vpp/extras/scripts/coverity-build

71 lines
1.9 KiB
Plaintext
Raw Permalink Normal View History

#!/bin/bash
# FD.io VPP Coverity build script
#
# Builds VPP with the Coverity wrapper and if successful submits
# it to the Coverity scan service for processing.
#
# Several environment variables are needed:
#
# COVERITY_TOKEN The Coverity Scan API token for this project
# COVERITY_TOOLS The location of the Coverity tools
#
# The coverity tools can be fetched with:
# wget https://scan.coverity.com/download/linux64 \
# --post-data "token=${COVERITY_TOKEN}&project=fd.io+VPP" \
# -O coverity_tool.tgz
set -ex
token=${COVERITY_TOKEN}
email=vpp-committers@lists.fd.io
project="fd.io VPP"
project_encoded="fd.io+VPP"
url=https://scan.coverity.com
# Cosmetic labels for the Coverity build logs
export COV_HOST=$(hostname -f)
export COV_USER=vpp
# Work out where the root and build-root are
script_dir=$(readlink -f $(dirname $0))
root_dir=$(readlink -f "${script_dir}/../..")
build_dir=$(readlink -f "${script_dir}/../../build-root")
# Location for Coverity things
covdir="${build_dir}/cov-int"
COVERITY_TOOLS="${COVERITY_TOOLS-/scratch/cov-analysis-latest}"
# Before we run the build, check that we can submit one
check=$(curl -s --form project="${project}" \
--form token="${token}" "${url}/api/upload_permitted")
if [ "${check}" = "Access denied" ]; then
echo "Bad token or project name."
exit 1
fi
if [ "${check}" != '{"upload_permitted":true}' ]; then
echo "Upload not permitted; stop now..."
exit 1
fi
version=$(git describe)
# Run the build
cd "${root_dir}"
"${COVERITY_TOOLS}/bin/cov-build" --dir "${covdir}" make bootstrap build-coverity
cd "${build_dir}"
# Tar the build artifacts that scan wants
tar -czf fd.io-vpp.tgz "$(basename ${covdir})"
rm -rf "${covdir}"
# Submit the build
echo curl --form token="${token}" \
--form email="${email}" \
--form file=@fd.io-vpp.tgz \
--form version="${version}" \
--form description="master:${version}" \
"${url}/builds?project=${project_encoded}"
# All done!