| James E. King III | f34b50f | 2019-07-15 07:04:28 -0400 | [diff] [blame] | 1 | #! /bin/bash |
| 2 | # |
| 3 | # This script allows you to run coverity on the project and submit the |
| 4 | # results. Do this inside the docker build container. Only works if |
| 5 | # you are a coverity scan thrift project admin with access to the |
| 6 | # necessary security token. |
| 7 | # |
| 8 | # Environment Variables |
| 9 | # |
| 10 | # COVERITY_SCAN_NOTIFICATION_EMAIL - email address to notify |
| 11 | # COVERITY_SCAN_TOKEN - the Coverity Scan token (should be secure) |
| 12 | # VERSION - the version to report we scanned |
| 13 | |
| 14 | set -ex |
| 15 | |
| 16 | wget -nv https://entrust.com/root-certificates/entrust_l1k.cer -O /tmp/scanca.cer |
| 17 | |
| 18 | pushd /tmp |
| 19 | if [[ "$1" != "--skipdownload" ]]; then |
| 20 | rm -rf coverity_tool.tgz cov-analysis* |
| 21 | wget -nv -O coverity_tool.tgz https://scan.coverity.com/download/cxx/linux64 --post-data "project=thrift&token=$COVERITY_SCAN_TOKEN" |
| 22 | tar xzf coverity_tool.tgz |
| 23 | fi |
| 24 | COVBIN=$(echo $(pwd)/cov-analysis*/bin) |
| 25 | export PATH=$COVBIN:$PATH |
| 26 | popd |
| 27 | |
| 28 | ./bootstrap.sh |
| 29 | ./configure $* |
| 30 | rm -rf cov-int/ |
| 31 | cov-build --dir cov-int make check -j3 |
| 32 | tail -50 cov-int/build-log.txt |
| 33 | tar cJf cov-int.tar.xz cov-int/ |
| 34 | curl --cacert /tmp/scanca.cer \ |
| 35 | --form token="$COVERITY_SCAN_TOKEN" \ |
| 36 | --form email="$COVERITY_SCAN_NOTIFICATION_EMAIL" \ |
| 37 | --form file=@cov-int.tar.xz \ |
| 38 | --form version="$VERSION" \ |
| 39 | --form description="thrift master" \ |
| 40 | https://scan.coverity.com/builds?project=thrift |