X-Git-Url: http://git.lttng.org./?a=blobdiff_plain;f=scripts%2Fcommon%2Fcoverity.sh;h=21e76aba68f0312303cacf1867b732601d33c7b0;hb=1371b4a117a8e1e2391e7a72472bc5fcefe0a2bf;hp=a44a962bf29c501a760c0f515b573535f600aa27;hpb=b4c748a89f35f8f9823e470d7892b8b5414d0e10;p=lttng-ci.git

diff --git a/scripts/common/coverity.sh b/scripts/common/coverity.sh
index a44a962..21e76ab 100755
--- a/scripts/common/coverity.sh
+++ b/scripts/common/coverity.sh
@@ -1,20 +1,8 @@
 #!/bin/bash
 #
-# Copyright (C) 2020 Michael Jeanson <mjeanson@efficios.com>
-# Copyright (C) 2015 Jonathan Rajotte-Julien <jonathan.rajotte-julien@efficios.com>
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+# SPDX-FileCopyrightText: 2015 Jonathan Rajotte-Julien <jonathan.rajotte-julien@efficios.com>
+# SPDX-FileCopyrightText: 2023 Michael Jeanson <mjeanson@efficios.com>
+# SPDX-License-Identifier: GPL-2.0-or-later
 
 set -exu
 
@@ -28,7 +16,7 @@ WORKSPACE=${WORKSPACE:-}
 COVERITY_SCAN_DESCRIPTION="Automated CI build"
 COVERITY_SCAN_NOTIFICATION_EMAIL="ci-notification@lists.lttng.org"
 COVERITY_SCAN_BUILD_OPTIONS=""
-#COVERITY_SCAN_BUILD_OPTIONS="--return-emit-failures 8 --parse-error-threshold 85"
+#COVERITY_SCAN_BUILD_OPTIONS=("--return-emit-failures 8" "--parse-error-threshold 85")
 
 DEPS_INC="$WORKSPACE/deps/build/include"
 DEPS_LIB="$WORKSPACE/deps/build/lib"
@@ -46,9 +34,12 @@ TMPDIR="$WORKSPACE/tmp"
 
 NPROC=$(nproc)
 PLATFORM=$(uname)
-export CFLAGS="-O0 -g -DDEBUG"
+export CFLAGS="-O0 -g"
+export CXXFLAGS="-O0 -g"
 
-TOOL_ARCHIVE="$TMPDIR/cov-analysis-${PLATFORM}.tgz"
+# Cache the tool installer in the home directory since we delete the workspace
+# on each build
+TOOL_ARCHIVE="$HOME/cov-analysis-${PLATFORM}.tgz"
 TOOL_URL=https://scan.coverity.com/download/${PLATFORM}
 TOOL_BASE="$TMPDIR/coverity-scan-analysis"
 
@@ -67,34 +58,29 @@ export TMPDIR
 
 case "$COVERITY_SCAN_PROJECT_NAME" in
 babeltrace)
-    CONF_OPTS="--enable-python-bindings --enable-python-bindings-doc --enable-python-plugins"
+    CONF_OPTS=("--enable-python-bindings" "--enable-python-bindings-doc" "--enable-python-plugins")
     BUILD_TYPE="autotools"
     ;;
 liburcu)
-    CONF_OPTS=""
+    CONF_OPTS=()
     BUILD_TYPE="autotools"
     ;;
 lttng-modules)
-    CONF_OPTS=""
+    CONF_OPTS=()
     BUILD_TYPE="autotools"
     ;;
 lttng-tools)
-    CONF_OPTS=""
+    CONF_OPTS=()
     BUILD_TYPE="autotools"
     ;;
 lttng-ust)
-    CONF_OPTS="--enable-java-agent-all --enable-python-agent"
+    CONF_OPTS=("--enable-java-agent-all" "--enable-python-agent")
     BUILD_TYPE="autotools"
-    export CLASSPATH="/usr/share/java/log4j-1.2.jar"
-    ;;
-lttng-scope|ctf-java|libdelorean-java|jabberwocky)
-    CONF_OPTS=""
-    BUILD_TYPE="maven"
-    MVN_BIN="$HOME/tools/hudson.tasks.Maven_MavenInstallation/default/bin/mvn"
+    export CLASSPATH="/usr/share/java/log4j-api.jar:/usr/share/java/log4j-core.jar:/usr/share/java/log4j-1.2.jar"
     ;;
 *)
     echo "Generic project, no configure options."
-    CONF_OPTS=""
+    CONF_OPTS=()
     BUILD_TYPE="autotools"
     ;;
 esac
@@ -107,9 +93,8 @@ fi
 cd "$SRCDIR"
 
