| 1 | #!/bin/bash |
| 2 | # |
| 3 | # SPDX-FileCopyrightText: 2015 Jonathan Rajotte-Julien <jonathan.rajotte-julien@efficios.com> |
| 4 | # SPDX-FileCopyrightText: 2023 Michael Jeanson <mjeanson@efficios.com> |
| 5 | # SPDX-License-Identifier: GPL-2.0-or-later |
| 6 | |
| 7 | set -exu |
| 8 | |
| 9 | # Required variables |
| 10 | WORKSPACE=${WORKSPACE:-} |
| 11 | |
| 12 | # Coverity settings |
| 13 | # The project name and token have to be provided trough env variables |
| 14 | #COVERITY_SCAN_PROJECT_NAME="" |
| 15 | #COVERITY_SCAN_TOKEN="" |
| 16 | COVERITY_SCAN_DESCRIPTION="Automated CI build" |
| 17 | COVERITY_SCAN_NOTIFICATION_EMAIL="ci-notification@lists.lttng.org" |
| 18 | COVERITY_SCAN_BUILD_OPTIONS="" |
| 19 | #COVERITY_SCAN_BUILD_OPTIONS=("--return-emit-failures 8" "--parse-error-threshold 85") |
| 20 | |
| 21 | DEPS_INC="$WORKSPACE/deps/build/include" |
| 22 | DEPS_LIB="$WORKSPACE/deps/build/lib" |
| 23 | DEPS_PKGCONFIG="$DEPS_LIB/pkgconfig" |
| 24 | DEPS_BIN="$WORKSPACE/deps/build/bin" |
| 25 | |
| 26 | export PATH="$DEPS_BIN:$PATH" |
| 27 | export LD_LIBRARY_PATH="$DEPS_LIB:${LD_LIBRARY_PATH:-}" |
| 28 | export PKG_CONFIG_PATH="$DEPS_PKGCONFIG" |
| 29 | export CPPFLAGS="-I$DEPS_INC" |
| 30 | export LDFLAGS="-L$DEPS_LIB" |
| 31 | |
| 32 | SRCDIR="$WORKSPACE/src/${COVERITY_SCAN_PROJECT_NAME}" |
| 33 | TMPDIR="$WORKSPACE/tmp" |
| 34 | |
| 35 | NPROC=$(nproc) |
| 36 | PLATFORM=$(uname) |
| 37 | export CFLAGS="-O0 -g -DDEBUG" |
| 38 | export CXXFLAGS="-O0 -g -DDEBUG" |
| 39 | |
| 40 | # Cache the tool installer in the home directory since we delete the workspace |
| 41 | # on each build |
| 42 | TOOL_ARCHIVE="$HOME/cov-analysis-${PLATFORM}.tgz" |
| 43 | TOOL_URL=https://scan.coverity.com/download/${PLATFORM} |
| 44 | TOOL_BASE="$TMPDIR/coverity-scan-analysis" |
| 45 | |
| 46 | UPLOAD_URL="https://scan.coverity.com/builds" |
| 47 | SCAN_URL="https://scan.coverity.com" |
| 48 | |
| 49 | RESULTS_DIR_NAME="cov-int" |
| 50 | RESULTS_DIR="$WORKSPACE/$RESULTS_DIR_NAME" |
| 51 | RESULTS_ARCHIVE=analysis-results.tgz |
| 52 | |
| 53 | # Create tmp directory |
| 54 | rm -rf "$TMPDIR" |
| 55 | mkdir -p "$TMPDIR" |
| 56 | |
| 57 | export TMPDIR |
| 58 | |
| 59 | case "$COVERITY_SCAN_PROJECT_NAME" in |
| 60 | babeltrace) |
| 61 | CONF_OPTS=("--enable-python-bindings" "--enable-python-bindings-doc" "--enable-python-plugins") |
| 62 | BUILD_TYPE="autotools" |
| 63 | ;; |
| 64 | liburcu) |
| 65 | CONF_OPTS=() |
| 66 | BUILD_TYPE="autotools" |
| 67 | ;; |
| 68 | lttng-modules) |
| 69 | CONF_OPTS=() |
| 70 | BUILD_TYPE="autotools" |
| 71 | ;; |
| 72 | lttng-tools) |
| 73 | CONF_OPTS=() |
| 74 | BUILD_TYPE="autotools" |
| 75 | ;; |
| 76 | lttng-ust) |
| 77 | CONF_OPTS=("--enable-java-agent-all" "--enable-python-agent") |
| 78 | BUILD_TYPE="autotools" |
| 79 | export CLASSPATH="/usr/share/java/log4j-api.jar:/usr/share/java/log4j-core.jar:/usr/share/java/log4j-1.2.jar" |
| 80 | ;; |
| 81 | *) |
| 82 | echo "Generic project, no configure options." |
| 83 | CONF_OPTS=() |
| 84 | BUILD_TYPE="autotools" |
| 85 | ;; |
| 86 | esac |
| 87 | |
| 88 | if [ -d "$WORKSPACE/src/linux" ]; then |
| 89 | export KERNELDIR="$WORKSPACE/src/linux" |
| 90 | fi |
| 91 | |
| 92 | # Enter the source directory |
| 93 | cd "$SRCDIR" |
| 94 | |
| 95 | # Verify upload is permitted |
| 96 | set +x |
| 97 | AUTH_RES=$(curl --silent --form project="$COVERITY_SCAN_PROJECT_NAME" --form token="$COVERITY_SCAN_TOKEN" $SCAN_URL/api/upload_permitted) |
| 98 | set -x |
| 99 | if [ "$AUTH_RES" = "Access denied" ]; then |
| 100 | echo -e "\033[33;1mCoverity Scan API access denied. Check COVERITY_SCAN_PROJECT_NAME and COVERITY_SCAN_TOKEN.\033[0m" |
