name: coverity-scan
on:
  schedule:
    - cron: "0 9 * * 1,5" # Bi-weekly at 09:00 UTC on Monday and Thursday

jobs:
  latest:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
        with:
          submodules: recursive
      - uses: actions/setup-python@v4
        with:
          python-version: 3.9.x

      - name: Download Coverity Build Tool
        run: |
          wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=rizinorg%2Fcutter" -O cov-analysis-linux64.tar.gz
          mkdir cov-analysis-linux64
          tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64
        env:
          TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}

      - name: Fixed world writable dirs
        run: |
          chmod go-w $HOME
          sudo chmod -R go-w /usr/share

      - name: apt dependencies
        run: sudo apt-get install ninja-build libgraphviz-dev mesa-common-dev

      - name: py dependencies
        run: |
          pip install meson

      - name: CMake
        run: |
          scripts/fetch_deps.sh
          source cutter-deps/env.sh
          export LD_LIBRARY_PATH="`llvm-config --libdir`:$LD_LIBRARY_PATH"
          mkdir build
          cd build
          cmake ..

      - name: Build with cov-build
        run: |
          export PATH=`pwd`/cov-analysis-linux64/bin:$PATH
          cd build
          cov-build --dir cov-int make

      - name: Submit the result to Coverity Scan
        run: |
          cd build
          tar czvf cutter.tgz cov-int
          curl \
            --form project=radareorg-cutter \
            --form token=$TOKEN \
            --form email=noreply@radare.org \
            --form file=@cutter.tgz \
            --form version=trunk \
            --form description="Cutter" \
            https://scan.coverity.com/builds?project=radareorg%2Fcutter
        env:
          TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}