 # Verify upload is permitted
-#  Added "--insecure" because Coverity can't be bothered to properly install SSL certificate chains
 set +x
-AUTH_RES=$(curl -s --insecure --form project="$COVERITY_SCAN_PROJECT_NAME" --form token="$COVERITY_SCAN_TOKEN" $SCAN_URL/api/upload_permitted)
+AUTH_RES=$(curl --silent --form project="$COVERITY_SCAN_PROJECT_NAME" --form token="$COVERITY_SCAN_TOKEN" $SCAN_URL/api/upload_permitted)
 set -x
 if [ "$AUTH_RES" = "Access denied" ]; then
   echo -e "\033[33;1mCoverity Scan API access denied. Check COVERITY_SCAN_PROJECT_NAME and COVERITY_SCAN_TOKEN.\033[0m"
@@ -128,12 +113,16 @@ fi
 
 # Download Coverity Scan Analysis Tool
 if [ ! -d "$TOOL_BASE" ]; then
-  if [ ! -e "$TOOL_ARCHIVE" ]; then
-    echo -e "\033[33;1mDownloading Coverity Scan Analysis Tool...\033[0m"
-    set +x
-    curl -s --insecure --form project="$COVERITY_SCAN_PROJECT_NAME" --form token="$COVERITY_SCAN_TOKEN" -o "$TOOL_ARCHIVE" "$TOOL_URL"
-    set -x
-  fi
+  echo -e "\033[33;1mDownloading Coverity Scan Analysis Tool...\033[0m"
+  set +x
+  curl --fail \
+       --location \
+       --remote-time \
+       --form project="$COVERITY_SCAN_PROJECT_NAME" \
+       --form token="$COVERITY_SCAN_TOKEN" \
+       --output "$TOOL_ARCHIVE" \
+       "$TOOL_URL" || rm -f "$TOOL_ARCHIVE"
+  set -x
 
   # Extract Coverity Scan Analysis Tool
   echo -e "\033[33;1mExtracting Coverity Scan Analysis Tool...\033[0m"
@@ -153,7 +142,7 @@ echo -e "\033[33;1mRunning Coverity Scan Analysis Tool...\033[0m"
 case "$BUILD_TYPE" in
 maven)
     cov-configure --java
-    cov-build --dir "$RESULTS_DIR" $COVERITY_SCAN_BUILD_OPTIONS "$MVN_BIN" \
+    cov-build --dir "$RESULTS_DIR" "${COVERITY_SCAN_BUILD_OPTIONS[@]}" "$MVN_BIN" \
       -s "$MVN_SETTINGS" \
       -Dmaven.repo.local="$WORKSPACE/.repository" \
       -Dmaven.compiler.fork=true \
@@ -166,10 +155,10 @@ autotools)
     # Prepare build dir for autotools based projects
     if [ -f "./bootstrap" ]; then
       ./bootstrap
-      ./configure $CONF_OPTS
+      ./configure "${CONF_OPTS[@]}"
     fi
 
-    cov-build --dir "$RESULTS_DIR" $COVERITY_SCAN_BUILD_OPTIONS make -j"$NPROC" V=1
+    cov-build --dir "$RESULTS_DIR" ${COVERITY_SCAN_BUILD_OPTIONS[@]} make -j"$NPROC" V=1
     ;;
 *)
     echo "Unsupported build type: $BUILD_TYPE"
@@ -189,9 +178,8 @@ tar czf $RESULTS_ARCHIVE $RESULTS_DIR_NAME
 
 # Upload results
 echo -e "\033[33;1mUploading Coverity Scan Analysis results...\033[0m"
-set +x
-response=$(curl --insecure \
-  --silent --write-out "\n%{http_code}\n" \
+response=$(curl \
+  --write-out "\n%{http_code}\n" \
   --form project="$COVERITY_SCAN_PROJECT_NAME" \
   --form token="$COVERITY_SCAN_TOKEN" \
   --form email="$COVERITY_SCAN_NOTIFICATION_EMAIL" \
@@ -199,7 +187,6 @@ response=$(curl --insecure \
   --form version="$COVERITY_SCAN_VERSION" \
   --form description="$COVERITY_SCAN_DESCRIPTION" \
   "$UPLOAD_URL")
-set -x
 status_code=$(echo "$response" | sed -n '$p')
 if [ "${status_code:0:1}" == "2" ]; then
   echo -e "\033[33;1mCoverity Scan upload successful.\033[0m"