|
| 1 | +#!/bin/sh |
| 2 | + |
| 3 | +set -e |
| 4 | + |
| 5 | +# Environment check |
| 6 | +echo -e "\033[33;1mNote: COVERITY_SCAN_PROJECT_NAME and COVERITY_SCAN_TOKEN are available on Project Settings page on scan.coverity.com\033[0m" |
| 7 | +[ -z "$COVERITY_SCAN_PROJECT_NAME" ] && echo "ERROR: COVERITY_SCAN_PROJECT_NAME must be set" && exit 1 |
| 8 | +[ -z "$COVERITY_SCAN_NOTIFICATION_EMAIL" ] && echo "ERROR: COVERITY_SCAN_NOTIFICATION_EMAIL must be set" && exit 1 |
| 9 | +[ -z "$COVERITY_SCAN_BRANCH_PATTERN" ] && echo "ERROR: COVERITY_SCAN_BRANCH_PATTERN must be set" && exit 1 |
| 10 | +[ -z "$COVERITY_SCAN_BUILD_COMMAND" ] && echo "ERROR: COVERITY_SCAN_BUILD_COMMAND must be set" && exit 1 |
| 11 | +[ -z "$COVERITY_SCAN_TOKEN" ] && echo "ERROR: COVERITY_SCAN_TOKEN must be set" && exit 1 |
| 12 | + |
| 13 | +PLATFORM=`uname` |
| 14 | +TOOL_ARCHIVE=/tmp/cov-analysis-${PLATFORM}.tgz |
| 15 | +TOOL_URL=https://scan.coverity.com/download/${PLATFORM} |
| 16 | +TOOL_BASE=/tmp/coverity-scan-analysis |
| 17 | +UPLOAD_URL="https://scan.coverity.com/builds" |
| 18 | +SCAN_URL="https://scan.coverity.com" |
| 19 | + |
| 20 | +# Do not run on pull requests |
| 21 | +if [ "${TRAVIS_PULL_REQUEST}" = "true" ]; then |
| 22 | + echo -e "\033[33;1mINFO: Skipping Coverity Analysis: branch is a pull request.\033[0m" |
| 23 | + exit 0 |
| 24 | +fi |
| 25 | + |
| 26 | +# Verify this branch should run |
| 27 | +IS_COVERITY_SCAN_BRANCH=`ruby -e "puts '${TRAVIS_BRANCH}' =~ /\\A$COVERITY_SCAN_BRANCH_PATTERN\\z/ ? 1 : 0"` |
| 28 | +if [ "$IS_COVERITY_SCAN_BRANCH" = "1" ]; then |
| 29 | + echo -e "\033[33;1mCoverity Scan configured to run on branch ${TRAVIS_BRANCH}\033[0m" |
| 30 | +else |
| 31 | + echo -e "\033[33;1mCoverity Scan NOT configured to run on branch ${TRAVIS_BRANCH}\033[0m" |
| 32 | + exit 1 |
| 33 | +fi |
| 34 | + |
| 35 | +# Verify upload is permitted |
| 36 | +AUTH_RES=`curl -s --form project="$COVERITY_SCAN_PROJECT_NAME" --form token="$COVERITY_SCAN_TOKEN" $SCAN_URL/api/upload_permitted` |
| 37 | +if [ "$AUTH_RES" = "Access denied" ]; then |
| 38 | + echo -e "\033[33;1mCoverity Scan API access denied. Check COVERITY_SCAN_PROJECT_NAME and COVERITY_SCAN_TOKEN.\033[0m" |
| 39 | + exit 1 |
| 40 | +else |
| 41 | + AUTH=`echo $AUTH_RES | ruby -e "require 'rubygems'; require 'json'; puts JSON[STDIN.read]['upload_permitted']"` |
| 42 | + if [ "$AUTH" = "true" ]; then |
| 43 | + echo -e "\033[33;1mCoverity Scan analysis authorized per quota.\033[0m" |
| 44 | + else |
