Age | Commit message (Collapse) | Author | Files | Lines |
|
Issue-ID: CIMAN-260
Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com>
Change-Id: I6b02c57f03b6b8ff9576924e712ed517225822de
|
|
This is to avoid static code analysis of the Coverity Scan toolset itself.
Issue-ID: CIMAN-260
Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com>
Change-Id: I32b6a42ce455ab5f7f5334921f6fde7e41d919f2
|
|
To save our Jenkins lab resources and Coverity Scan submission quota we
can run the scan if there were recent commits only.
At the moment the following JJB configuration does not work properly for
ONAP repositories:
triggers:
- pollscm:
cron: '@daily'
As a workaround a new job build parameter is introduced -
'max-git-repo-age-hours'. If set to non-zero run the code scan only if
there were no git repository commits last max-git-repo-age-hours hours.
It makes sense to set the value twice the 'cron' interval for the job
(e.g. if 'cron: @daily', then max-git-repo-age-hours=48).
Issue-ID: CIMAN-260
Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com>
Change-Id: I82ce092e9b8bb423e9db8b3958d6cfa3b527b33b
|
|
Now the Jenkins job parameters are configurable on the WEB since it's
usefull for initial Coverity Scan job setup or tuning process.
Issue-ID: CIMAN-260
Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com>
Change-Id: I6f2f59416966233c24c1b6bc1847d4ebe19a6985
|
|
The Jebkins job parameter can be used during Coverity Scan job initial
configuration or tuning process to avoid unnecessary submission quota
exhaustion.
Issue-ID: CIMAN-260
Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com>
Change-Id: I4dfdf7441b8f31fffa2e4afd62bdd871126cdfd5
|
|
"cov-int/scm-untracked-files.txt" info may be used as a source for
'coverity-search-exclude-regexs' JJB config option to suppress analysis
of external 3rd-party and auto-generated sources.
Issue-ID: CIMAN-260
Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com>
Change-Id: Ief208e3ac202f5494e9762902f0930890d8c01d8
|
|
Re-implement temporary(?) non-functional filter to ignore specific source
code parts by Coverity Scan using "--fs-capture-search-exclude-regex" CLI
parameter of "cov-build" tool. This functionality is important to
filter out e.g. node_modules or src/tests. Instead we can remove all
specified files after we got local build results but before we send them
to Coverity server.
Issue-ID: CIMAN-260
Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com>
Change-Id: I1175b593966a8b8732aa3f6841e9c450766de752
|
|
Since the build process takes a lot of time and resources on our Jenkins
executors it had better try to resubmit our results to Coverity Scan
server if it replies with non-200 HTTP response.
Issue-ID: CIMAN-260
Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com>
Change-Id: I8fd24d9f4f6181ff6e0817914ac649a140706b7e
|
|
Two JJB project parameters have been introduced:
* 'coverity-search-paths' - space separated list of paths that contain
source code to analyse;
* 'coverity-search-exclude-regexs' - space separated list of file name
regexps to exclude from analysis.
Example:
project:
name: 'sdc-coverity'
jobs:
- onap-gerrit-maven-coverity
...
coverity-search-paths: 'catalog-ui/src/ openecomp-ui/src/ dox-sequence-diagram-ui/src'
coverity-search-exclude-regexs: '/node_modules/'
Issue-ID: CIMAN-260
Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com>
Change-Id: I8050a75a731c893ec2173f66d2e881fcc0877ed0
|
|
The list is stored in "cov-int/coverity-scan-analysed-files.log".
Issue-ID: CIMAN-260
Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com>
Change-Id: Id27cb466977e0bd11e004fd819f66697ca16c26b
|
|
Issue-ID: CIMAN-260
Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com>
Change-Id: I73dae5c4c5bd3dd73957809b4265009b529ebca0
|
|
Check if we are allowed to submit results to Coverity Scan service and have
not exceeded our upload quota limits. See also: https://scan.coverity.com/faq#frequency
Issue-ID: CIMAN-260
Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com>
Change-Id: I71479cfdd8403e717e6c807a8afb5aadad25fdde
|
|
"onap-gerrit-maven-coverity" JJB template runs 'mvn clean install' and then
publishes results to Coverity Scan service for static code analysis.
Usage example:
- project:
name: so-coverity
jobs:
- onap-gerrit-maven-coverity
cron: '@daily'
build-node: 'ubuntu1604-builder-4c-4g'
project: 'so'
project-name: 'so'
branch: 'master'
mvn-settings: 'so-settings'
mvn-goals: 'clean install'
mvn-opts: '-Xmx1024m -XX:MaxPermSize=256m'
mvn-params: '-Dmaven.test.skip=true'
coverity-project-name: 'onap-so'
coverity-token: 'PUT COVERITY TOKEN HERE'
coverity-user-email: 'PUT USER EMAIL HERE'
Issue-ID: CIMAN-260
Signed-off-by: Artem Naluzhnyy <A.Naluzhnyy@samsung.com>
Change-Id: I6f4fa6359b5be91932c5a1a1ed7ba0a4068ac152
|