Skip to content

ci: consolidate fuzz and coverity workflows#36

Open
roshan-ku wants to merge 1 commit into
OpenVisualCloud:mainfrom
roshan-ku:workflowUpdatesCoverity
Open

ci: consolidate fuzz and coverity workflows#36
roshan-ku wants to merge 1 commit into
OpenVisualCloud:mainfrom
roshan-ku:workflowUpdatesCoverity

Conversation

@roshan-ku

Copy link
Copy Markdown
Contributor
  • Add reusable composite actions for coverity, afl-fuzz, and libfuzzer
  • Coverity action: download from scan.coverity.com, cov-build, submit results for server-side analysis via curl upload
  • Integrate fuzz and coverity steps into ci, daily_build, pull_request, and scan_on_demand workflows
  • Add dedicated on-demand coverity workflow
  • Remove standalone fuzz.yml and libfuzzer.yml workflows
  • Add Coverity Scan badge to README
  • Add explanatory comments to security-events permissions (zizmor fix)

Description

Checklist

Code Quality

  • Code follows project style guidelines
  • No unnecessary debug logs or commented-out code
  • No hardcoded values / secrets

Testing

  • Unit test added/modified accordingly
  • Perform manual basic sanity testing at system level

Review Readiness

  • PR title and description are clear and meaningful
  • Story/Task IDs are linked

Documentation

  • README or relevant docs updated (if applicable)

Security

  • No sensitive data exposed (keys, passwords, tokens)
  • Input validation added where needed

PR Type

What kind of change does this PR introduce?

  • Bugfix
  • Feature
  • Code style update (formatting, local variables)
  • Refactoring (no functional changes, no api changes)
  • Documentation content changes
  • Testing
  • Other... Please describe:

- Add reusable composite actions for coverity, afl-fuzz, and libfuzzer
- Coverity action: download from scan.coverity.com, cov-build, submit
  results for server-side analysis via curl upload
- Integrate fuzz and coverity steps into ci, daily_build, pull_request,
  and scan_on_demand workflows
- Add dedicated on-demand coverity workflow
- Remove standalone fuzz.yml and libfuzzer.yml workflows
- Add Coverity Scan badge to README
- Add explanatory comments to security-events permissions (zizmor fix)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant