scripts/common/coverity.sh

   1 #!/bin/bash -exu
   2 #
   3 # Copyright (C) 2015 - Michael Jeanson <mjeanson@efficios.com>
   4 #                      Jonathan Rajotte-Julien <jonathan.rajotte-julien@efficios.com>
   5 #
   6 # This program is free software: you can redistribute it and/or modify
   7 # it under the terms of the GNU General Public License as published by
   8 # the Free Software Foundation, either version 3 of the License, or
   9 # (at your option) any later version.
  10 #
  11 # This program is distributed in the hope that it will be useful,
  12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14 # GNU General Public License for more details.
  15 #
  16 # You should have received a copy of the GNU General Public License
  17 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18
  19 # Coverity settings
  20 # The project name and token have to be provided trough env variables
  21 #COVERITY_SCAN_PROJECT_NAME=""
  22 #COVERITY_SCAN_TOKEN=""
  23 COVERITY_SCAN_DESCRIPTION="Automated CI build"
  24 COVERITY_SCAN_NOTIFICATION_EMAIL="ci-notification@lists.lttng.org"
  25 COVERITY_SCAN_BUILD_OPTIONS=""
  26 #COVERITY_SCAN_BUILD_OPTIONS="--return-emit-failures 8 --parse-error-threshold 85"
  27
  28 SRCDIR="$WORKSPACE/src/${COVERITY_SCAN_PROJECT_NAME}"
  29 TMPDIR="$WORKSPACE/tmp"
  30
  31 NPROC=$(nproc)
  32 PLATFORM=$(uname)
  33 export CFLAGS="-O0 -g -DDEBUG"
  34
  35 TOOL_ARCHIVE="$TMPDIR/cov-analysis-${PLATFORM}.tgz"
  36 TOOL_URL=https://scan.coverity.com/download/${PLATFORM}
  37 TOOL_BASE="$TMPDIR/coverity-scan-analysis"
  38
  39 UPLOAD_URL="https://scan.coverity.com/builds"
  40 SCAN_URL="https://scan.coverity.com"
  41
  42 RESULTS_DIR_NAME="cov-int"
  43 RESULTS_DIR="$WORKSPACE/$RESULTS_DIR_NAME"
  44 RESULTS_ARCHIVE=analysis-results.tgz
  45
  46 # Create tmp directory
  47 rm -rf "$TMPDIR"
  48 mkdir -p "$TMPDIR"
  49
  50 export TMPDIR
  51
  52 case "$COVERITY_SCAN_PROJECT_NAME" in
  53 babeltrace)
  54     CONF_OPTS="--enable-python-bindings --enable-python-bindings-doc"
  55     BUILD_TYPE="autotools"
  56     ;;
  57 liburcu)
  58     CONF_OPTS=""
  59     BUILD_TYPE="autotools"
  60     ;;
  61 lttng-modules)
  62     CONF_OPTS=""
  63     BUILD_TYPE="autotools"
  64     ;;
  65 lttng-tools)
  66     CONF_OPTS=""
  67     BUILD_TYPE="autotools"
  68     ;;
  69 lttng-ust)
  70     CONF_OPTS="--enable-java-agent-all --enable-python-agent"
  71     BUILD_TYPE="autotools"
  72     export CLASSPATH="/usr/share/java/log4j-1.2.jar"
  73     ;;
  74 lttng-scope|ctf-java|libdelorean-java|jabberwocky)
  75     CONF_OPTS=""
  76     BUILD_TYPE="maven"
  77     MVN_BIN="$HOME/tools/hudson.tasks.Maven_MavenInstallation/default/bin/mvn"
  78     ;;
  79 *)
  80     echo "Generic project, no configure options."
