1 files changed, 40 insertions, 0 deletions

diff --git a/src/jaegertracing/thrift/build/docker/scripts/coverity.sh b/src/jaegertracing/thrift/build/docker/scripts/coverity.sh
new file mode 100755
index 000000000..ecc7a282e
--- /dev/null
+++ b/src/jaegertracing/thrift/build/docker/scripts/coverity.sh
@@ -0,0 +1,40 @@
+#! /bin/bash
+#
+# This script allows you to run coverity on the project and submit the
+# results.  Do this inside the docker build container.  Only works if
+# you are a coverity scan thrift project admin with access to the
+# necessary security token.
+#
+# Environment Variables
+#
+# COVERITY_SCAN_NOTIFICATION_EMAIL  - email address to notify
+# COVERITY_SCAN_TOKEN               - the Coverity Scan token (should be secure)
+# VERSION                           - the version to report we scanned
+
+set -ex
+
+wget -nv https://entrust.com/root-certificates/entrust_l1k.cer -O /tmp/scanca.cer
+
+pushd /tmp
+if [[ "$1" != "--skipdownload" ]]; then
+  rm -rf coverity_tool.tgz cov-analysis*
+  wget -nv -O coverity_tool.tgz https://scan.coverity.com/download/cxx/linux64 --post-data "project=thrift&token=$COVERITY_SCAN_TOKEN"
+  tar xzf coverity_tool.tgz
+fi
+COVBIN=$(echo $(pwd)/cov-analysis*/bin)
+export PATH=$COVBIN:$PATH
+popd
+
+./bootstrap.sh
+./configure $*
+rm -rf cov-int/
+cov-build --dir cov-int make check -j3
+tail -50 cov-int/build-log.txt 
+tar cJf cov-int.tar.xz cov-int/
+curl --cacert /tmp/scanca.cer \
+     --form token="$COVERITY_SCAN_TOKEN" \
+     --form email="$COVERITY_SCAN_NOTIFICATION_EMAIL" \
+     --form file=@cov-int.tar.xz \
+     --form version="$VERSION" \
+     --form description="thrift master" \
+     https://scan.coverity.com/builds?project=thrift