[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 1/2] github: add workflow to run Coverity scans



On 18/02/2022 12:21, Andrew Cooper wrote:
> On 18/02/2022 12:00, Roger Pau Monne wrote:
>> Add a workflow that performs a build like it's done by osstest
>> Coverity flight and uploads the result to Coverity for analysis. The
>> build process is exactly the same as the one currently used in
>> osstest, and it's also run at the same time (bi-weekly).
>>
>> This has one big benefit over using osstest: we no longer have to care
>> about keeping the Coverity tools up to date in osstest.
>>
>> Suggested-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
>> Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
>> ---
>>  .github/workflows/coverity.yml | 35 ++++++++++++++++++++++++++++++++++
>>  1 file changed, 35 insertions(+)
>>  create mode 100644 .github/workflows/coverity.yml
>>
>> diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
>> new file mode 100644
>> index 0000000000..12fc9c782b
>> --- /dev/null
>> +++ b/.github/workflows/coverity.yml
>> @@ -0,0 +1,35 @@
>> +name: Coverity Scan
>> +
>> +# We only want to test official release code, not every pull request.
>> +on:
>> +  schedule:
>> +    - cron: '18 9 * * WED,SUN' # Bi-weekly at 9:18 UTC
>> +
>> +jobs:
>> +  coverity:
>> +    runs-on: ubuntu-latest
>> +    steps:
>> +    - name: Install build dependencies
>> +      run: |
>> +        sudo apt-get install -y wget git bcc bin86 gawk bridge-utils \
>> +          iproute2 libcurl4-openssl-dev bzip2 libpci-dev build-essential \
>> +          make gcc libc6-dev libc6-dev-i386 linux-libc-dev zlib1g-dev \
>> +          libncurses5-dev patch libvncserver-dev libssl-dev libsdl-dev iasl 
>> \
>> +          libbz2-dev e2fslibs-dev git-core uuid-dev ocaml libx11-dev \
>> +          ocaml-findlib xz-utils gettext libyajl-dev libpixman-1-dev \
>> +          libaio-dev libfdt-dev cabextract libglib2.0-dev autoconf automake 
>> \
>> +          libtool libfuse-dev liblzma-dev ninja-build \
>> +          kpartx python3-dev python3-pip golang python-dev libsystemd-dev
> We dropped gettext as a dependency a few releases ago, and we don't need
> python3-pip either.  Can fix on commit.
>
>> +    - uses: actions/checkout@v2
> I think we want
>
> - uses: actions/checkout@v2
>   with:
>     ref: staging
>
> Can also fix on commit.
>
> Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> (mainly because I
> can see that Coverity has done the right thing with this.)
>
>> +    - name: Configure Xen
>> +      run: |
>> +        ./configure

On second thoughts, we can probably --disable-docs here, because it's
just wasted processing time when all we care about is the C.

~Andrew



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.