1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
#
# Copyright(c) 2021 ZettaScale Technology and others
#
# This program and the accompanying materials are made available under the
# terms of the Eclipse Public License v. 2.0 which is available at
# http://www.eclipse.org/legal/epl-2.0, or the Eclipse Distribution License
# v. 1.0 which is available at
# http://www.eclipse.org/org/documents/edl-v10.php.
#
# SPDX-License-Identifier: EPL-2.0 OR BSD-3-Clause
#
#
# Azure Pipeline specifically for building and submitting to Coverity Scan
#
trigger: none
pr: none
schedules:
- cron: "0 12 * * *"
branches:
include: [ master ]
always: false
strategy:
matrix:
'Ubuntu 20.04 LTS with Clang 10 (Debug, x86_64)':
image: ubuntu-20.04
cc: clang
cxx: clang++
pool:
vmImage: $(image)
steps:
## Fetch version number to ensure up-to-date cache
- bash: |
set -e
slug=$(echo "${BUILD_REPOSITORY_URI}" | sed -nE 's#.*/([^/]+/[^\]+)#\1#p')
headers=$(basename $(mktemp "$(pwd)/curl.XXXXXXXX"))
code=$(curl -X HEAD -s -S -F project="${slug}" \
-F token="${token}" \
-o /dev/null -D ${headers} -w '%{http_code}' \
"https://scan.coverity.com/download/cxx/linux64")
[ "${code}" != "200" ] && echo "cURL exited with ${code}" 1>&2 && exit 1
file=$(sed -n -E 's/.*filename="([^"]+)".*/\1/p' ${headers})
echo "###vso[task.setvariable variable=cov_archive;]${file}"
echo "###vso[task.setvariable variable=cov_analysis;]$(pwd)/cov-analysis"
echo "###vso[task.setvariable variable=PATH;]$(pwd)/cov-analysis/bin:${PATH}"
rm -f ${headers}
name: setup_coverity
env:
token: $(COVERITY_SCAN_TOKEN)
- task: Cache@2
inputs:
key: coverity | 1 | "$(cov_archive)"
path: $(cov_analysis)
cacheHitVar: coverity_cached
name: cache_coverity
## Download Coverity on cache miss
- bash: |
set -e
slug=$(echo "${BUILD_REPOSITORY_URI}" | sed -nE 's#.*/([^/]+/[^\]+)#\1#p')
headers=$(basename $(mktemp "$(pwd)/tmp.XXXXXXXX"))
code=$(curl -s -S -F project="${slug}" \
-F token="${token}" \
-O -J -D ${headers} -w '%{http_code}' \
"https://scan.coverity.com/download/cxx/linux64")
[ "${code}" != "200" ] && echo "cURL exited with ${code}" 1>&2 && exit 1
file=$(sed -n -E 's/^.*filename="([^"]+)".*$/\1/p' ${headers})
tar -xzf ${file} -C .
dir=$(find . -type d -name "cov-analysis*" | head -1)
mv "${dir}" "${COV_ANALYSIS}"
rm -f ${headers} "${file}"
name: install_coverity
condition: ne(variables['coverity_cached'], 'true')
env:
token: $(COVERITY_SCAN_TOKEN)
- bash: |
set -e -x
echo "###vso[task.setvariable variable=scan_build;]cov-build --dir $(pwd)/cov-int"
cov-configure --clang
name: configure_coverity
- template: /.azure/templates/build-test.yml
## Submit to Coverity Scan
- bash: |
set -e -x
slug=$(echo "${BUILD_REPOSITORY_URI}" | sed -nE 's#.*/([^/]+/[^\]+)#\1#p')
tar -czf analysis-results.tgz cov-int
code=$(curl -s -S -F project="${slug}" \
-F token="${token}" \
-F file=@analysis-results.tgz \
-F version=$(git rev-parse --short HEAD) \
-F description="Azure Pipelines build" \
-F email="${COVERITY_SCAN_EMAIL:=cyclonedds-inbox@eclipse.org}" \
-w '%{http_code}' \
"https://scan.coverity.com/builds")
[[ "${code}" =~ "success" ]] || (echo "cURL exited with ${code}" 1>&2 && exit 1)
rm -f analysis-results.tgz
name: submit_to_coverity_scan
env:
token: $(COVERITY_SCAN_TOKEN)
## Save Coverity build log for debugging
- task: PublishBuildArtifacts@1
inputs:
pathToPublish: cov-int/build-log.txt
artifactName: 'coverity-build-log.txt'
|
