summaryrefslogtreecommitdiffstats
path: root/shell/maven-coverity.sh
AgeCommit message (Collapse)AuthorFilesLines
2019-09-03Move Coverity Scan toolset out of working directoryArtem Naluzhnyy1-8/+9
This is to avoid static code analysis of the Coverity Scan toolset itself. Issue-ID: CIMAN-260 Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com> Change-Id: I32b6a42ce455ab5f7f5334921f6fde7e41d919f2
2019-09-03Add workaround for broken git repo polling by JenkinsArtem Naluzhnyy1-4/+34
To save our Jenkins lab resources and Coverity Scan submission quota we can run the scan if there were recent commits only. At the moment the following JJB configuration does not work properly for ONAP repositories: triggers: - pollscm: cron: '@daily' As a workaround a new job build parameter is introduced - 'max-git-repo-age-hours'. If set to non-zero run the code scan only if there were no git repository commits last max-git-repo-age-hours hours. It makes sense to set the value twice the 'cron' interval for the job (e.g. if 'cron: @daily', then max-git-repo-age-hours=48). Issue-ID: CIMAN-260 Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com> Change-Id: I82ce092e9b8bb423e9db8b3958d6cfa3b527b33b
2019-08-17Make COVERITY_USER_EMAIL, SEARCH_PATHS, SEARCH_EXCLUDE_REGEXS configurableArtem Naluzhnyy1-0/+7
Now the Jenkins job parameters are configurable on the WEB since it's usefull for initial Coverity Scan job setup or tuning process. Issue-ID: CIMAN-260 Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com> Change-Id: I6f2f59416966233c24c1b6bc1847d4ebe19a6985
2019-08-17Add DRY_RUN job parameter to bypass actual submission to Coverity serverArtem Naluzhnyy1-51/+55
The Jebkins job parameter can be used during Coverity Scan job initial configuration or tuning process to avoid unnecessary submission quota exhaustion. Issue-ID: CIMAN-260 Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com> Change-Id: I4dfdf7441b8f31fffa2e4afd62bdd871126cdfd5
2019-08-16Dump list of analysed files not tracked by Git repositoryArtem Naluzhnyy1-2/+13
"cov-int/scm-untracked-files.txt" info may be used as a source for 'coverity-search-exclude-regexs' JJB config option to suppress analysis of external 3rd-party and auto-generated sources. Issue-ID: CIMAN-260 Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com> Change-Id: Ief208e3ac202f5494e9762902f0930890d8c01d8
2019-08-12Add a workaround to suppress specified files from Coverity Scan analysisArtem Naluzhnyy1-8/+29
Re-implement temporary(?) non-functional filter to ignore specific source code parts by Coverity Scan using "--fs-capture-search-exclude-regex" CLI parameter of "cov-build" tool. This functionality is important to filter out e.g. node_modules or src/tests. Instead we can remove all specified files after we got local build results but before we send them to Coverity server. Issue-ID: CIMAN-260 Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com> Change-Id: I1175b593966a8b8732aa3f6841e9c450766de752
2019-08-01Add more attempts to submits Coverity Scan resultsArtem Naluzhnyy1-12/+33
Since the build process takes a lot of time and resources on our Jenkins executors it had better try to resubmit our results to Coverity Scan server if it replies with non-200 HTTP response. Issue-ID: CIMAN-260 Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com> Change-Id: I8fd24d9f4f6181ff6e0817914ac649a140706b7e
2019-07-01Add static code analysis support for JavaScript/Python/Ruby/PHP.Artem Naluzhnyy1-1/+21
Two JJB project parameters have been introduced: * 'coverity-search-paths' - space separated list of paths that contain source code to analyse; * 'coverity-search-exclude-regexs' - space separated list of file name regexps to exclude from analysis. Example: project: name: 'sdc-coverity' jobs: - onap-gerrit-maven-coverity ... coverity-search-paths: 'catalog-ui/src/ openecomp-ui/src/ dox-sequence-diagram-ui/src' coverity-search-exclude-regexs: '/node_modules/' Issue-ID: CIMAN-260 Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com> Change-Id: I8050a75a731c893ec2173f66d2e881fcc0877ed0
2019-06-27Archive Coverity analysed files list to the logs serverArtem Naluzhnyy1-0/+10
The list is stored in "cov-int/coverity-scan-analysed-files.log". Issue-ID: CIMAN-260 Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com> Change-Id: Id27cb466977e0bd11e004fd819f66697ca16c26b
2019-06-12Validate downloaded Coverity tool checksumArtem Naluzhnyy1-0/+14
Issue-ID: CIMAN-260 Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com> Change-Id: I73dae5c4c5bd3dd73957809b4265009b529ebca0
2019-06-12Check Coverity service API usage quotaArtem Naluzhnyy1-0/+25
Check if we are allowed to submit results to Coverity Scan service and have not exceeded our upload quota limits. See also: https://scan.coverity.com/faq#frequency Issue-ID: CIMAN-260 Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com> Change-Id: I71479cfdd8403e717e6c807a8afb5aadad25fdde
2019-06-10Add JJB template for static code analysis by Coverity Scan serviceArtem Naluzhnyy1-0/+97
"onap-gerrit-maven-coverity" JJB template runs 'mvn clean install' and then publishes results to Coverity Scan service for static code analysis. Usage example: - project: name: so-coverity jobs: - onap-gerrit-maven-coverity cron: '@daily' build-node: 'ubuntu1604-builder-4c-4g' project: 'so' project-name: 'so' branch: 'master' mvn-settings: 'so-settings' mvn-goals: 'clean install' mvn-opts: '-Xmx1024m -XX:MaxPermSize=256m' mvn-params: '-Dmaven.test.skip=true' coverity-project-name: 'onap-so' coverity-token: 'PUT COVERITY TOKEN HERE' coverity-user-email: 'PUT USER EMAIL HERE' Issue-ID: CIMAN-260 Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com> Change-Id: I6f4fa6359b5be91932c5a1a1ed7ba0a4068ac152