mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager
synced 2024-09-30 05:15:33 +00:00
gitlab-ci: add coverity submissions to weekly scheduled CI
We currently submit builds to Coverity manually every now and then, but it would make sense to submit them more frequently and periodically, so that it can detect defects sooner. Add a "coverity" stage to the pipeline, which submits a build to Coverit (the scheduls currently set to run every week). https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1973
This commit is contained in:
parent
14eaf4e419
commit
508d43efc9
|
@ -49,6 +49,7 @@ stages:
|
|||
- tier3
|
||||
- deploy
|
||||
- triage
|
||||
- coverity
|
||||
|
||||
variables:
|
||||
FDO_UPSTREAM_REPO: NetworkManager/NetworkManager
|
||||
|
@ -59,11 +60,11 @@ variables:
|
|||
#
|
||||
# This is done by running `ci-fairy generate-template` and possibly bumping
|
||||
# ".default_tag".
|
||||
ALPINE_TAG: 'tag-ec99bc32ed7f'
|
||||
CENTOS_TAG: 'tag-a76c3f2e9d0f'
|
||||
DEBIAN_TAG: 'tag-3f6892bcd503'
|
||||
FEDORA_TAG: 'tag-a76c3f2e9d0f'
|
||||
UBUNTU_TAG: 'tag-3f6892bcd503'
|
||||
ALPINE_TAG: 'tag-f0b648c04526'
|
||||
CENTOS_TAG: 'tag-c2d500e0391f'
|
||||
DEBIAN_TAG: 'tag-7687baa06688'
|
||||
FEDORA_TAG: 'tag-c2d500e0391f'
|
||||
UBUNTU_TAG: 'tag-7687baa06688'
|
||||
|
||||
ALPINE_EXEC: 'bash .gitlab-ci/alpine-install.sh'
|
||||
CENTOS_EXEC: 'bash .gitlab-ci/fedora-install.sh'
|
||||
|
@ -639,6 +640,24 @@ triage:issues:
|
|||
- gem install gitlab-triage
|
||||
- gitlab-triage --debug --token $API_TOKEN --source-id $CI_PROJECT_ID
|
||||
|
||||
coverity:
|
||||
extends:
|
||||
- .fdo.distribution-image@fedora
|
||||
variables:
|
||||
FDO_DISTRIBUTION_VERSION: '40'
|
||||
FDO_DISTRIBUTION_TAG: $FEDORA_TAG
|
||||
stage: coverity
|
||||
needs: []
|
||||
rules:
|
||||
- if: $CI_PIPELINE_SOURCE == 'schedule'
|
||||
script:
|
||||
- dnf install -y curl
|
||||
- BUILD_TYPE=meson CC=gcc CONFIGURE_ONLY=1 contrib/scripts/nm-ci-run.sh
|
||||
- cd build
|
||||
- ../.gitlab-ci/coverity.sh download
|
||||
- cov-analysis-linux64-*/bin/cov-build --dir cov-int ninja
|
||||
- ../.gitlab-ci/coverity.sh upload
|
||||
|
||||
# Clean the generated images periodically to get updated snapshots of the distribution images.
|
||||
# Create an scheduled pipeline to run it, passing an AUTHFILE environment variable of type
|
||||
# 'File' with an authentication token with API access level.
|
||||
|
|
|
@ -53,6 +53,7 @@ stages:
|
|||
- tier3
|
||||
- deploy
|
||||
- triage
|
||||
- coverity
|
||||
|
||||
variables:
|
||||
FDO_UPSTREAM_REPO: NetworkManager/NetworkManager
|
||||
|
@ -248,6 +249,24 @@ triage:issues:
|
|||
- gem install gitlab-triage
|
||||
- gitlab-triage --debug --token $API_TOKEN --source-id $CI_PROJECT_ID
|
||||
|
||||
coverity:
|
||||
extends:
|
||||
- .fdo.distribution-image@fedora
|
||||
variables:
|
||||
FDO_DISTRIBUTION_VERSION: '40'
|
||||
FDO_DISTRIBUTION_TAG: $FEDORA_TAG
|
||||
stage: coverity
|
||||
needs: []
|
||||
rules:
|
||||
- if: $CI_PIPELINE_SOURCE == 'schedule'
|
||||
script:
|
||||
- dnf install -y curl
|
||||
- BUILD_TYPE=meson CC=gcc CONFIGURE_ONLY=1 contrib/scripts/nm-ci-run.sh
|
||||
- cd build
|
||||
- ../.gitlab-ci/coverity.sh download
|
||||
- cov-analysis-linux64-*/bin/cov-build --dir cov-int ninja
|
||||
- ../.gitlab-ci/coverity.sh upload
|
||||
|
||||
# Clean the generated images periodically to get updated snapshots of the distribution images.
|
||||
# Create an scheduled pipeline to run it, passing an AUTHFILE environment variable of type
|
||||
# 'File' with an authentication token with API access level.
|
||||
|
|
25
.gitlab-ci/coverity.sh
Executable file
25
.gitlab-ci/coverity.sh
Executable file
|
@ -0,0 +1,25 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
[ "$COVERITY_SCAN_PROJECT_NAME" = "" ] && echo "missing COVERITY_SCAN_PROJECT_NAME" >&2 && exit 1
|
||||
[ "$COVERITY_SCAN_TOKEN" = "" ] && echo "missing COVERITY_SCAN_PROJECT_NAME" >&2 && exit 1
|
||||
|
||||
if [ "$1" = "download" ]; then
|
||||
curl https://scan.coverity.com/download/linux64 \
|
||||
-o /tmp/cov-analysis-linux64.tar.gz \
|
||||
--form "project=$COVERITY_SCAN_PROJECT_NAME" \
|
||||
--form "token=$COVERITY_SCAN_TOKEN"
|
||||
|
||||
tar xvzf /tmp/cov-analysis-linux64.tar.gz
|
||||
elif [ "$1" = "upload" ]; then
|
||||
tar cvzf cov-int.tar.gz cov-int
|
||||
ls -l cov-int.tar.gz
|
||||
curl "https://scan.coverity.com/builds?project=$COVERITY_SCAN_PROJECT_NAME" \
|
||||
--form "token=$COVERITY_SCAN_TOKEN" --form "email=$GITLAB_USER_EMAIL" \
|
||||
--form file=@cov-int.tar.gz --form version="`meson introspect --projectinfo | jq -r .version`" \
|
||||
--form description="ci run: $CI_COMMIT_TITLE / `git rev-parse --short HEAD`"
|
||||
rm -rf cov-int*
|
||||
else
|
||||
echo "invalid command: $1" >&2
|
||||
exit 1
|
||||
fi
|
Loading…
Reference in a new issue