#!/bin/bash

# FD.io VPP Coverity build script
#
# Builds VPP with the Coverity wrapper and if successful submits
# it to the Coverity scan service for processing.
#
# Several environment variables are needed:
#
# COVERITY_TOKEN    The Coverity Scan API token for this project
# COVERITY_TOOLS    The location of the Coverity tools
#
# The coverity tools can be fetched with:
#   wget https://scan.coverity.com/download/linux64 \
#     --post-data "token=${COVERITY_TOKEN}&project=fd.io+VPP" \
#     -O coverity_tool.tgz

set -ex

token=${COVERITY_TOKEN}
email=vpp-committers@lists.fd.io
project="fd.io VPP"
project_encoded="fd.io+VPP"
url=https://scan.coverity.com

# Cosmetic labels for the Coverity build logs
export COV_HOST=$(hostname -f)
export COV_USER=vpp

# Work out where the root and build-root are
script_dir=$(readlink -f $(dirname $0))
root_dir=$(readlink -f "${script_dir}/../..")
build_dir=$(readlink -f "${script_dir}/../../build-root")

# Location for Coverity things
covdir="${build_dir}/cov-int"
COVERITY_TOOLS="${COVERITY_TOOLS-/scratch/cov-analysis-latest}"

# Before we run the build, check that we can submit one
check=$(curl -s --form project="${project}" \
	--form token="${token}" "${url}/api/upload_permitted")
if [ "${check}" = "Access denied" ]; then
	echo "Bad token or project name."
	exit 1
fi
if [ "${check}" != '{"upload_permitted":true}' ]; then
	echo "Upload not permitted; stop now..."
        exit 1
fi

version=$(git describe)

# Run the build
cd "${root_dir}"
"${COVERITY_TOOLS}/bin/cov-build" --dir "${covdir}" make bootstrap build-coverity
cd "${build_dir}"

# Tar the build artifacts that scan wants
tar -czf fd.io-vpp.tgz "$(basename ${covdir})"
rm -rf "${covdir}"

# Submit the build
echo curl --form token="${token}" \
	--form email="${email}" \
	--form file=@fd.io-vpp.tgz \
	--form version="${version}" \
	--form description="master:${version}"  \
	"${url}/builds?project=${project_encoded}"

# All done!