aboutsummaryrefslogtreecommitdiffstats
path: root/extras/scripts/coverity-build
diff options
context:
space:
mode:
Diffstat (limited to 'extras/scripts/coverity-build')
-rwxr-xr-xextras/scripts/coverity-build70
1 files changed, 70 insertions, 0 deletions
diff --git a/extras/scripts/coverity-build b/extras/scripts/coverity-build
new file mode 100755
index 00000000000..81680f069a7
--- /dev/null
+++ b/extras/scripts/coverity-build
@@ -0,0 +1,70 @@
+#!/bin/bash
+
+# FD.io VPP Coverity build script
+#
+# Builds VPP with the Coverity wrapper and if successful submits
+# it to the Coverity scan service for processing.
+#
+# Several environment variables are needed:
+#
+# COVERITY_TOKEN The Coverity Scan API token for this project
+# COVERITY_TOOLS The location of the Coverity tools
+#
+# The coverity tools can be fetched with:
+# wget https://scan.coverity.com/download/linux64 \
+# --post-data "token=${COVERITY_TOKEN}&project=fd.io+VPP" \
+# -O coverity_tool.tgz
+
+set -ex
+
+token=${COVERITY_TOKEN}
+email=vpp-committers@lists.fd.io
+project="fd.io VPP"
+project_encoded="fd.io+VPP"
+url=https://scan.coverity.com
+
+# Cosmetic labels for the Coverity build logs
+export COV_HOST=$(hostname -f)
+export COV_USER=vpp
+
+# Work out where the root and build-root are
+script_dir=$(readlink -f $(dirname $0))
+root_dir=$(readlink -f "${script_dir}/../..")
+build_dir=$(readlink -f "${script_dir}/../../build-root")
+
+# Location for Coverity things
+covdir="${build_dir}/cov-int"
+COVERITY_TOOLS="${COVERITY_TOOLS-/scratch/cov-analysis-latest}"
+
+# Before we run the build, check that we can submit one
+check=$(curl -s --form project="${project}" \
+ --form token="${token}" "${url}/api/upload_permitted")
+if [ "${check}" = "Access denied" ]; then
+ echo "Bad token or project name."
+ exit 1
+fi
+if [ "${check}" != '{"upload_permitted":true}' ]; then
+ echo "Upload not permitted; stop now..."
+ exit 1
+fi
+
+version=$(git describe)
+
+# Run the build
+cd "${root_dir}"
+"${COVERITY_TOOLS}/bin/cov-build" --dir "${covdir}" make bootstrap build-coverity
+cd "${build_dir}"
+
+# Tar the build artifacts that scan wants
+tar -czf fd.io-vpp.tgz "$(basename ${covdir})"
+rm -rf "${covdir}"
+
+# Submit the build
+echo curl --form token="${token}" \
+ --form email="${email}" \
+ --form file=@fd.io-vpp.tgz \
+ --form version="${version}" \
+ --form description="master:${version}" \
+ "${url}/builds?project=${project_encoded}"
+
+# All done!