Main: update develop to latest.#86
Merged
Merged
Conversation
…DKEMW-14544]
- build_dependencies.sh: install all build deps from source (mirrors
.github/Dockerfile); idempotent, safe to run in any container
- cov_build.sh: cmake configure + build for Coverity capture
- native_full_build.yml: build verification CI + act local validation target
- coverity_full_scan.yml: thin caller for full scan on push to main/develop
- coverity_incremental_scan.yml: thin caller for incremental scan on PRs
with on-demand workflow_dispatch support
- coverity_component_full_scan.yml: self-contained reusable full scan engine
(local copy; no dependency on rdk-e/build_tools_workflows)
- coverity_component_incremental_scan.yml: self-contained reusable incremental
scan engine; posts defect details as PR review comments
- coverity_local.sh: offline developer scan via Docker (no server required);
outputs raw text + HTML report to coverity_html/
- .actrc: act convenience defaults for local native build validation
NOTE: For CI to work, the Code Central team must provisision:
- Coverity Central project 'firebolt-cpp-transport' with streams
firebolt-cpp-transport_main and firebolt-cpp-transport_develop
- Org vars: DOCKER_REGISTRY, ARTIFACTORY_USER, COVERITY_URL, COVERITY_USER
- Org secrets: COVERITY_APIKEY, ARTIFACTORY_USER_APIKEY
- comcast-ubuntu-latest runner availability in rdkcentral org
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
…ntain permissions' Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…ntain permissions' Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
…ntain permissions' Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Agent-Logs-Url: https://github.com/rdkcentral/firebolt-cpp-transport/sessions/2697802e-5137-4307-bcb3-7283898eb5ee Co-authored-by: brendanobra <740575+brendanobra@users.noreply.github.com>
…ntain permissions' Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
…ntain permissions' Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Agent-Logs-Url: https://github.com/rdkcentral/firebolt-cpp-transport/sessions/66d64f41-82f3-4ab9-b6fd-a0fc7ae36096 Co-authored-by: brendanobra <740575+brendanobra@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Agent-Logs-Url: https://github.com/rdkcentral/firebolt-cpp-transport/sessions/91b278f7-4671-4949-9fdf-4738e9e74cc2 Co-authored-by: brendanobra <740575+brendanobra@users.noreply.github.com>
Agent-Logs-Url: https://github.com/rdkcentral/firebolt-cpp-transport/sessions/91b278f7-4671-4949-9fdf-4738e9e74cc2 Co-authored-by: brendanobra <740575+brendanobra@users.noreply.github.com>
Agent-Logs-Url: https://github.com/rdkcentral/firebolt-cpp-transport/sessions/91b278f7-4671-4949-9fdf-4738e9e74cc2 Co-authored-by: brendanobra <740575+brendanobra@users.noreply.github.com>
Agent-Logs-Url: https://github.com/rdkcentral/firebolt-cpp-transport/sessions/2aa35c5a-9a49-4ab4-9ee0-1583470ba8d8 Co-authored-by: brendanobra <740575+brendanobra@users.noreply.github.com>
Agent-Logs-Url: https://github.com/rdkcentral/firebolt-cpp-transport/sessions/321e0d03-3bd5-4f4a-bf02-6571fb05b9d0 Co-authored-by: brendanobra <740575+brendanobra@users.noreply.github.com>
Agent-Logs-Url: https://github.com/rdkcentral/firebolt-cpp-transport/sessions/4d0f0359-fc8c-4d67-a557-a40e7aba4f8d Co-authored-by: brendanobra <740575+brendanobra@users.noreply.github.com>
feat: Add Coverity static analysis workflows [RDKEMW-14544]
Contributor
There was a problem hiding this comment.
Pull request overview
Adds local and CI automation to build the project in a “native” container and to run Coverity scans (incremental on PRs, full on pushes), aligning with the dependency set pinned in the CI Docker image.
Changes:
- Added
build_dependencies.sh+cov_build.shto build with tests and install required third-party deps. - Added Coverity workflows (incremental PR feedback + full scan) and a local helper script to run Coverity via Docker.
- Added a native-container build workflow and an
.actrcto ease local workflow runs withact.
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| coverity_local.sh | Local Docker-based Coverity scan wrapper (build + analyze + HTML report). |
| cov_build.sh | Standardized CMake Debug + tests build used by Coverity/CI. |
| build_dependencies.sh | Installs build/test dependencies to match .github/Dockerfile versions. |
| .github/workflows/native_full_build.yml | New containerized “native” build workflow. |
| .github/workflows/coverity_incremental_scan.yml | PR-triggered incremental Coverity scan entry workflow. |
| .github/workflows/coverity_full_scan.yml | Push-triggered full Coverity scan entry workflow. |
| .github/workflows/coverity_component_incremental_scan.yml | Reusable incremental scan implementation + PR commenting. |
| .github/workflows/coverity_component_full_scan.yml | Reusable full scan implementation + commit-defects retry loop. |
| .actrc | Config for running the native build workflow via act. |
dhillomk
approved these changes
Apr 30, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.