forked from YaronKoller/envoy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdo_coverity_local.sh
executable file
·54 lines (46 loc) · 1.78 KB
/
do_coverity_local.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
#!/bin/bash
#
# do_coverity_local.sh
#
# This script builds Envoy with the Coverity Scan Built Tool.
#
# It expects the following environment variables to be set:
# COVERITY_TOKEN - set to the user's Coverity Scan project token.
# COVERITY_USER_EMAIL - set to the email address used with the Coverity account.
# defaults to the local git config user.email.
set -e
. ./ci/envoy_build_sha.sh
[[ -z "${ENVOY_DOCKER_BUILD_DIR}" ]] && ENVOY_DOCKER_BUILD_DIR=/tmp/envoy-docker-build
mkdir -p "${ENVOY_DOCKER_BUILD_DIR}"
TEST_TYPE="bazel.coverity"
COVERITY_USER_EMAIL="${COVERITY_USER_EMAIL:-$(git config user.email)}"
COVERITY_OUTPUT_FILE="${ENVOY_DOCKER_BUILD_DIR}"/envoy/source/exe/envoy-coverity-output.tgz
if [ -n "${COVERITY_TOKEN}" ]
then
pushd "${ENVOY_DOCKER_BUILD_DIR}"
rm -rf cov-analysis
wget https://scan.coverity.com/download/linux64 --post-data "token=${COVERITY_TOKEN}&project=Envoy+Proxy" -O coverity_tool.tgz
tar xvf coverity_tool.tgz
mv cov-analysis-linux* cov-analysis
popd
else
echo "ERROR: COVERITY_TOKEN is required to download and run Coverity Scan."
exit 1
fi
ci/run_envoy_docker.sh "ci/do_ci.sh ${TEST_TYPE}"
# Check the artifact size as an approximation for determining if the scan tool was successful.
if [[ $(find "${COVERITY_OUTPUT_FILE}" -type f -size +256M 2>/dev/null) ]]
then
echo "Uploading Coverity Scan build"
curl \
--form token="${COVERITY_TOKEN}" \
--form email="${COVERITY_USER_EMAIL}" \
--form file=@"${COVERITY_OUTPUT_FILE}" \
--form version="${ENVOY_BUILD_SHA}" \
--form description="Envoy Proxy Build ${ENVOY_BUILD_SHA}" \
https://scan.coverity.com/projects/envoy-proxy
else
echo "Coverity Scan output file appears to be too small."
echo "Not submitting build for analysis."
exit 1
fi