Skip to content

Commit

Permalink
coverity: detect and report when the token or project is incorrect
Browse files Browse the repository at this point in the history
When trying to obtain the MD5 of the Coverity Scan Tool (in order to
decide whether a cached version can be used or a new version has to be
downloaded), it is possible to get a 401 (Authorization required) due to
either an incorrect token, or even more likely due to an incorrect
Coverity project name.

Seeing an authorization failure that is caused by an incorrect project
name was somewhat surprising to me when developing the Coverity
workflow, as I found such a failure suggestive of an incorrect token
instead.

So let's provide a helpful error message about that specifically when
encountering authentication issues.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
  • Loading branch information
dscho committed Sep 25, 2023
1 parent 9ebb06d commit 307d341
Showing 1 changed file with 12 additions and 1 deletion.
13 changes: 12 additions & 1 deletion .github/workflows/coverity.yml
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,18 @@ jobs:
--fail \
--form token='${{ secrets.COVERITY_SCAN_TOKEN }}' \
--form project="$COVERITY_PROJECT" \
--form md5=1) &&
--form md5=1)
case $? in
0) ;; # okay
*22*) # 40x, i.e. access denied
echo "::error::incorrect token or project?" >&2
exit 1
;;
*) # other error
echo "::error::Failed to retrieve MD5" >&2
exit 1
;;
esac
echo "hash=$MD5" >>$GITHUB_OUTPUT
# Try to cache the tool to avoid downloading 1GB+ on every run.
Expand Down

0 comments on commit 307d341

Please sign in to comment.