| #!/usr/bin/env bash |
| # SPDX-License-Identifier: LGPL-2.1-or-later |
| |
| set -eux |
| |
| COVERITY_SCAN_TOOL_BASE="/tmp/coverity-scan-analysis" |
| COVERITY_SCAN_PROJECT_NAME="systemd/systemd" |
| |
| function coverity_install_script { |
| local platform tool_url tool_archive |
| |
| platform=$(uname) |
| tool_url="https://scan.coverity.com/download/${platform}" |
| tool_archive="/tmp/cov-analysis-${platform}.tgz" |
| |
| set +x # this is supposed to hide COVERITY_SCAN_TOKEN |
| echo -e "\033[33;1mDownloading Coverity Scan Analysis Tool...\033[0m" |
| wget -nv -O "$tool_archive" "$tool_url" --post-data "project=$COVERITY_SCAN_PROJECT_NAME&token=${COVERITY_SCAN_TOKEN:?}" |
| set -x |
| |
| mkdir -p "$COVERITY_SCAN_TOOL_BASE" |
| pushd "$COVERITY_SCAN_TOOL_BASE" |
| tar xzf "$tool_archive" |
| popd |
| } |
| |
| function run_coverity { |
| local results_dir tool_dir results_archive sha response status_code |
| |
| results_dir="cov-int" |
| tool_dir=$(find "$COVERITY_SCAN_TOOL_BASE" -type d -name 'cov-analysis*') |
| results_archive="analysis-results.tgz" |
| sha=$(git rev-parse --short HEAD) |
| |
| meson -Dman=false build |
| COVERITY_UNSUPPORTED=1 "$tool_dir/bin/cov-build" --dir "$results_dir" sh -c "ninja -C ./build -v" |
| "$tool_dir/bin/cov-import-scm" --dir "$results_dir" --scm git --log "$results_dir/scm_log.txt" |
| |
| tar czf "$results_archive" "$results_dir" |
| |
| set +x # this is supposed to hide COVERITY_SCAN_TOKEN |
| echo -e "\033[33;1mUploading Coverity Scan Analysis results...\033[0m" |
| response=$(curl \ |
| --silent --write-out "\n%{http_code}\n" \ |
| --form project="$COVERITY_SCAN_PROJECT_NAME" \ |
| --form token="${COVERITY_SCAN_TOKEN:?}" \ |
| --form email="${COVERITY_SCAN_NOTIFICATION_EMAIL:?}" \ |
| --form file="@$results_archive" \ |
| --form version="$sha" \ |
| --form description="Daily build" \ |
| https://scan.coverity.com/builds) |
| printf "\033[33;1mThe response is\033[0m\n%s\n" "$response" |
| status_code=$(echo "$response" | sed -n '$p') |
| if [ "$status_code" != "200" ]; then |
| echo -e "\033[33;1mCoverity Scan upload failed: $(echo "$response" | sed '$d').\033[0m" |
| return 1 |
| fi |
| set -x |
| } |
| |
| coverity_install_script |
| run_coverity |