntu2204/x86_64/cuda-keyring_1.1-1_all.deb
sudo dpkg -i cuda-keyring_1.1-1_all.deb
sudo apt-get update
sudo apt-get install -y libhwloc-dev libtbb-dev cuda-toolkit-12-6
- name: Install pip packages
run: pip install -r third_party/requirements.txt
- name: Download Coverity
run: |
wget -O coverity_tool.tgz -nv https://scan.coverity.com/download/linux64 \
--post-data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=oneapi-src%2Funified-runtime"
- name: Extract Coverity
run: tar xzf coverity_tool.tgz
# TODO: enable HIP adapter as well (requires proper package(s) installation)
- name: Configure CMake
run: >
cmake
-B ${{github.workspace}}/build
-DCMAKE_BUILD_TYPE=Release
-DUR_DEVELOPER_MODE=OFF
-DUR_FORMAT_CPP_STYLE=ON
-DUR_ENABLE_TRACING=ON
-DUR_BUILD_TESTS=ON
-DUR_BUILD_ADAPTER_L0=ON
-DUR_BUILD_ADAPTER_CUDA=ON
-DCUDA_CUDA_LIBRARY=/usr/local/cuda-12.6/targets/x86_64-linux/lib/stubs/libcuda.so
-DUR_BUILD_ADAPTER_NATIVE_CPU=ON
-DUR_BUILD_ADAPTER_HIP=OFF
-DUR_BUILD_ADAPTER_OPENCL=ON
- name: Build
run: |
export COVERITY_DIR=$(find . -maxdepth 1 -type d -name "cov-analysis-linux64-*" | head -n 1)
if [ -n "$COVERITY_DIR" ]; then
export PATH="$PATH:$COVERITY_DIR/bin"
fi
cov-build --dir ${{github.workspace}}/cov-int cmake --build ${{github.workspace}}/build --config Release -j$(nproc)
- name: Create tarball to analyze
run: tar czvf cov-int_ur.tgz cov-int
- name: Push tarball to scan
run: |
BRANCH_NAME=$(echo ${GITHUB_REF_NAME})
COMMIT_ID=$(echo $GITHUB_SHA)
curl --form token=${{ secrets.COVERITY_SCAN_TOKEN }} \
--form [email protected] \
--form file=@cov-int_ur.tgz \
--form version="$COMMIT_ID" \
--form description="$BRANCH_NAME:$COMMIT_ID" \
https://scan.coverity.com/builds\?project\=oneapi-src%2Funified-runtime