blob: 140fa753db1f7facfb4d17028ffc6074f2f07b1f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
#!/usr/bin/env bash
# SPDX-License-Identifier: BSD-3-Clause
# Copyright 2017-2020, Intel Corporation
#
# run-coverity.sh - runs the Coverity scan build
#
set -e
if [[ "$CI_REPO_SLUG" != "$GITHUB_REPO" \
&& ( "$COVERITY_SCAN_NOTIFICATION_EMAIL" == "" \
|| "$COVERITY_SCAN_TOKEN" == "" ) ]]; then
echo
echo "Skipping Coverity build:"\
"COVERITY_SCAN_TOKEN=\"$COVERITY_SCAN_TOKEN\" or"\
"COVERITY_SCAN_NOTIFICATION_EMAIL="\
"\"$COVERITY_SCAN_NOTIFICATION_EMAIL\" is not set"
exit 0
fi
# Prepare build environment
./prepare-for-build.sh
CERT_FILE=/etc/ssl/certs/ca-certificates.crt
TEMP_CF=$(mktemp)
cp $CERT_FILE $TEMP_CF
# Download Coverity certificate
echo -n | openssl s_client -connect scan.coverity.com:443 | \
sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | \
tee -a $TEMP_CF
echo $USERPASS | sudo -S mv $TEMP_CF $CERT_FILE
export COVERITY_SCAN_PROJECT_NAME="$CI_REPO_SLUG"
[[ "$CI_EVENT_TYPE" == "cron" ]] \
&& export COVERITY_SCAN_BRANCH_PATTERN="master" \
|| export COVERITY_SCAN_BRANCH_PATTERN="coverity_scan"
export COVERITY_SCAN_BUILD_COMMAND="make -j$(nproc) all"
cd $WORKDIR
#
# Run the Coverity scan
#
# The 'travisci_build_coverity_scan.sh' script requires the following
# environment variables to be set:
# - TRAVIS_BRANCH - has to contain the name of the current branch
# - TRAVIS_PULL_REQUEST - has to be set to 'true' in case of pull requests
#
export TRAVIS_BRANCH=${CI_BRANCH}
[ "${CI_EVENT_TYPE}" == "pull_request" ] && export TRAVIS_PULL_REQUEST="true"
# XXX: Patch the Coverity script.
# Recently, this script regularly exits with an error, even though
# the build is successfully submitted. Probably because the status code
# is missing in response, or it's not 201.
# Changes:
# 1) change the expected status code to 200 and
# 2) print the full response string.
#
# This change should be reverted when the Coverity script is fixed.
#
# The previous version was:
# curl -s https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh | bash
wget https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh
patch < utils/docker/0001-travis-fix-travisci_build_coverity_scan.sh.patch
bash ./travisci_build_coverity_scan.sh
|
