summaryrefslogtreecommitdiff
path: root/script/coverity.sh
Commit message (Collapse)AuthorAgeFilesLines
* coverity: check for Coverity token only if necessaryPatrick Steinhardt2016-10-311-3/+3
| | | | | | | | | | | | | | When running a Coverity build, we have to provide an authentication token in order to proof that we are actually allowed to run analysis in the name of a certain project. As this token should be secret, it is only set on the main repository, so when we were requested to run the Coverity script on another repository we do error out. But in fact we do also error out if the Coverity analysis should _not_ be run if there is no authentication token provided. Fix the issue by only checking for the authentication token after determining if analysis is indeed requested.
* coverity: only analyze the master branch of the main repositoryPatrick Steinhardt2016-10-281-3/+3
| | | | | | | | | | | | | We used to only execute Coverity analysis on the 'development' branch before commit 998f001 (Refine build limitation, 2014-01-15), which refined Coverity build limitations. While we do not really use the 'development' branch anymore, it does still make sense to only analyze a single branch, as otherwise Coverity might get confused. Re-establish the restriction such that we only analyze libgit2's 'master' branch. Also fix the message announcing why we do not actually analyze a certain build.
* coverity: fix download URLPatrick Steinhardt2016-10-281-2/+1
|
* coverity: report errors when uploading tarballPatrick Steinhardt2016-03-111-2/+16
| | | | | | | | | | | Curl by default does not report errors by setting the error code. As the upload can fail through several conditions (e.g. the rate limit, leading to unauthorized access) we should indicate this information in Travis CI. To improve upon the behavior, use `--write-out=%{http_code}` to write out the HTTP code in addition to the received body and return an error if the code does not equal 201.
* coverity: use https URL for posting buildPatrick Steinhardt2016-02-101-2/+1
| | | | | | | | | When posting our instrumented build results to Coverity we have to include sensitive information, in particular our authorization token. Currently we use an unencrypted channel to post this information, leading to the token being transferred in plain. Fix this by using a secured connection instead.
* coverity: provide nodef for GITERR_CHECK_ALLOCPatrick Steinhardt2016-02-101-0/+2
| | | | | | | | | | | | Coverity currently lists a lot of errors with regard to GITERR_CHECK_ALLOC causing resource leaks. We know this macro is only invoked when we want to abort because we are out of memory. Coverity allows for overriding the default model where we know that certain functions guarantee a desired behavior. The user_nodefs.h is used to override the behavior of macros. Re-define GITERR_CHECK_ALLOC inside of it to specify its abort nature.
* Run shell scripts through shellcheckUngureanu Marius2014-11-201-11/+11
|
* Refine build limitationBen Straub2014-01-151-2/+7
|
* Only run coverity on developmentBen Straub2014-01-151-0/+3
|
* Add coverity-scan scriptBen Straub2014-01-131-0/+49
View Lorry Controller Status