From 685f7635e51df8aaaff3ee03b727cd14918e95c1 Mon Sep 17 00:00:00 2001 From: Carlos Garnacho Date: Sat, 29 Feb 2020 15:06:26 +0100 Subject: [PATCH] ci: Add job for pushing coverity reports This job does: 1. Download the coverity bundle and untar it 2. Build mutter using clang and the coverity tool 3. Compress the coverity report 4. Upload for analysis Things to note: - Analysis are throttled, as per https://scan.coverity.com/faq#frequency we qualify for 21 weekly builds, 3 daily. Mutter is sometimes a busy project, so it seems we'd get often those consumed early in the day. This is something we can resign to, but the times we'll try to upload a report to have it rejected make the operation kinda pointless and probably better throttled by ourselves. - Just made it apply to master, given the restrictions above. - I had to use clang as the coverity tool doesn't seem to work ATM with gcc as per recent Fedora. - The coverity tarball is 714MB in size, which is a bit too big to have it downloaded each time. As per their upload instructions, the tarball gets updated twice yearly, may also be a candidate for caching. - The coverity token for mutter is kept private/hidden in gitlab CI settings. https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/1100 --- .gitlab-ci.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index ea2ad98c9..aff3ee9db 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -4,6 +4,7 @@ stages: - review - build - test + - analysis check-commit-log: stage: review @@ -77,3 +78,20 @@ can-build-gnome-shell: only: - merge_requests - /^.*$/ + +coverity: + stage: analysis + allow_failure: true + script: + - dnf install -y clang + - curl https://scan.coverity.com/download/linux64 --data "token=$COVERITY_TOKEN&project=mutter" --output /tmp/coverity_tool.tgz + - tar zxf /tmp/coverity_tool.tgz + - CC=clang meson coverity-build + - ./cov-analysis-linux64-*/bin/cov-build --dir cov-int ninja -C coverity-build + - tar czf cov-int.tar.gz cov-int + - curl https://scan.coverity.com/builds?project=mutter + --form token=$COVERITY_TOKEN --form email=carlosg@gnome.org + --form file=@cov-int.tar.gz --form version="`git describe --tags`" + --form description="gitlab CI build" + only: + - master