Add Coverity Scan Github Action

WE2-539, WE2-785

Signed-off-by: Raul Metsma <raul@metsma.ee>

Author: metsma

.github/workflows/coverity.yml

@@ -0,0 +1,50 @@
+name: Coverity Scan
+
+on:
+  push:
+    branches: [coverity_scan]
+
+jobs:
+  coverity:
+    if: github.repository == 'web-eid/web-eid-authtoken-validation-php'
+    runs-on: ubuntu-latest
+    env:
+      TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
+      PROJECTNAME: 'web-eid/web-eid-authtoken-validation-php'
+    steps:
+    - uses: actions/checkout@v5
+    #- uses: vapier/coverity-scan-action@v1
+    #  with:
+    #    command: find . -name "*.php"
+    #    email: eid-teenusehaldus@ria.ee
+    #    token: ${{ secrets.COVERITY_SCAN_TOKEN }}
+    - name: Download Coverity Build Tool
+      run: |
+        curl --silent --data "token=$TOKEN&project=$PROJECTNAME" -o cov-analysis-linux64.tar.gz https://scan.coverity.com/download/cxx/linux64
+        mkdir cov-analysis-linux64
+        tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64
+
+    - name: Build
+      run: |
+        export PATH=$PWD/cov-analysis-linux64/bin:$PATH
+        coverity capture --dir cov-int --project-dir . --file-include-regex '(^|/)(src|lib)/.*\.(php)$' --file-exclude-regex '(^|/)(vendor|dist|build)(/|$)'
+
+    #    cov-build --dir cov-int --no-command --fs-capture-search ./src
+
+    - name: Submit the result to Coverity Scan
+      run: |
+        tar czvf upload.tgz cov-int
+        curl --silent \
+          --form project=$PROJECTNAME \
+          --form token=$TOKEN \
+          --form email=eid-teenusehaldus@ria.ee \
+          --form file=@upload.tgz \
+          --form version=master \
+          --form description="Github Actions CI build" \
+          https://scan.coverity.com/builds?project=$PROJECTNAME
+
+    - name: Archive artifacts
+      uses: actions/upload-artifact@v5
+      with:
+        name: logs
+        path: cov-int/build-log.txt