Commit 86c54cc8 by Patrick Steinhardt

azure: coverity: fix Coverity builds due to various issues

There's several issues with our Coverity builds, like e.g. missing wget
in our containers. Simplify our Coverity pipeline and fix these issues.
parent ccffea6b
#!/bin/bash
set -e
# Environment check
[ -z "$COVERITY_TOKEN" ] && echo "Need to set a coverity token" && exit 1
SOURCE_DIR=${SOURCE_DIR:-$( cd "$( dirname "${BASH_SOURCE[0]}" )" && dirname $( pwd ) )}
BUILD_DIR=$(pwd)
case $(uname -m) in
i?86) BITS=32 ;;
amd64|x86_64) BITS=64 ;;
esac
SCAN_TOOL=https://scan.coverity.com/download/cxx/linux${BITS}
TOOL_BASE=$(pwd)/_coverity-scan
# Install coverity tools
if [ ! -d "$TOOL_BASE" ]; then
echo "Downloading coverity..."
mkdir -p "$TOOL_BASE"
pushd "$TOOL_BASE"
wget -O coverity_tool.tgz $SCAN_TOOL \
--post-data "project=libgit2&token=$COVERITY_TOKEN"
tar xzf coverity_tool.tgz
popd
TOOL_DIR=$(find "$TOOL_BASE" -type d -name 'cov-analysis*')
ln -s "$TOOL_DIR" "$TOOL_BASE"/cov-analysis
fi
cp "${SOURCE_DIR}/script/user_nodefs.h" "$TOOL_BASE"/cov-analysis/config/user_nodefs.h
COV_BUILD="$TOOL_BASE/cov-analysis/bin/cov-build"
# Configure and build
cmake ${SOURCE_DIR}
COVERITY_UNSUPPORTED=1 \
$COV_BUILD --dir cov-int \
cmake --build .
#!/bin/bash
set -e
# Results check
[ ! -d "cov-int" ] && echo "Coverity directory not found" && exit 1
# Upload results
tar czf libgit2.tgz cov-int
SOURCE_DIR=${SOURCE_DIR:-$( cd "$( dirname "${BASH_SOURCE[0]}" )" && dirname $( pwd ) )}
SHA=$(cd ${SOURCE_DIR} && git rev-parse --short HEAD)
HTML="$(curl \
--silent \
--write-out "\n%{http_code}" \
--form token="$COVERITY_TOKEN" \
--form email=libgit2@gmail.com \
--form file=@libgit2.tgz \
--form version="$SHA" \
--form description="libgit2 build" \
https://scan.coverity.com/builds?project=libgit2)"
# Body is everything up to the last line
BODY="$(echo "$HTML" | head -n-1)"
# Status code is the last line
STATUS_CODE="$(echo "$HTML" | tail -n1)"
if [ "${STATUS_CODE}" != "200" -a "${STATUS_CODE}" != "201" ]; then
echo "Received error code ${STATUS_CODE} from Coverity"
exit 1
fi
#!/bin/bash -e
if test -z "$COVERITY_TOKEN"
then
echo "Need to set a coverity token"
exit 1
fi
case $(uname -m) in
i?86)
BITS=32;;
amd64|x86_64)
BITS=64;;
*)
echo "Unsupported arch '$(uname -m)'"
exit 1;;
esac
SCAN_TOOL=https://scan.coverity.com/download/cxx/linux${BITS}
SOURCE_DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")"/..)
BUILD_DIR=${SOURCE_DIR}/coverity-build
TOOL_DIR=${BUILD_DIR}/coverity-tools
# Install coverity tools
if ! test -d "$TOOL_DIR"
then
mkdir -p "$TOOL_DIR"
curl --silent --location --data "project=libgit2&token=$COVERITY_TOKEN" "$SCAN_TOOL" |
tar -xzC "$TOOL_DIR"
ln -s "$(find "$TOOL_DIR" -type d -name 'cov-analysis*')" "$TOOL_DIR"/cov-analysis
fi
cp "${SOURCE_DIR}/script/user_nodefs.h" "$TOOL_DIR"/cov-analysis/config/
# Build libgit2 with Coverity
mkdir -p "$BUILD_DIR"
cd "$BUILD_DIR"
cmake "$SOURCE_DIR"
COVERITY_UNSUPPORTED=1 \
"$TOOL_DIR/cov-analysis/bin/cov-build" --dir cov-int \
cmake --build .
# Upload results
tar -czf libgit2.tgz cov-int
REVISION=$(cd ${SOURCE_DIR} && git rev-parse --short HEAD)
HTML="$(curl \
--silent \
--write-out "\n%{http_code}" \
--form token="$COVERITY_TOKEN" \
--form email=libgit2@gmail.com \
--form file=@libgit2.tgz \
--form version="$REVISION" \
--form description="libgit2 build" \
https://scan.coverity.com/builds?project=libgit2)"
# Status code is the last line
STATUS_CODE="$(echo "$HTML" | tail -n1)"
if test "${STATUS_CODE}" != 200 && test "${STATUS_CODE}" != 201
then
echo "Received error code ${STATUS_CODE} from Coverity"
exit 1
fi
...@@ -12,7 +12,7 @@ jobs: ...@@ -12,7 +12,7 @@ jobs:
docker build -t libgit2/xenial --build-arg BASE=ubuntu:xenial -f xenial . docker build -t libgit2/xenial --build-arg BASE=ubuntu:xenial -f xenial .
displayName: 'Build Docker image' displayName: 'Build Docker image'
- task: Docker@0 - task: Docker@0
displayName: Build displayName: Analyze
inputs: inputs:
action: 'Run an image' action: 'Run an image'
imageName: libgit2/xenial imageName: libgit2/xenial
...@@ -22,19 +22,5 @@ jobs: ...@@ -22,19 +22,5 @@ jobs:
envVars: | envVars: |
COVERITY_TOKEN=$(COVERITY_TOKEN) COVERITY_TOKEN=$(COVERITY_TOKEN)
workDir: '/home/libgit2/build' workDir: '/home/libgit2/build'
containerCommand: '/home/libgit2/source/azure-pipelines/coverity-build.sh' containerCommand: '/home/libgit2/source/azure-pipelines/coverity.sh'
detached: false detached: false
- task: Docker@0
displayName: Publish
inputs:
action: 'Run an image'
imageName: libgit2/xenial
volumes: |
$(Build.SourcesDirectory):/home/libgit2/source
$(Build.BinariesDirectory):/home/libgit2/build
envVars: |
COVERITY_TOKEN=$(COVERITY_TOKEN)
workDir: '/home/libgit2/build'
containerCommand: '/home/libgit2/source/azure-pipelines/coverity-publish.sh'
detached: false
continueOnError: true
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment