| 1 | #!/bin/bash |
| 2 | # |
| 3 | # Copyright (C) 2020 Michael Jeanson <mjeanson@efficios.com> |
| 4 | # Copyright (C) 2015 Jonathan Rajotte-Julien <jonathan.rajotte-julien@efficios.com> |
| 5 | # |
| 6 | # This program is free software: you can redistribute it and/or modify |
| 7 | # it under the terms of the GNU General Public License as published by |
| 8 | # the Free Software Foundation, either version 3 of the License, or |
| 9 | # (at your option) any later version. |
| 10 | # |
| 11 | # This program is distributed in the hope that it will be useful, |
| 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 14 | # GNU General Public License for more details. |
| 15 | # |
| 16 | # You should have received a copy of the GNU General Public License |
| 17 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
| 18 | |
| 19 | set -exu |
| 20 | |
| 21 | # Required variables |
| 22 | WORKSPACE=${WORKSPACE:-} |
| 23 | |
| 24 | # Coverity settings |
| 25 | # The project name and token have to be provided trough env variables |
| 26 | #COVERITY_SCAN_PROJECT_NAME="" |
| 27 | #COVERITY_SCAN_TOKEN="" |
| 28 | COVERITY_SCAN_DESCRIPTION="Automated CI build" |
| 29 | COVERITY_SCAN_NOTIFICATION_EMAIL="ci-notification@lists.lttng.org" |
| 30 | COVERITY_SCAN_BUILD_OPTIONS="" |
| 31 | #COVERITY_SCAN_BUILD_OPTIONS="--return-emit-failures 8 --parse-error-threshold 85" |
| 32 | |
| 33 | DEPS_INC="$WORKSPACE/deps/build/include" |
| 34 | DEPS_LIB="$WORKSPACE/deps/build/lib" |
| 35 | DEPS_PKGCONFIG="$DEPS_LIB/pkgconfig" |
| 36 | DEPS_BIN="$WORKSPACE/deps/build/bin" |
| 37 | |
| 38 | export PATH="$DEPS_BIN:$PATH" |
| 39 | export LD_LIBRARY_PATH="$DEPS_LIB:${LD_LIBRARY_PATH:-}" |
| 40 | export PKG_CONFIG_PATH="$DEPS_PKGCONFIG" |
| 41 | export CPPFLAGS="-I$DEPS_INC" |
| 42 | export LDFLAGS="-L$DEPS_LIB" |
| 43 | |
| 44 | SRCDIR="$WORKSPACE/src/${COVERITY_SCAN_PROJECT_NAME}" |
| 45 | TMPDIR="$WORKSPACE/tmp" |
| 46 | |
| 47 | NPROC=$(nproc) |
| 48 | PLATFORM=$(uname) |
| 49 | export CFLAGS="-O0 -g -DDEBUG" |
| 50 | |
| 51 | TOOL_ARCHIVE="$TMPDIR/cov-analysis-${PLATFORM}.tgz" |
| 52 | TOOL_URL=https://scan.coverity.com/download/${PLATFORM} |
| 53 | TOOL_BASE="$TMPDIR/coverity-scan-analysis" |
| 54 | |
| 55 | UPLOAD_URL="https://scan.coverity.com/builds" |
| 56 | SCAN_URL="https://scan.coverity.com" |
| 57 | |
| 58 | RESULTS_DIR_NAME="cov-int" |
| 59 | RESULTS_DIR="$WORKSPACE/$RESULTS_DIR_NAME" |
| 60 | RESULTS_ARCHIVE=analysis-results.tgz |
| 61 | |
| 62 | # Create tmp directory |
| 63 | rm -rf "$TMPDIR" |
| 64 | mkdir -p "$TMPDIR" |
| 65 | |
| 66 | export TMPDIR |
| 67 | |
| 68 | case "$COVERITY_SCAN_PROJECT_NAME" in |
| 69 | babeltrace) |
| 70 | CONF_OPTS="--enable-python-bindings --enable-python-bindings-doc --enable-python-plugins" |
| 71 | BUILD_TYPE="autotools" |
| 72 | ;; |
| 73 | liburcu) |
| 74 | CONF_OPTS="" |
| 75 | BUILD_TYPE="autotools" |
| 76 | ;; |
| 77 | lttng-modules) |
| 78 | CONF_OPTS="" |
| 79 | BUILD_TYPE="autotools" |
| 80 | ;; |
| 81 | lttng-tools) |
| 82 | CONF_OPTS="" |
| 83 | BUILD_TYPE="autotools" |
| 84 | ;; |
| 85 | lttng-ust) |
| 86 | CONF_OPTS="--enable-java-agent-all --enable-python-agent" |
| 87 | BUILD_TYPE="autotools" |
| 88 | export CLASSPATH="/usr/share/java/log4j-1.2.jar" |
| 89 | ;; |
| 90 | lttng-scope|ctf-java|libdelorean-java|jabberwocky) |
| 91 | CONF_OPTS="" |
| 92 | BUILD_TYPE="maven" |
| 93 | MVN_BIN="$HOME/tools/hudson.tasks.Maven_MavenInstallation/default/bin/mvn" |
| 94 | ;; |
| 95 | linux-rseq) |
| 96 | CONF_OPTS="" |
| 97 | BUILD_TYPE="linux-rseq" |
| 98 | ;; |
| 99 | *) |
| 100 | echo "Generic project, no configure options." |
| 101 | CONF_OPTS="" |
| 102 | BUILD_TYPE="autotools" |
| 103 | ;; |
| 104 | esac |
| 105 | |
| 106 | if [ -d "$WORKSPACE/src/linux" ]; then |
| 107 | export KERNELDIR="$WORKSPACE/src/linux" |
| 108 | fi |
| 109 | |
| 110 | # Enter the source directory |
| 111 | cd "$SRCDIR" |
| 112 | |
| 113 | # Verify upload is permitted |
| 114 | # Added "--insecure" because Coverity can't be bothered to properly install SSL certificate chains |
| 115 | set +x |
| 116 | AUTH_RES=$(curl -s --insecure --form project="$COVERITY_SCAN_PROJECT_NAME" --form token="$COVERITY_SCAN_TOKEN" $SCAN_URL/api/upload_permitted) |
| 117 | set -x |
| 118 | if [ "$AUTH_RES" = "Access denied" ]; then |
| 119 | echo -e "\033[33;1mCoverity Scan API access denied. Check COVERITY_SCAN_PROJECT_NAME and COVERITY_SCAN_TOKEN.\033[0m" |
| 120 | exit 1 |
| 121 | else |
| 122 | AUTH=$(echo "$AUTH_RES" | jq .upload_permitted) |
| 123 | if [ "$AUTH" = "true" ]; then |
| 124 | echo -e "\033[33;1mCoverity Scan analysis authorized per quota.\033[0m" |
| 125 | else |
| 126 | WHEN=$(echo "$AUTH_RES" | jq .next_upload_permitted_at) |
| 127 | echo -e "\033[33;1mCoverity Scan analysis NOT authorized until $WHEN.\033[0m" |
| 128 | exit 1 |
| 129 | fi |
| 130 | fi |
| 131 | |
| 132 | |
| 133 | # Download Coverity Scan Analysis Tool |
| 134 | if [ ! -d "$TOOL_BASE" ]; then |
| 135 | if [ ! -e "$TOOL_ARCHIVE" ]; then |
| 136 | echo -e "\033[33;1mDownloading Coverity Scan Analysis Tool...\033[0m" |
| 137 | set +x |
| 138 | curl -s --insecure --form project="$COVERITY_SCAN_PROJECT_NAME" --form token="$COVERITY_SCAN_TOKEN" -o "$TOOL_ARCHIVE" "$TOOL_URL" |
| 139 | set -x |
| 140 | fi |
| 141 | |
| 142 | # Extract Coverity Scan Analysis Tool |
| 143 | echo -e "\033[33;1mExtracting Coverity Scan Analysis Tool...\033[0m" |
| 144 | mkdir -p "$TOOL_BASE" |
| 145 | cd "$TOOL_BASE" || exit 1 |
| 146 | tar xzf "$TOOL_ARCHIVE" |
| 147 | cd - |
| 148 | fi |
| 149 | |
| 150 | TOOL_DIR=$(find "$TOOL_BASE" -type d -name 'cov-analysis*') |
| 151 | export PATH=$TOOL_DIR/bin:$PATH |
| 152 | |
| 153 | COVERITY_SCAN_VERSION=$(git describe --always | sed 's|-|.|g') |
| 154 | |
| 155 | # Build |
| 156 | echo -e "\033[33;1mRunning Coverity Scan Analysis Tool...\033[0m" |
| 157 | case "$BUILD_TYPE" in |
| 158 | maven) |
| 159 | cov-configure --java |
| 160 | cov-build --dir "$RESULTS_DIR" $COVERITY_SCAN_BUILD_OPTIONS "$MVN_BIN" \ |
| 161 | -s "$MVN_SETTINGS" \ |
| 162 | -Dmaven.repo.local="$WORKSPACE/.repository" \ |
| 163 | -Dmaven.compiler.fork=true \ |
| 164 | -Dmaven.compiler.forceJavaCompilerUse=true \ |
| 165 | -Dmaven.test.skip=true \ |
| 166 | -DskipTests \ |
| 167 | clean verify |
| 168 | ;; |
| 169 | autotools) |
| 170 | # Prepare build dir for autotools based projects |
| 171 | if [ -f "./bootstrap" ]; then |
| 172 | ./bootstrap |
| 173 | ./configure $CONF_OPTS |
| 174 | fi |
| 175 | |
| 176 | cov-build --dir "$RESULTS_DIR" $COVERITY_SCAN_BUILD_OPTIONS make -j"$NPROC" V=1 |
| 177 | ;; |
| 178 | linux-rseq) |
| 179 | make defconfig |
| 180 | make -j"$NPROC" prepare |
| 181 | cov-build --dir "$RESULTS_DIR" $COVERITY_SCAN_BUILD_OPTIONS make -j"$NPROC" kernel/rseq.o kernel/do_on_cpu/core.o kernel/do_on_cpu/interpreter.o kernel/do_on_cpu/validate.o V=1 |
| 182 | ;; |
| 183 | *) |
| 184 | echo "Unsupported build type: $BUILD_TYPE" |
| 185 | exit 1 |
| 186 | ;; |
| 187 | esac |
| 188 | |
| 189 | |
| 190 | |
| 191 | cov-import-scm --dir "$RESULTS_DIR" --scm git --log "$RESULTS_DIR/scm_log.txt" |
| 192 | |
| 193 | cd "${WORKSPACE}" |
| 194 | |
| 195 | # Tar results |
| 196 | echo -e "\033[33;1mTarring Coverity Scan Analysis results...\033[0m" |
| 197 | tar czf $RESULTS_ARCHIVE $RESULTS_DIR_NAME |
| 198 | |
| 199 | # Upload results |
| 200 | echo -e "\033[33;1mUploading Coverity Scan Analysis results...\033[0m" |
| 201 | set +x |
| 202 | response=$(curl --insecure \ |
| 203 | --silent --write-out "\n%{http_code}\n" \ |
| 204 | --form project="$COVERITY_SCAN_PROJECT_NAME" \ |
| 205 | --form token="$COVERITY_SCAN_TOKEN" \ |
| 206 | --form email="$COVERITY_SCAN_NOTIFICATION_EMAIL" \ |
| 207 | --form file=@"$RESULTS_ARCHIVE" \ |
| 208 | --form version="$COVERITY_SCAN_VERSION" \ |
| 209 | --form description="$COVERITY_SCAN_DESCRIPTION" \ |
| 210 | "$UPLOAD_URL") |
| 211 | set -x |
| 212 | status_code=$(echo "$response" | sed -n '$p') |
| 213 | if [ "${status_code:0:1}" == "2" ]; then |
| 214 | echo -e "\033[33;1mCoverity Scan upload successful.\033[0m" |
| 215 | else |
| 216 | TEXT=$(echo "$response" | sed '$d') |
| 217 | echo -e "\033[33;1mCoverity Scan upload failed: $TEXT.\033[0m" |
| 218 | exit 1 |
| 219 | fi |
| 220 | |
| 221 | # EOF |