mirror of
https://github.com/brl/mutter.git
synced 2024-12-18 09:02:04 +00:00
5e8c808cfb
This job does: 1. Download the coverity bundle and untar it 2. Build mutter using clang and the coverity tool 3. Compress the coverity report 4. Upload for analysis Things to note: - Analysis are throttled, as per https://scan.coverity.com/faq#frequency we qualify for 21 weekly builds, 3 daily. Mutter is sometimes a busy project, so it seems we'd get often those consumed early in the day. This is something we can resign to, but the times we'll try to upload a report to have it rejected make the operation kinda pointless and probably better throttled by ourselves. - The task is manual, given the restrictions above. - The task only applies on master, as the envvar holding the coverity token is protected in gitlab. - I had to use clang as the coverity tool doesn't seem to work ATM with gcc as per recent Fedora. - The coverity tarball is 1.2GB in size, which is a bit too big to have it downloaded each time. As per their upload instructions, the tarball gets updated twice yearly, so this is cached to minimize downloads. - The coverity token for mutter is kept private/hidden in gitlab CI settings. Part-of: <https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/1100>
39 lines
883 B
Bash
Executable File
39 lines
883 B
Bash
Executable File
#!/usr/bin/bash
|
|
|
|
# We need a coverity token to fetch the tarball
|
|
if [ -x $COVERITY_TOKEN ]
|
|
then
|
|
echo "No coverity token. Run this job from a protected branch."
|
|
exit -1
|
|
fi
|
|
|
|
mkdir -p coverity
|
|
|
|
# Download and check MD5 first
|
|
curl https://scan.coverity.com/download/linux64 \
|
|
--data "token=$COVERITY_TOKEN&project=mutter&md5=1" \
|
|
--output /tmp/coverity_tool.md5
|
|
|
|
diff /tmp/coverity_tool.md5 coverity/coverity_tool.md5 >/dev/null 2>&1
|
|
|
|
if [ $? -eq 0 -a -d coverity/cov-analysis* ]
|
|
then
|
|
echo "Coverity tarball is up-to-date"
|
|
exit 0
|
|
fi
|
|
|
|
# Download and extract coverity tarball
|
|
curl https://scan.coverity.com/download/linux64 \
|
|
--data "token=$COVERITY_TOKEN&project=mutter" \
|
|
--output /tmp/coverity_tool.tgz
|
|
|
|
rm -rf ./coverity/cov-analysis*
|
|
|
|
tar zxf /tmp/coverity_tool.tgz -C coverity/
|
|
if [ $? -eq 0 ]
|
|
then
|
|
mv /tmp/coverity_tool.md5 coverity/
|
|
fi
|
|
|
|
rm /tmp/coverity_tool.tgz
|