diff options
| -rwxr-xr-x | azure-pipelines/coverity-build.sh | 41 | ||||
| -rwxr-xr-x | azure-pipelines/coverity-publish.sh | 33 | ||||
| -rwxr-xr-x | azure-pipelines/coverity.sh | 62 | ||||
| -rw-r--r-- | azure-pipelines/coverity.yml | 18 |
4 files changed, 64 insertions, 90 deletions
diff --git a/azure-pipelines/coverity-build.sh b/azure-pipelines/coverity-build.sh deleted file mode 100755 index f8264fa83..000000000 --- a/azure-pipelines/coverity-build.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash - -set -e - -# Environment check -[ -z "$COVERITY_TOKEN" ] && echo "Need to set a coverity token" && exit 1 - -SOURCE_DIR=${SOURCE_DIR:-$( cd "$( dirname "${BASH_SOURCE[0]}" )" && dirname $( pwd ) )} -BUILD_DIR=$(pwd) - -case $(uname -m) in - i?86) BITS=32 ;; - amd64|x86_64) BITS=64 ;; -esac -SCAN_TOOL=https://scan.coverity.com/download/cxx/linux${BITS} -TOOL_BASE=$(pwd)/_coverity-scan - -# Install coverity tools -if [ ! -d "$TOOL_BASE" ]; then - echo "Downloading coverity..." - mkdir -p "$TOOL_BASE" - pushd "$TOOL_BASE" - wget -O coverity_tool.tgz $SCAN_TOOL \ - --post-data "project=libgit2&token=$COVERITY_TOKEN" - tar xzf coverity_tool.tgz - popd - TOOL_DIR=$(find "$TOOL_BASE" -type d -name 'cov-analysis*') - ln -s "$TOOL_DIR" "$TOOL_BASE"/cov-analysis -fi - -cp "${SOURCE_DIR}/script/user_nodefs.h" "$TOOL_BASE"/cov-analysis/config/user_nodefs.h - -COV_BUILD="$TOOL_BASE/cov-analysis/bin/cov-build" - -# Configure and build -cmake ${SOURCE_DIR} - -COVERITY_UNSUPPORTED=1 \ - $COV_BUILD --dir cov-int \ - cmake --build . - diff --git a/azure-pipelines/coverity-publish.sh b/azure-pipelines/coverity-publish.sh deleted file mode 100755 index 2341b13fb..000000000 --- a/azure-pipelines/coverity-publish.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -set -e - -# Results check -[ ! -d "cov-int" ] && echo "Coverity directory not found" && exit 1 - -# Upload results -tar czf libgit2.tgz cov-int - -SOURCE_DIR=${SOURCE_DIR:-$( cd "$( dirname "${BASH_SOURCE[0]}" )" && dirname $( pwd ) )} -SHA=$(cd ${SOURCE_DIR} && git rev-parse --short HEAD) - -HTML="$(curl \ - --silent \ - --write-out "\n%{http_code}" \ - --form token="$COVERITY_TOKEN" \ - --form email=libgit2@gmail.com \ - --form file=@libgit2.tgz \ - --form version="$SHA" \ - --form description="libgit2 build" \ - https://scan.coverity.com/builds?project=libgit2)" - -# Body is everything up to the last line -BODY="$(echo "$HTML" | head -n-1)" - -# Status code is the last line -STATUS_CODE="$(echo "$HTML" | tail -n1)" - -if [ "${STATUS_CODE}" != "200" -a "${STATUS_CODE}" != "201" ]; then - echo "Received error code ${STATUS_CODE} from Coverity" - exit 1 -fi diff --git a/azure-pipelines/coverity.sh b/azure-pipelines/coverity.sh new file mode 100755 index 000000000..14faadc49 --- /dev/null +++ b/azure-pipelines/coverity.sh @@ -0,0 +1,62 @@ +#!/bin/bash -e + +if test -z "$COVERITY_TOKEN" +then + echo "Need to set a coverity token" + exit 1 +fi + +case $(uname -m) in + i?86) + BITS=32;; + amd64|x86_64) + BITS=64;; + *) + echo "Unsupported arch '$(uname -m)'" + exit 1;; +esac + +SCAN_TOOL=https://scan.coverity.com/download/cxx/linux${BITS} +SOURCE_DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")"/..) +BUILD_DIR=${SOURCE_DIR}/coverity-build +TOOL_DIR=${BUILD_DIR}/coverity-tools + +# Install coverity tools +if ! test -d "$TOOL_DIR" +then + mkdir -p "$TOOL_DIR" + curl --silent --location --data "project=libgit2&token=$COVERITY_TOKEN" "$SCAN_TOOL" | + tar -xzC "$TOOL_DIR" + ln -s "$(find "$TOOL_DIR" -type d -name 'cov-analysis*')" "$TOOL_DIR"/cov-analysis +fi + +cp "${SOURCE_DIR}/script/user_nodefs.h" "$TOOL_DIR"/cov-analysis/config/ + +# Build libgit2 with Coverity +mkdir -p "$BUILD_DIR" +cd "$BUILD_DIR" +cmake "$SOURCE_DIR" +COVERITY_UNSUPPORTED=1 \ + "$TOOL_DIR/cov-analysis/bin/cov-build" --dir cov-int \ + cmake --build . + +# Upload results +tar -czf libgit2.tgz cov-int +REVISION=$(cd ${SOURCE_DIR} && git rev-parse --short HEAD) +HTML="$(curl \ + --silent \ + --write-out "\n%{http_code}" \ + --form token="$COVERITY_TOKEN" \ + --form email=libgit2@gmail.com \ + --form file=@libgit2.tgz \ + --form version="$REVISION" \ + --form description="libgit2 build" \ + https://scan.coverity.com/builds?project=libgit2)" + +# Status code is the last line +STATUS_CODE="$(echo "$HTML" | tail -n1)" +if test "${STATUS_CODE}" != 200 && test "${STATUS_CODE}" != 201 +then + echo "Received error code ${STATUS_CODE} from Coverity" + exit 1 +fi diff --git a/azure-pipelines/coverity.yml b/azure-pipelines/coverity.yml index b4ee8f1c9..10450af5d 100644 --- a/azure-pipelines/coverity.yml +++ b/azure-pipelines/coverity.yml @@ -12,7 +12,7 @@ jobs: docker build -t libgit2/xenial --build-arg BASE=ubuntu:xenial -f xenial . displayName: 'Build Docker image' - task: Docker@0 - displayName: Build + displayName: Analyze inputs: action: 'Run an image' imageName: libgit2/xenial @@ -22,19 +22,5 @@ jobs: envVars: | COVERITY_TOKEN=$(COVERITY_TOKEN) workDir: '/home/libgit2/build' - containerCommand: '/home/libgit2/source/azure-pipelines/coverity-build.sh' + containerCommand: '/home/libgit2/source/azure-pipelines/coverity.sh' detached: false - - task: Docker@0 - displayName: Publish - inputs: - action: 'Run an image' - imageName: libgit2/xenial - volumes: | - $(Build.SourcesDirectory):/home/libgit2/source - $(Build.BinariesDirectory):/home/libgit2/build - envVars: | - COVERITY_TOKEN=$(COVERITY_TOKEN) - workDir: '/home/libgit2/build' - containerCommand: '/home/libgit2/source/azure-pipelines/coverity-publish.sh' - detached: false - continueOnError: true |