| 45 | + WHEN=`echo $AUTH_RES | ruby -e "require 'rubygems'; require 'json'; puts JSON[STDIN.read]['next_upload_permitted_at']"` |
| 46 | + echo -e "\033[33;1mCoverity Scan analysis NOT authorized until $WHEN.\033[0m" |
| 47 | + |
| 48 | + exit 1 |
| 49 | + fi |
| 50 | +fi |
| 51 | + |
| 52 | +if [ ! -d $TOOL_BASE ]; then |
| 53 | + # Download Coverity Scan Analysis Tool |
| 54 | + if [ ! -e $TOOL_ARCHIVE ]; then |
| 55 | + echo -e "\033[33;1mDownloading Coverity Scan Analysis Tool...\033[0m" |
| 56 | + wget -nv -O $TOOL_ARCHIVE $TOOL_URL --post-data "project=$COVERITY_SCAN_PROJECT_NAME&token=$COVERITY_SCAN_TOKEN" |
| 57 | + fi |
| 58 | + |
| 59 | + # Extract Coverity Scan Analysis Tool |
| 60 | + echo -e "\033[33;1mExtracting Coverity Scan Analysis Tool...\033[0m" |
| 61 | + mkdir -p $TOOL_BASE |
| 62 | + pushd $TOOL_BASE |
| 63 | + tar xzf $TOOL_ARCHIVE |
| 64 | + popd |
| 65 | +fi |
| 66 | + |
| 67 | +TOOL_DIR=`find $TOOL_BASE -type d -name 'cov-analysis*'` |
| 68 | +export PATH=$TOOL_DIR/bin:$PATH |
| 69 | + |
| 70 | +# Build |
| 71 | +echo -e "\033[33;1mRunning Coverity Scan Analysis Tool...\033[0m" |
| 72 | +COV_BUILD_OPTIONS="" |
| 73 | +#COV_BUILD_OPTIONS="--return-emit-failures 8 --parse-error-threshold 85" |
| 74 | +RESULTS_DIR="cov-int" |
| 75 | +eval "${COVERITY_SCAN_BUILD_COMMAND_PREPEND}" |
| 76 | +COVERITY_UNSUPPORTED=1 cov-build --dir $RESULTS_DIR $COV_BUILD_OPTIONS $COVERITY_SCAN_BUILD_COMMAND |
| 77 | +cov-import-scm --dir $RESULTS_DIR --scm git --log $RESULTS_DIR/scm_log.txt 2>&1 |
| 78 | + |
| 79 | +# Upload results |
| 80 | +echo -e "\033[33;1mTarring Coverity Scan Analysis results...\033[0m" |
| 81 | +RESULTS_ARCHIVE=analysis-results.tgz |
| 82 | +tar czf $RESULTS_ARCHIVE $RESULTS_DIR |
| 83 | +SHA=`git rev-parse --short HEAD` |
| 84 | + |
| 85 | +echo -e "\033[33;1mUploading Coverity Scan Analysis results...\033[0m" |
| 86 | +response=$(curl \ |
| 87 | + --silent --write-out "\n%{http_code}\n" \ |
| 88 | + --form project=$COVERITY_SCAN_PROJECT_NAME \ |
| 89 | + --form token=$COVERITY_SCAN_TOKEN \ |
| 90 | + --form email=$COVERITY_SCAN_NOTIFICATION_EMAIL \ |
| 91 | + --form file=@$RESULTS_ARCHIVE \ |
| 92 | + --form version=$SHA \ |
| 93 | + --form description="Travis CI build" \ |
| 94 | + $UPLOAD_URL) |
| 95 | +status_code=$(echo "$response" | sed -n '$p') |
| 96 | +if [ "$status_code" != "201" ]; then |
| 97 | + TEXT=$(echo "$response" | sed '$d') |
| 98 | + echo -e "\033[33;1mCoverity Scan upload failed: $TEXT.\033[0m" |
| 99 | + exit 1 |
| 100 | +fi |
0 commit comments