Created
June 23, 2020 10:28
-
-
Save dvdhrm/51e3d24f84612b9d1560bfc291918c04 to your computer and use it in GitHub Desktop.
Coverity for OSBuild
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/Makefile b/Makefile | |
index fcc5317..a2b63d9 100644 | |
--- a/Makefile | |
+++ b/Makefile | |
@@ -17,8 +17,11 @@ | |
BUILDDIR ?= . | |
SRCDIR ?= . | |
+MKDIR ?= mkdir | |
PYTHON3 ?= python3 | |
RST2MAN ?= rst2man | |
+TAR ?= tar | |
+WGET ?= wget | |
SHELL = /bin/bash | |
@@ -67,6 +70,10 @@ COMMIT = $(shell (cd "$(SRCDIR)" && git rev-parse HEAD)) | |
# files. Lastly, you mostly want this as order-only dependency, since | |
# timestamps on directories do not affect their content. | |
# | |
+# FORCE | |
+# Dummy target to force .PHONY behavior. This is required if .PHONY is | |
+# not an option (e.g., due to implicit targets). | |
+# | |
.PHONY: help | |
help: | |
@@ -78,6 +85,10 @@ help: | |
@echo " help: Print this usage information." | |
@echo " man: Generate all man-pages" | |
@echo | |
+ @echo " coverity-download: Force a new download of the coverity tool" | |
+ @echo " coverity-check: Run the coverity test suite" | |
+ @echo " coverity-submit: Run coverity and submit the results" | |
+ @echo | |
@echo " test-all: Run all tests" | |
@echo " test-data: Generate test data" | |
@echo " test-module: Run all module unit-tests" | |
@@ -90,6 +101,8 @@ $(BUILDDIR)/: | |
$(BUILDDIR)/%/: | |
mkdir -p "$@" | |
+FORCE: | |
+ | |
# | |
# Documentation | |
# | |
@@ -108,6 +121,78 @@ $(MANPAGES_TROFF): $(BUILDDIR)/docs/%: $(SRCDIR)/docs/%.rst | $(BUILDDIR)/docs/ | |
.PHONY: man | |
man: $(MANPAGES_TROFF) | |
+# | |
+# Coverity | |
+# | |
+# Download the coverity analysis tool and run it on the repository, archive the | |
+# analysis result and upload it to coverity. The target to do all of that is | |
+# `coverity-submit`. | |
+# | |
+# Individual targets exist for the respective steps. | |
+# | |
+# Needs COVERITY_TOKEN and COVERITY_EMAIL to be set for downloading | |
+# the analysis tool and submitting the final results. | |
+# | |
+ | |
+COVERITY_URL = https://scan.coverity.com/download/linux64 | |
+COVERITY_TARFILE = coverity-tool.tar.gz | |
+ | |
+COVERITY_BUILDDIR = $(BUILDDIR)/coverity | |
+COVERITY_TOOLTAR = $(COVERITY_BUILDDIR)/$(COVERITY_TARFILE) | |
+COVERITY_TOOLDIR = $(COVERITY_BUILDDIR)/cov-analysis-linux64 | |
+COVERITY_ANALYSIS = $(COVERITY_BUILDDIR)/cov-analysis-osbuild.xz | |
+ | |
+.PHONY: coverity-token | |
+coverity-token: | |
+ $(if $(COVERITY_TOKEN),,$(error COVERITY_TOKEN must be set)) | |
+ | |
+.PHONY: coverity-email | |
+coverity-email: | |
+ $(if $(COVERITY_EMAIL),,$(error COVERITY_EMAIL must be set)) | |
+ | |
+.PHONY: coverity-download | |
+coverity-download: | coverity-token $(COVERITY_BUILDDIR)/ | |
+ @$(RM) -rf "$(COVERITY_TOOLDIR)" "$(COVERITY_TOOLTAR)" | |
+ @echo "Downloading $(COVERITY_TARFILE) from $(COVERITY_URL)..." | |
+ @$(WGET) -q "$(COVERITY_URL)" --post-data "project=osbuild&token=$(COVERITY_TOKEN)" -O "$(COVERITY_TOOLTAR)" | |
+ @echo "Extracting $(COVERITY_TARFILE)..." | |
+ @$(MKDIR) -p "$(COVERITY_TOOLDIR)" | |
+ @$(TAR) -xzf "$(COVERITY_TOOLTAR)" --strip 1 -C "$(COVERITY_TOOLDIR)" | |
+ | |
+$(COVERITY_TOOLTAR): | $(COVERITY_BUILDDIR)/ | |
+ @$(MAKE) --no-print-directory coverity-download | |
+ | |
+$(COVERITY_ANALYSIS): FORCE $(COVERITY_TOOLTAR) | |
+ @echo "Running coverity suite..." | |
+ @$(COVERITY_TOOLDIR)/bin/cov-build \ | |
+ --dir "$(COVERITY_BUILDDIR)/cov-int" \ | |
+ --no-command \ | |
+ --fs-capture-search "$(SRCDIR)" \ | |
+ --fs-capture-search-exclude-regex "$(COVERITY_BUILDDIR)" | |
+ @echo "Compressing analysis results..." | |
+ @$(TAR) -caf "$@" -C "$(COVERITY_BUILDDIR)" "cov-int" | |
+ | |
+.PHONY: coverity-check | |
+coverity-check: $(COVERITY_ANALYSIS) | |
+ | |
+.PHONY: coverity-submit | |
+coverity-submit: $(COVERITY_ANALYSIS) | coverity-email coverity-token | |
+ @echo "Submitting $(COVERITY_ANALYSIS)..." | |
+ @curl --form "token=$(COVERITY_TOKEN)" \ | |
+ --form "email=$(COVERITY_EMAIL)" \ | |
+ --form "file=@$(COVERITY_ANALYSIS)" \ | |
+ --form "version=main" \ | |
+ --form "description=$$(git describe)" \ | |
+ https://scan.coverity.com/builds?project=osbuild | |
+ | |
+.PHONY: coverity-clean | |
+coverity-clean: | |
+ @$(RM) -rfv "$(COVERITY_BUILDDIR)/cov-int" "$(COVERITY_ANALYSIS)" | |
+ | |
+.PHONY: coverity-clean-all | |
+coverity-clean-all: coverity-clean | |
+ @$(RM) -rfv "$(COVERITY_BUILDDIR)" | |
+ | |
# | |
# Test Suite | |
# |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment