diff options
| author | Carlos Garnacho <carlosg@gnome.org> | 2020-02-29 15:06:26 +0100 |
|---|---|---|
| committer | Carlos Garnacho <carlosg@gnome.org> | 2020-10-28 22:35:00 +0100 |
| commit | bccb41e2b166eaedd2a5e354e35e04a6ec0d4a9f (patch) | |
| tree | dc9e6fa4d131e8477d5552419b9548225b56b84c | |
| parent | 514b2ff4245d6091105b8e18a2ad9a6c9d75a287 (diff) | |
| download | mutter-wip/carlosg/ci-coverity.tar.gz | |
ci: Add job for pushing coverity reportswip/carlosg/ci-coverity
This job does:
1. Download the coverity bundle and untar it
2. Build mutter using clang and the coverity tool
3. Compress the coverity report
4. Upload for analysis
Things to note:
- Analysis are throttled, as per https://scan.coverity.com/faq#frequency
we qualify for 21 weekly builds, 3 daily. Mutter is sometimes a busy
project, so it seems we'd get often those consumed early in the day.
This is something we can resign to, but the times we'll try to upload
a report to have it rejected make the operation kinda pointless and
probably better throttled by ourselves.
- The task is manual, given the restrictions above.
- The task only applies on master, as the envvar holding the coverity
token is protected in gitlab.
- I had to use clang as the coverity tool doesn't seem to work ATM with
gcc as per recent Fedora.
- The coverity tarball is 714MB in size, which is a bit too big to have
it downloaded each time. As per their upload instructions, the tarball
gets updated twice yearly, may also be a candidate for caching.
- The coverity token for mutter is kept private/hidden in gitlab CI
settings.
https://gitlab.gnome.org/GNOME/mutter/-/merge_requests/1100
| -rw-r--r-- | .gitlab-ci.yml | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 4f029c16d..bb3570727 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -4,7 +4,7 @@ stages: - review - build - test - - coverage + - analyze check-commit-log: stage: review @@ -84,7 +84,7 @@ test-mutter: - build test-mutter-coverage: - stage: coverage + stage: analyze dependencies: - test-mutter needs: ["test-mutter"] @@ -100,6 +100,26 @@ test-mutter-coverage: - merge_requests - /^.*$/ +test-mutter-coverity: + stage: analyze + allow_failure: true + needs: [] + script: + - dnf install -y clang + - curl https://scan.coverity.com/download/linux64 --data "token=$COVERITY_TOKEN&project=mutter" --output /tmp/coverity_tool.tgz + - tar zxf /tmp/coverity_tool.tgz + - CC=clang meson coverity-build -Dprofiler=false + - ./cov-analysis-linux64-*/bin/cov-build --dir cov-int ninja -C coverity-build + - tar czf cov-int.tar.gz cov-int + - curl https://scan.coverity.com/builds?project=mutter + --form token=$COVERITY_TOKEN --form email=carlosg@gnome.org + --form file=@cov-int.tar.gz --form version="`git describe --tags`" + --form description="GitLab CI build" + when: manual + only: + - merge_requests + - master + can-build-gnome-shell: stage: test dependencies: |