  81     CONF_OPTS=""
  82     BUILD_TYPE="autotools"
  83     ;;
  84 esac
  85
  86 # liburcu dependency
  87 if [ -d "$WORKSPACE/deps/liburcu" ]; then
  88   URCU_INCS="$WORKSPACE/deps/liburcu/build/include/"
  89   URCU_LIBS="$WORKSPACE/deps/liburcu/build/lib/"
  90
  91   export CPPFLAGS="-I$URCU_INCS ${CPPFLAGS:-}"
  92   export LDFLAGS="-L$URCU_LIBS ${LDFLAGS:-}"
  93   export LD_LIBRARY_PATH="$URCU_LIBS:${LD_LIBRARY_PATH:-}"
  94 fi
  95
  96
  97 # lttng-ust dependency
  98 if [ -d "$WORKSPACE/deps/lttng-ust" ]; then
  99   UST_INCS="$WORKSPACE/deps/lttng-ust/build/include/"
 100   UST_LIBS="$WORKSPACE/deps/lttng-ust/build/lib/"
 101
 102   export CPPFLAGS="-I$UST_INCS ${CPPFLAGS:-}"
 103   export LDFLAGS="-L$UST_LIBS ${LDFLAGS:-}"
 104   export LD_LIBRARY_PATH="$UST_LIBS:${LD_LIBRARY_PATH:-}"
 105 fi
 106
 107 if [ -d "$WORKSPACE/src/linux" ]; then
 108         export KERNELDIR="$WORKSPACE/src/linux"
 109 fi
 110
 111
 112 # Verify upload is permitted
 113 set +x
 114 AUTH_RES=$(curl -s --form project="$COVERITY_SCAN_PROJECT_NAME" --form token="$COVERITY_SCAN_TOKEN" $SCAN_URL/api/upload_permitted)
 115 set -x
 116 if [ "$AUTH_RES" = "Access denied" ]; then
 117   echo -e "\033[33;1mCoverity Scan API access denied. Check COVERITY_SCAN_PROJECT_NAME and COVERITY_SCAN_TOKEN.\033[0m"
 118   exit 1
 119 else
 120   AUTH=$(echo "$AUTH_RES" | jq .upload_permitted)
 121   if [ "$AUTH" = "true" ]; then
 122     echo -e "\033[33;1mCoverity Scan analysis authorized per quota.\033[0m"
 123   else
 124     WHEN=$(echo "$AUTH_RES" | jq .next_upload_permitted_at)
 125     echo -e "\033[33;1mCoverity Scan analysis NOT authorized until $WHEN.\033[0m"
 126     exit 1
 127   fi
 128 fi
 129
 130
 131 # Download Coverity Scan Analysis Tool
 132 if [ ! -d "$TOOL_BASE" ]; then
 133   if [ ! -e "$TOOL_ARCHIVE" ]; then
 134     echo -e "\033[33;1mDownloading Coverity Scan Analysis Tool...\033[0m"
 135     set +x
 136     wget -nv -O "$TOOL_ARCHIVE" "$TOOL_URL" --post-data "project=$COVERITY_SCAN_PROJECT_NAME&token=$COVERITY_SCAN_TOKEN"
 137     set -x
 138   fi
 139
 140   # Extract Coverity Scan Analysis Tool
 141   echo -e "\033[33;1mExtracting Coverity Scan Analysis Tool...\033[0m"
 142   mkdir -p "$TOOL_BASE"
 143   cd "$TOOL_BASE" || exit 1
 144   tar xzf "$TOOL_ARCHIVE"
 145   cd -
 146 fi
 147
 148 TOOL_DIR=$(find "$TOOL_BASE" -type d -name 'cov-analysis*')
 149 export PATH=$TOOL_DIR/bin:$PATH
 150
 151 cd "$SRCDIR"
 152
 153 COVERITY_SCAN_VERSION=$(git describe --always | sed 's|-|.|g')
 154
 155 # Prepare build dir for autotools based projects
 156 if [ -f "./bootstrap" ]; then
 157   ./bootstrap
 158   ./configure $CONF_OPTS
 159 fi
 160
 161 # Build
 162 echo -e "\033[33;1mRunning Coverity Scan Analysis Tool...\033[0m"
 163 case "$BUILD_TYPE" in
 164 maven)
 165     cov-configure --java
 166     cov-build --dir "$RESULTS_DIR" $COVERITY_SCAN_BUILD_OPTIONS "$MVN_BIN" \
 167       -s "$MVN_SETTINGS" \
 168       -Dmaven.repo.local="$WORKSPACE/.repository" \
 169       -Dmaven.compiler.fork=true \
 170       -Dmaven.compiler.forceJavaCompilerUse=true \
 171       -Dmaven.test.skip=true \
 172       -DskipTests \
 173       clean verify
 174     ;;
 175 autotools)
 176     cov-build --dir "$RESULTS_DIR" $COVERITY_SCAN_BUILD_OPTIONS make -j"$NPROC" V=1
 177     ;;
 178 *)
 179     echo "Unsupported build type: $BUILD_TYPE"
 180     exit 1
 181     ;;
 182 esac
 183
 184
 185
 186 cov-import-scm --dir "$RESULTS_DIR" --scm git --log "$RESULTS_DIR/scm_log.txt"
 187
 188 cd "${WORKSPACE}"
 189
 190 # Tar results
 191 echo -e "\033[33;1mTarring Coverity Scan Analysis results...\033[0m"
 192 tar czf $RESULTS_ARCHIVE $RESULTS_DIR_NAME
 193
 194 # Upload results
 195 echo -e "\033[33;1mUploading Coverity Scan Analysis results...\033[0m"
 196 set +x
 197 response=$(curl \
 198   --silent --write-out "\n%{http_code}\n" \
 199   --form project="$COVERITY_SCAN_PROJECT_NAME" \
 200   --form token="$COVERITY_SCAN_TOKEN" \
 201   --form email="$COVERITY_SCAN_NOTIFICATION_EMAIL" \
 202   --form file=@"$RESULTS_ARCHIVE" \
 203   --form version="$COVERITY_SCAN_VERSION" \
 204   --form description="$COVERITY_SCAN_DESCRIPTION" \
 205   "$UPLOAD_URL")
 206 set -x
 207 status_code=$(echo "$response" | sed -n '$p')
 208 if [ "$status_code" == "201" ]; then
 209   echo -e "\033[33;1mCoverity Scan upload successful.\033[0m"
 210 else
 211   TEXT=$(echo "$response" | sed '$d')
 212   echo -e "\033[33;1mCoverity Scan upload failed: $TEXT.\033[0m"
 213   exit 1
 214 fi
 215
 216 # EOF