Automation for running Coverity Scan builds

[Qemu-devel] [PATCH 0/2] Automation for running Coverity Scan builds

Peter Maydell posted 2 patches 5 years, 6 months ago

Download series mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20181113184641.4492-1-peter.maydell@linaro.org

Test docker-clang@ubuntu passed

Test checkpatch passed

Test asan passed

Test docker-mingw@fedora passed

Test docker-quick@centos7 passed

MAINTAINERS                                |   5 +
scripts/coverity-scan/coverity-scan.docker | 120 +++++++
scripts/coverity-scan/run-coverity-scan    | 350 +++++++++++++++++++++
3 files changed, 475 insertions(+)
create mode 100644 scripts/coverity-scan/coverity-scan.docker
create mode 100755 scripts/coverity-scan/run-coverity-scan

Expand all Fold all

[Qemu-devel] [PATCH 0/2] Automation for running Coverity Scan builds

Posted by Peter Maydell 5 years, 6 months ago

This patchset is an attempt to automate the process of
running a Coverity Scan build and uploading it to the website.
(I had a go at this last year; the scripts here are based
on my older attempt, with some changes.)

Patch 1 is a script which will do a build-and-upload. It
requires that you have a Fedora 28 host with all the relevant
-devel packages installed, and that you run it in a clean directory.

Patch 2 improves on that by using Docker to set up the
build environment, so you can run it on any host and get
the same results, and it doesn't trash your source tree with
an in-place build.

Patch 1 I'm generally pretty happy with. Paolo, if you could
check the configure options against what you use at the moment
for uploads that would be very helpful. These are the set that
you gave me last time I asked, but I think that was long enough
ago that they may be a little out of date.

Patch 2 is a bit more RFC-ish -- it does work and you can do a
complete build-and-upload with it, but I was thrashing about
trying to get Docker to do what I wanted and I'm pretty sure
there are better ways to do it. In particular I was expecting
that once the script has run once and done the "set up F28,
download the coverity tools and unpack them", that a second
run would reuse a cached copy of that image, but the docker
build seems to repeat the download-and-unpack part.
NB that you need the bleeding-edge Docker 18.09 for the --secret
option which lets us pass the coverity magic token into the
build stage safely. Review from people who know Docker welcomed.


I would eventually like to set up Travis so it does the
build-and-upload automatically, but I think getting to a
point where coverity uploads are done with a process that
can be repeated reliably by anybody with maintainer rights
is useful in itself even if we don't want to do it via Travis.

thanks
-- PMM


Peter Maydell (2):
  scripts/run-coverity-scan: Script to run Coverity Scan build
  scripts/coverity-scan: Add Docker support

 MAINTAINERS                                |   5 +
 scripts/coverity-scan/coverity-scan.docker | 120 +++++++
 scripts/coverity-scan/run-coverity-scan    | 350 +++++++++++++++++++++
 3 files changed, 475 insertions(+)
 create mode 100644 scripts/coverity-scan/coverity-scan.docker
 create mode 100755 scripts/coverity-scan/run-coverity-scan

-- 
2.19.1