From 33734ee96761de3a19ea27816cd2e3b1733d7b6d Mon Sep 17 00:00:00 2001 From: Timo Sairiala Date: Wed, 10 Apr 2024 12:56:21 +0300 Subject: [PATCH] remove coverity and BD scan workflows --- .github/workflows/tiiuae-blackduck-scan.yaml | 56 ------------------- .../workflows/tiiuae-coverity-scan-image.yaml | 47 ---------------- .github/workflows/tiiuae-coverity-scan.yaml | 36 ------------ 3 files changed, 139 deletions(-) delete mode 100644 .github/workflows/tiiuae-blackduck-scan.yaml delete mode 100644 .github/workflows/tiiuae-coverity-scan-image.yaml delete mode 100644 .github/workflows/tiiuae-coverity-scan.yaml diff --git a/.github/workflows/tiiuae-blackduck-scan.yaml b/.github/workflows/tiiuae-blackduck-scan.yaml deleted file mode 100644 index 47c9d72601c5..000000000000 --- a/.github/workflows/tiiuae-blackduck-scan.yaml +++ /dev/null @@ -1,56 +0,0 @@ -name: tiiuae-blackduck-scan - -on: - push: - tags: - - 'v1.14.0-*' - workflow_dispatch: - -jobs: - scan: - name: run blackduck scan - runs-on: ubuntu-latest - steps: - - name: Checkout px4-firmware - uses: actions/checkout@v4 - with: - token: ${{ secrets.GH_REPO_TOKEN }} - submodules: 'recursive' - path: px4-firmware - fetch-depth: 0 - - name: Run the scan - run: | - set -exu - - # initialise configuration values - bd_project_name=px4-1.14.0 - bd_project_version=${{ github.ref_name }} - bd_project_phase=DEVELOPMENT - workdir=$(pwd) - blackduck_url="https://blackduck.ssrc.fi" - blackduck_token=${{ secrets.BLACKDUCK_ACCESS_TOKEN }} - project_id="7900cb41-3b7e-4985-8935-5d6c6b996db3" - bdscan_output_file=bdscan_output.log - - # run the actual scan - bash <(curl -s -L https://detect.synopsys.com/detect8.sh) \ - --blackduck.api.token=$blackduck_token \ - --blackduck.trust.cert=true \ - --blackduck.url=$blackduck_url \ - --detect.blackduck.signature.scanner.snippet.matching=FULL_SNIPPET_MATCHING \ - --detect.blackduck.signature.scanner.upload.source.mode=true \ - --detect.excluded.detector.types=PEAR \ - --detect.impact.analysis.enabled=true \ - --detect.project.application.id=$bd_project_name \ - --detect.project.name=$bd_project_name \ - --detect.project.version.name=$bd_project_version \ - --detect.project.version.phase=$bd_project_phase \ - --detect.source.path=$workdir \ - --detect.target.type=SOURCE \ - --detect.timeout=6000 \ - --detect.tools=ALL \ - --detect.wait.for.results=true \ - | tee ${bdscan_output_file} - - # find blackduck link from output log: - grep 'Black Duck Project BOM:' ${bdscan_output_file} |sed 's/^.*Black Duck Project BOM: //g' >> $GITHUB_STEP_SUMMARY diff --git a/.github/workflows/tiiuae-coverity-scan-image.yaml b/.github/workflows/tiiuae-coverity-scan-image.yaml deleted file mode 100644 index 34db9e3a188c..000000000000 --- a/.github/workflows/tiiuae-coverity-scan-image.yaml +++ /dev/null @@ -1,47 +0,0 @@ -name: tiiuae-coverity-scan-image - -on: - # Run only manually - workflow_dispatch: - -permissions: - contents: read - packages: write - -jobs: - coverity-scan-image: - name: create coverity scan image - runs-on: ubuntu-latest - steps: - - name: Checkout px4-firmware - uses: actions/checkout@v4 - with: - path: px4-firmware - fetch-depth: 0 - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - images: ghcr.io/tiiuae/px4-coverity-scan-image - tags: | - type=raw,value=latest - type=sha - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push coverity scan image - uses: docker/build-push-action@v5 - with: - context: . - file: ./px4-firmware/packaging/Dockerfile.coverity - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - build-args: | - "COVERITY_DOCKER_REGISTRY_USERNAME=${{ secrets.COVERITY_DOCKER_REGISTRY_USERNAME }}" - "COVERITY_DOCKER_REGISTRY_ACCESS_TOKEN=${{ secrets.COVERITY_DOCKER_REGISTRY_ACCESS_TOKEN }}" - "COVERITY_LICENSE_DAT_B64=${{ secrets.COVERITY_LICENSE_DAT_B64 }}" - "COVERITY_ACCESS_TOKEN_B64=${{ secrets.COVERITY_ACCESS_TOKEN_B64 }}" diff --git a/.github/workflows/tiiuae-coverity-scan.yaml b/.github/workflows/tiiuae-coverity-scan.yaml deleted file mode 100644 index 13b6ec68f898..000000000000 --- a/.github/workflows/tiiuae-coverity-scan.yaml +++ /dev/null @@ -1,36 +0,0 @@ -name: tiiuae-px4-coverity-scan - -on: - workflow_dispatch: - pull_request: - branches: [ main ] -jobs: - coverity: - runs-on: px4-self-hosted-coverity - steps: - - name: Checkout px4-firmware - uses: actions/checkout@v4 - with: - token: ${{ secrets.GH_REPO_TOKEN }} - submodules: 'recursive' - fetch-depth: 0 - - name: Fetch submodule tags - run: | - git submodule foreach --recursive git fetch --tags - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Run coverity scan - run: - docker run --rm -v "$(pwd):/main_ws" ghcr.io/tiiuae/px4-coverity-scan-image:latest - - name: Update summary - run: - cat cov-analyze-result.txt >> $GITHUB_STEP_SUMMARY - - name: Upload coverity scan results - uses: actions/upload-artifact@v3.1.3 - with: - name: coverity-html-report-${{ github.event.repository.name }} - path: coverity-output