systemd/tools/coverity.sh
Frantisek Sumsal 176086a2ec ci: simplify the Coverity script a bit
Also, address https://github.com/systemd/systemd/pull/24252#issuecomment-1208747320
by using a pre-defined e-mail address stored in the GH Action secrets.
2022-08-11 10:57:25 +02:00

63 lines
2.2 KiB
Bash
Executable File

#!/usr/bin/env bash
# SPDX-License-Identifier: LGPL-2.1-or-later
set -eux
COVERITY_SCAN_TOOL_BASE="/tmp/coverity-scan-analysis"
COVERITY_SCAN_PROJECT_NAME="systemd/systemd"
function coverity_install_script {
local platform tool_url tool_archive
platform=$(uname)
tool_url="https://scan.coverity.com/download/${platform}"
tool_archive="/tmp/cov-analysis-${platform}.tgz"
set +x # this is supposed to hide COVERITY_SCAN_TOKEN
echo -e "\033[33;1mDownloading Coverity Scan Analysis Tool...\033[0m"
wget -nv -O "$tool_archive" "$tool_url" --post-data "project=$COVERITY_SCAN_PROJECT_NAME&token=${COVERITY_SCAN_TOKEN:?}"
set -x
mkdir -p "$COVERITY_SCAN_TOOL_BASE"
pushd "$COVERITY_SCAN_TOOL_BASE"
tar xzf "$tool_archive"
popd
}
function run_coverity {
local results_dir tool_dir results_archive sha response status_code
results_dir="cov-int"
tool_dir=$(find "$COVERITY_SCAN_TOOL_BASE" -type d -name 'cov-analysis*')
results_archive="analysis-results.tgz"
sha=$(git rev-parse --short HEAD)
meson -Dman=false build
COVERITY_UNSUPPORTED=1 "$tool_dir/bin/cov-build" --dir "$results_dir" sh -c "ninja -C ./build -v"
"$tool_dir/bin/cov-import-scm" --dir "$results_dir" --scm git --log "$results_dir/scm_log.txt"
tar czf "$results_archive" "$results_dir"
set +x # this is supposed to hide COVERITY_SCAN_TOKEN
echo -e "\033[33;1mUploading Coverity Scan Analysis results...\033[0m"
response=$(curl \
--silent --write-out "\n%{http_code}\n" \
--form project="$COVERITY_SCAN_PROJECT_NAME" \
--form token="${COVERITY_SCAN_TOKEN:?}" \
--form email="${COVERITY_SCAN_NOTIFICATION_EMAIL:?}" \
--form file="@$results_archive" \
--form version="$sha" \
--form description="Daily build" \
https://scan.coverity.com/builds)
printf "\033[33;1mThe response is\033[0m\n%s\n" "$response"
status_code=$(echo "$response" | sed -n '$p')
if [ "$status_code" != "200" ]; then
echo -e "\033[33;1mCoverity Scan upload failed: $(echo "$response" | sed '$d').\033[0m"
return 1
fi
set -x
}
coverity_install_script
run_coverity