[mutter/wip/carlosg/ci-coverity: 2/2] ci: Add job for pushing coverity reports




commit 0c505d67d0904c898cfc88956fdb1b46962a22d4
Author: Carlos Garnacho <carlosg gnome org>
Date:   Sat Feb 29 15:06:26 2020 +0100

    ci: Add job for pushing coverity reports
    
    This job does:
    1. Download the coverity bundle and untar it
    2. Build mutter using clang and the coverity tool
    3. Compress the coverity report
    4. Upload for analysis
    
    Things to note:
    - Analysis are throttled, as per https://scan.coverity.com/faq#frequency
      we qualify for 21 weekly builds, 3 daily. Mutter is sometimes a busy
      project, so it seems we'd get often those consumed early in the day.
      This is something we can resign to, but the times we'll try to upload
      a report to have it rejected make the operation kinda pointless and
      probably better throttled by ourselves.
    - The task is manual, given the restrictions above.
    - The task only applies on master, as the envvar holding the coverity
      token is protected in gitlab.
    - I had to use clang as the coverity tool doesn't seem to work ATM with
      gcc as per recent Fedora.
    - The coverity tarball is 714MB in size, which is a bit too big to have
      it downloaded each time. As per their upload instructions, the tarball
      gets updated twice yearly, may also be a candidate for caching.
    - The coverity token for mutter is kept private/hidden in gitlab CI
      settings.
    
    https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/1100

 .gitlab-ci.yml | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)
---
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 4f029c16de..876323aabc 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -4,7 +4,7 @@ stages:
  - review
  - build
  - test
- - coverage
+ - analysis
 
 check-commit-log:
   stage: review
@@ -84,7 +84,7 @@ test-mutter:
       - build
 
 test-mutter-coverage:
-  stage: coverage
+  stage: analysis
   dependencies:
     - test-mutter
   needs: ["test-mutter"]
@@ -100,6 +100,26 @@ test-mutter-coverage:
     - merge_requests
     - /^.*$/
 
+test-mutter-coverity:
+  stage: analysis
+  allow_failure: true
+  needs: []
+  script:
+    - dnf install -y clang
+    - curl https://scan.coverity.com/download/linux64 --data "token=$COVERITY_TOKEN&project=mutter" --output 
/tmp/coverity_tool.tgz
+    - tar zxf /tmp/coverity_tool.tgz
+    - CC=clang meson coverity-build -Dprofiler=false
+    - ./cov-analysis-linux64-*/bin/cov-build --dir cov-int ninja -C coverity-build
+    - tar czf cov-int.tar.gz cov-int
+    - curl https://scan.coverity.com/builds?project=mutter
+      --form token=$COVERITY_TOKEN --form email=carlosg gnome org
+      --form file=@cov-int.tar.gz --form version="`git describe --tags`"
+      --form description="gitlab CI build"
+  when: manual
+  only:
+    - merge_requests
+    - master
+
 can-build-gnome-shell:
   stage: test
   dependencies:


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]