summaryrefslogtreecommitdiff
path: root/tools/coverity.sh
blob: 361376fd21e3ecb6a61b4bbe0f4b79c873b39976 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
#!/usr/bin/env bash
# SPDX-License-Identifier: LGPL-2.1-or-later

set -eux

COVERITY_SCAN_TOOL_BASE="/tmp/coverity-scan-analysis"
COVERITY_SCAN_PROJECT_NAME="systemd/systemd"

function coverity_install_script {
    local platform tool_url tool_archive

    platform=$(uname)
    tool_url="https://scan.coverity.com/download/${platform}"
    tool_archive="/tmp/cov-analysis-${platform}.tgz"

    set +x # this is supposed to hide COVERITY_SCAN_TOKEN
    echo -e "\033[33;1mDownloading Coverity Scan Analysis Tool...\033[0m"
    wget -nv -O "$tool_archive" "$tool_url" --post-data "project=$COVERITY_SCAN_PROJECT_NAME&token=${COVERITY_SCAN_TOKEN:?}"
    set -x

    mkdir -p "$COVERITY_SCAN_TOOL_BASE"
    pushd "$COVERITY_SCAN_TOOL_BASE"
    tar xzf "$tool_archive"
    popd
}

function run_coverity {
    local results_dir tool_dir results_archive sha response status_code

    results_dir="cov-int"
    tool_dir=$(find "$COVERITY_SCAN_TOOL_BASE" -type d -name 'cov-analysis*')
    results_archive="analysis-results.tgz"
    sha=$(git rev-parse --short HEAD)

    meson -Dman=false build
    COVERITY_UNSUPPORTED=1 "$tool_dir/bin/cov-build" --dir "$results_dir" sh -c "ninja -C ./build -v"
    "$tool_dir/bin/cov-import-scm" --dir "$results_dir" --scm git --log "$results_dir/scm_log.txt"

    tar czf "$results_archive" "$results_dir"

    set +x # this is supposed to hide COVERITY_SCAN_TOKEN
    echo -e "\033[33;1mUploading Coverity Scan Analysis results...\033[0m"
    response=$(curl \
               --silent --write-out "\n%{http_code}\n" \
               --form project="$COVERITY_SCAN_PROJECT_NAME" \
               --form token="${COVERITY_SCAN_TOKEN:?}" \
               --form email="${COVERITY_SCAN_NOTIFICATION_EMAIL:?}" \
               --form file="@$results_archive" \
               --form version="$sha" \
               --form description="Daily build" \
               https://scan.coverity.com/builds)
    printf "\033[33;1mThe response is\033[0m\n%s\n" "$response"
    status_code=$(echo "$response" | sed -n '$p')
    if [ "$status_code" != "200" ]; then
        echo -e "\033[33;1mCoverity Scan upload failed: $(echo "$response" | sed '$d').\033[0m"
        return 1
    fi
    set -x
}

coverity_install_script
run_coverity