From cace39b620277bf40c06a90fe2ec004d78e48f0d Mon Sep 17 00:00:00 2001
From: Roger Leigh <rleigh@codelibre.net>
Date: Sat, 13 Feb 2021 21:22:31 +0000
Subject: ci: Add Coverity static analysis job

---
 .gitlab-ci.yml  | 10 ++++++++++
 build/gitlab-ci | 25 ++++++++++++++++++++++++-
 2 files changed, 34 insertions(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 7ceb9d8f..23abeeb9 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -2,6 +2,7 @@ image: registry.gitlab.com/libtiff/libtiff-ci-ubuntu20.04:latest
 
 stages:
   - build
+  - static-analysis
   - pages
 
 autoconf:
@@ -21,6 +22,15 @@ cmake-ninja:
   script:
     - sh build/gitlab-ci cmake "Ninja" Debug
 
+coverity:
+  stage: static-analysis
+  image: registry.gitlab.com/libtiff/libtiff-ci-ubuntu20.04-coverity:latest
+  script:
+    - sh build/gitlab-ci coverity "Ninja" Debug
+  only:
+    refs:
+      - master
+
 pages:
   stage: pages
   script:
diff --git a/build/gitlab-ci b/build/gitlab-ci
index 1280f2c4..110df391 100644
--- a/build/gitlab-ci
+++ b/build/gitlab-ci
@@ -32,11 +32,30 @@ cmake_build()
     opts="-Dfatal-warnings=ON"
     echo "Running cmake -G "$1" -DCMAKE_BUILD_TYPE="$2" -DCMAKE_INSTALL_PREFIX=../cmake-install ${opts} .."
     cmake -G "$1" -DCMAKE_BUILD_TYPE="$2" -DCMAKE_INSTALL_PREFIX=../cmake-install ${opts} ..
-    cmake --build .
+    $COVERITY_BUILD cmake --build .
     cmake --build . --target install
     ctest -V
 }
 
+# Static-analysis with coverity
+coverity_build()
+{
+    curl -o /tmp/cov-analysis-linux64.tgz \
+        https://scan.coverity.com/download/linux64 \
+        --form project=$COVERITY_SCAN_PROJECT_NAME \
+        --form token=$COVERITY_SCAN_TOKEN
+    tar xfz /tmp/cov-analysis-linux64.tgz
+    COVERITY_BUILD="$(pwd)/cov-analysis-linux64-*/bin/cov-build --dir cov-int" cmake_build "$@"
+    tar cfz cov-int.tar.gz cov-int
+    curl https://scan.coverity.com/builds?project=$COVERITY_SCAN_PROJECT_NAME \
+        --form token=$COVERITY_SCAN_TOKEN \
+        --form email=$GITLAB_USER_EMAIL \
+        --form file=@cov-int.tar.gz \
+        --form version="`git describe --tags`" \
+        --form description="`git describe --tags` / $CI_COMMIT_TITLE / $CI_COMMIT_REF_NAME:$CI_PIPELINE_ID"
+}
+
+
 build=$1
 shift
 
@@ -49,6 +68,10 @@ case $build in
         echo "Testing CMake build"
         cmake_build "$@"
         ;;
+    coverity)
+        echo "Static analysis with Coverity"
+        coverity_build "$@"
+        ;;
     *)
         echo "Invalid argument: \"$arg\"" >&2
         exit 1
-- 
cgit v1.2.1