Re: Automating Coverity, was Re: [PATCH 00/26] Address a couple of issues identified by Coverity

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> On 28 Apr 2017, at 22:29, Johannes Schindelin <johannes.schindelin@xxxxxx> wrote:
> 
> Hi Stefan,
> 
> On Fri, 28 Apr 2017, Stefan Beller wrote:
> 
>> On Thu, Apr 27, 2017 at 3:50 PM, Johannes Schindelin
>> <Johannes.Schindelin@xxxxxx> wrote:
>> 
>>> I still have to find the time to figure out one more detail: how to
>>> download and extract the Coverity tool (the .zip archive has a
>>> variable name for the top-level directory), and doing that only every
>>> once in a while, say, only when there is no previously unpacked tool,
>>> or it is already 4 weeks old.
>> 
>> That is an interesting problem, which I ignored as the older versions of
>> their tools still works once they release new versions. So I just
>> manually check every once in a while if they have new versions out
>> there.
>> 
>> So if you find a nice solution to that problem, let me know, please.
> 
> I think I have a working idea (jotting it down in the editor, untested):
> 
> 	init_or_update_coverity_tool () {
> 		# check once per week whether there is a new version
> 		coverity_tool=.git/coverity-tool/
> 		test ! -d $coverity_tool ||
> 		test $(($(date +%s)-$(stat -c %Y $coverity_tool))) -gt
> 			$((7*24*60*60)) ||
> 		return
> 
> 		curl --form "token=$(COVERITY.TOKEN)" \
> 			--form "project=git-for-windows" \
> 			--time-cond .git/coverity_tool.zip \
> 			-o .git/coverity_tool.zip.new \
> 			https://scan.coverity.com/download/win64 &&
> 		test -f .git/coverity_tool.zip.new || {
> 			# Try again in a week
> 			touch $coverity_tool
> 			return
> 		}
> 
> 		mv -f .git/coverity_tool.zip.new .git/coverity_tool.zip ||
> 		die "Could not overwrite coverity_tool.zip"
> 
> 		mkdir $coverity_tool.new &&
> 		(cd $coverity_tool.new &&
> 		 unzip ../coverity_tool.zip) ||
> 		die "Could not unpack coverity_tool.zip"
> 
> 		rm -rf $coverity_tool &&
> 		mv $coverity_tool.new $coverity_tool ||
> 		die "Could not switch to new Coverity tool version"
> 	}
> 
> 	init_or_update_coverity_tool
> 	PATH=$(echo $coverity_tool/*/bin):$PATH
> 
> I guess I will start from that snippet once I have time to work on that
> Coverity automation.
> 
> BTW I stumbled over an interesting tidbit today: if you define FLEX_ARRAY
> outside of git-compat-util.h, it will not be overridden by Git. That is,
> if you want to use 64kB flex arrays by default, you can call
> 
> 	make CPPFLAGS=-DFLEX_ARRAY=65536
> 
> No need to patch the source code.

Looks like Coverity has TravisCI integration and I assume you wouldn't
need to worry about downloading the tool in that setup:
https://scan.coverity.com/travis_ci

I think we should be able to enable it without trouble for the 'master' branch?

Cheers,
Lars



[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]