| 101 | exit 1 |
| 102 | else |
| 103 | AUTH=$(echo "$AUTH_RES" | jq .upload_permitted) |
| 104 | if [ "$AUTH" = "true" ]; then |
| 105 | echo -e "\033[33;1mCoverity Scan analysis authorized per quota.\033[0m" |
| 106 | else |
| 107 | WHEN=$(echo "$AUTH_RES" | jq .next_upload_permitted_at) |
| 108 | echo -e "\033[33;1mCoverity Scan analysis NOT authorized until $WHEN.\033[0m" |
| 109 | exit 1 |
| 110 | fi |
| 111 | fi |
| 112 | |
| 113 | |
| 114 | # Download Coverity Scan Analysis Tool |
| 115 | if [ ! -d "$TOOL_BASE" ]; then |
| 116 | echo -e "\033[33;1mDownloading Coverity Scan Analysis Tool...\033[0m" |
| 117 | set +x |
| 118 | curl --fail \ |
| 119 | --location \ |
| 120 | --remote-time \ |
| 121 | --form project="$COVERITY_SCAN_PROJECT_NAME" \ |
| 122 | --form token="$COVERITY_SCAN_TOKEN" \ |
| 123 | --output "$TOOL_ARCHIVE" \ |
| 124 | "$TOOL_URL" || rm -f "$TOOL_ARCHIVE" |
| 125 | set -x |
| 126 | |
| 127 | # Extract Coverity Scan Analysis Tool |
| 128 | echo -e "\033[33;1mExtracting Coverity Scan Analysis Tool...\033[0m" |
| 129 | mkdir -p "$TOOL_BASE" |
| 130 | cd "$TOOL_BASE" || exit 1 |
| 131 | tar xzf "$TOOL_ARCHIVE" |
| 132 | cd - |
| 133 | fi |
| 134 | |
| 135 | TOOL_DIR=$(find "$TOOL_BASE" -type d -name 'cov-analysis*') |
| 136 | export PATH=$TOOL_DIR/bin:$PATH |
| 137 | |
| 138 | COVERITY_SCAN_VERSION=$(git describe --always | sed 's|-|.|g') |
| 139 | |
| 140 | # Build |
| 141 | echo -e "\033[33;1mRunning Coverity Scan Analysis Tool...\033[0m" |
| 142 | case "$BUILD_TYPE" in |
| 143 | maven) |
| 144 | cov-configure --java |
| 145 | cov-build --dir "$RESULTS_DIR" "${COVERITY_SCAN_BUILD_OPTIONS[@]}" "$MVN_BIN" \ |
| 146 | -s "$MVN_SETTINGS" \ |
| 147 | -Dmaven.repo.local="$WORKSPACE/.repository" \ |
| 148 | -Dmaven.compiler.fork=true \ |
| 149 | -Dmaven.compiler.forceJavaCompilerUse=true \ |
| 150 | -Dmaven.test.skip=true \ |
| 151 | -DskipTests \ |
| 152 | clean verify |
| 153 | ;; |
| 154 | autotools) |
| 155 | # Prepare build dir for autotools based projects |
| 156 | if [ -f "./bootstrap" ]; then |
| 157 | ./bootstrap |
| 158 | ./configure "${CONF_OPTS[@]}" |
| 159 | fi |
| 160 | |
| 161 | cov-build --dir "$RESULTS_DIR" ${COVERITY_SCAN_BUILD_OPTIONS[@]} make -j"$NPROC" V=1 |
| 162 | ;; |
| 163 | *) |
| 164 | echo "Unsupported build type: $BUILD_TYPE" |
| 165 | exit 1 |
| 166 | ;; |
| 167 | esac |
| 168 | |
| 169 | |
| 170 | |
| 171 | cov-import-scm --dir "$RESULTS_DIR" --scm git --log "$RESULTS_DIR/scm_log.txt" |
| 172 | |
| 173 | cd "${WORKSPACE}" |
| 174 | |
| 175 | # Tar results |
| 176 | echo -e "\033[33;1mTarring Coverity Scan Analysis results...\033[0m" |
| 177 | tar czf $RESULTS_ARCHIVE $RESULTS_DIR_NAME |
| 178 | |
| 179 | # Upload results |
| 180 | echo -e "\033[33;1mUploading Coverity Scan Analysis results...\033[0m" |
| 181 | response=$(curl \ |
| 182 | --write-out "\n%{http_code}\n" \ |
| 183 | --form project="$COVERITY_SCAN_PROJECT_NAME" \ |
| 184 | --form token="$COVERITY_SCAN_TOKEN" \ |
| 185 | --form email="$COVERITY_SCAN_NOTIFICATION_EMAIL" \ |
| 186 | --form file=@"$RESULTS_ARCHIVE" \ |
| 187 | --form version="$COVERITY_SCAN_VERSION" \ |
| 188 | --form description="$COVERITY_SCAN_DESCRIPTION" \ |
| 189 | "$UPLOAD_URL") |
| 190 | status_code=$(echo "$response" | sed -n '$p') |
| 191 | if [ "${status_code:0:1}" == "2" ]; then |
| 192 | echo -e "\033[33;1mCoverity Scan upload successful.\033[0m" |
| 193 | else |
| 194 | TEXT=$(echo "$response" | sed '$d') |
| 195 | echo -e "\033[33;1mCoverity Scan upload failed: $TEXT.\033[0m" |
| 196 | exit 1 |
| 197 | fi |
| 198 | |
| 199 | # EOF |