| #!/usr/bin/env bash |
| |
| set -e |
| |
| # if no DOCKER_TAG is set, warn and default to fedora-30 |
| if [ -z "$DOCKER_TAG" ]; then |
| echo "WARN: DOCKER_TAG is not set, defaulting to fedora-30" |
| export DOCKER_TAG="fedora-30" |
| fi |
| |
| # |
| # Docker starts you in a cloned repo of your project with the PR checkout out. |
| # We want those changes IN the docker image, so use the -v option to mount the |
| # project repo in the docker image. |
| # |
| # Also, pass in any env variables required for the build via .ci/docker.env file |
| # |
| # Execute the build and test procedure by running .ci/docker.run |
| # |
| if [ "$TRAVIS_BRANCH" != "coverity_scan" ]; then |
| echo "Running non-coverity build" |
| # Do normal CI script |
| ci_env=$(bash <(curl -s https://codecov.io/env)) |
| docker run $ci_env --env-file .ci/docker.env \ |
| -v "$(pwd):/workspace/tpm2-tss" "tpm2software/tpm2-tss:$DOCKER_TAG" \ |
| /bin/bash -c '/workspace/tpm2-tss/.ci/docker.run' |
| |
| exit 0 |
| fi |
| |
| # branch is coverity_scan |
| echo "Running coverity build" |
| |
| # Do coverity steps |
| # we don't run with clang and we only run if COVERITY_RUN is true |
| if [[ "$CC" == clang* || "$COVERITY_RUN" != "true" ]]; then |
| echo "Nothing to do on the coverity_scan branch...exiting!" |
| exit 0 |
| fi |
| |
| # ensure coverity_scan tool is available to the container |
| if [ ! -f "$(pwd)/coverity-analysis/bin/cov-build" ]; then |
| wget https://scan.coverity.com/download/linux64 --quiet --post-data "token=$COVERITY_SCAN_TOKEN&project=tpm2-software%2Ftpm2.0-tss" -O coverity_tool.tgz |
| wget https://scan.coverity.com/download/linux64 --quiet --post-data "token=$COVERITY_SCAN_TOKEN&project=tpm2-software%2Ftpm2.0-tss&md5=1" -O coverity_tool.md5 |
| echo "$(cat coverity_tool.md5)" coverity_tool.tgz | md5sum -c |
| fi |
| |
| echo "unpacking cov-analysis" |
| tar -xf coverity_tool.tgz |
| mv cov-analysis-* cov-analysis |
| |
| |
| # perform the scan |
| docker run --env-file .ci/docker.env \ |
| -v "$(pwd):/workspace/tpm2-tss" "tpm2software/tpm2-tss:$DOCKER_TAG" \ |
| /bin/bash -c '/workspace/tpm2-tss/.ci/coverity.run' |
| |
| # upload the results |
| test -f "$(pwd)/tpm2-tss-scan.tgz" |
| |
| echo "Submitting data to Coverity" |
| curl --form token="$COVERITY_SCAN_TOKEN" \ |
| --form email=tadeusz.struk@intel.com \ |
| --form project=tpm2-software/tpm2.0-tss \ |
| --form file=@"$(pwd)/tpm2-tss-scan.tgz" \ |
| --form version="$TRAVIS_COMMIT" \ |
| --form description="$TRAVIS_REPO_SLUG $TRAVIS_BRANCH" \ |
| https://scan.coverity.com/builds?project=tpm2-software%2Ftpm2.0-tss |
| |
| rm -fr tpm2-tss-scan.tgz |
| |
| exit 0 |