Coverity only provides us as OSS project a single "stream", thus a
single configuration for our project. But we already have 3. However,
we can accumulate results to a certain degree with some tricks: We have
to ensure that the intermediate "make clean" runs are not tracked by
cov-build, the build tracker of Coverity.
That's why we overload the default scan-build script of Travis CI and
Coverity, obtain the original one from our script, patch that version
to run our build script in a way that we have control over what gets
tracked and what not. Nasty, but seems to work sufficiently for now.
In addition, we need to register the ARM cross-compiler via
cov-configure.
At this chance: "description" is no longer used by Coverity - drop it.
.travis.yml | 6 +++---
ci/build-all-configs.sh | 14 +++++++++++++-
ci/coverity-scan-build.sh | 30 ++++++++++++++++++++++++++++++
3 files changed, 46 insertions(+), 4 deletions(-)
create mode 100644 ci/coverity-scan-build.sh
diff --git a/.travis.yml b/.travis.yml
index a5b454e..d7110df 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -39,8 +39,8 @@ addons:
coverity_scan:
project:
name: "siemens/jailhouse"
- description: "Build submitted via Travis CI"
notification_email:
jan.k...@siemens.com
- build_command_prepend: "cp ci/jailhouse-config-x86.h hypervisor/include/jailhouse/config.h"
- build_command: "make KDIR=ci/linux/build-x86"
+ build_script_url:
https://raw.githubusercontent.com/$TRAVIS_REPO_SLUG/$TRAVIS_BRANCH/ci/coverity-scan-build.sh
+ build_command_prepend: "cov-configure --comptype gcc --compiler arm-linux-gnueabihf-gcc --template"
+ build_command: "unused"
branch_pattern: coverity_scan
diff --git a/ci/build-all-configs.sh b/ci/build-all-configs.sh
index fb73bea..8c5ca6e 100755
--- a/ci/build-all-configs.sh
+++ b/ci/build-all-configs.sh
@@ -13,6 +13,12 @@
CONFIGS="x86 banana-pi vexpress"
+PREFIX=
+if [ "$1" == "--cov" ]; then
+ export COVERITY_UNSUPPORTED=1
+ PREFIX="cov-build --append-log --dir $2 $3"
+fi
+
for CONFIG in $CONFIGS; do
echo
echo "*** Building configuration $CONFIG ***"
@@ -30,6 +36,12 @@ for CONFIG in $CONFIGS; do
;;
esac
+ $PREFIX make KDIR=ci/linux/build-$CONFIG ARCH=$ARCH \
+ CROSS_COMPILE=$CROSS_COMPILE
+
+ # Keep the clean run out of sight for cov-build so that results are
+ # accumulated as far as possible. Multiple compilations of the same
+ # file will still leave only the last run in the results.
make KDIR=ci/linux/build-$CONFIG ARCH=$ARCH \
- CROSS_COMPILE=$CROSS_COMPILE clean all
+ CROSS_COMPILE=$CROSS_COMPILE clean
done
diff --git a/ci/coverity-scan-build.sh b/ci/coverity-scan-build.sh
new file mode 100644
index 0000000..b4f0d62
--- /dev/null
+++ b/ci/coverity-scan-build.sh
@@ -0,0 +1,30 @@
+#!/bin/bash
+#
+# Jailhouse, a Linux-based partitioning hypervisor
+#
+# Copyright (c) Siemens AG, 2015
+#
+# Authors:
+# Jan Kiszka <
jan.k...@siemens.com>
+#
+# This work is licensed under the terms of the GNU GPL, version 2. See
+# the COPYING file in the top-level directory.
+#
+
+curl -s
https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh \
+ -o ci/travisci_build_coverity_scan.sh.orig
+
+# Patch the line that starts the build.
+# We need to control this step via our build script.
+sed 's/^COVERITY_UNSUPPORTED=1 cov-build --dir.*/ci\/build-all-configs.sh --cov \$RESULTS_DIR \$COV_BUILD_OPTIONS/' \
+ ci/travisci_build_coverity_scan.sh.orig > ci/travisci_build_coverity_scan.sh
+
+# Check if the patch applied, bail out if not.
+if diff -q ci/travisci_build_coverity_scan.sh.orig \
+ ci/travisci_build_coverity_scan.sh > /dev/null; then
+ echo "Unable to patch Coverity script!"
+ exit 1
+fi
+
+# Run the patched scanner script.
+. ci/travisci_build_coverity_scan.sh
--
2.1.4