blob: c9a8f5e284964a9bfe69cebdc4d17299613d113e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
|
---
# Coverity Scan static analysis
- job-template:
name: '{project-name}-coverity'
id: onap-gerrit-maven-coverity
description: >
<hr/>
<h2>How to access Coverity Scan static analysis results</h2>
<ol>
<li>Visit <a href="https://scan.coverity.com/projects/{coverity-project-name}">Coverity Scan
project page</a>.</li>
<li>If you have not been added to the project on Coverity Scan service yet:
<ol>
<li>Click on <a href="https://scan.coverity.com/memberships/new?project_id={coverity-project-name}">
Add me to project</a>.</li>
<li>Wait till the project administrators grant you appropriate permissions.</li>
</ol>
<li>Click on <a href="https://scan.coverity.com/projects/{coverity-project-name}/view_defects">
View Defects</a>.</li>
</ol>
<p>Please note that processing data takes some time. You will get an email when it's done.</p>
<p>See more <a href="https://wiki.onap.org/x/Y6vQAw">Coverity Scan HOWTOs</a> on ONAP Developer Wiki.</p>
<hr/>
project-type: freestyle
node: '{build-node}'
branch: master
build-days-to-keep: 7
build-timeout: 240
cron: '@daily'
disabled: false
dry-run: false
git-url: '$GIT_URL/$PROJECT'
java-version: openjdk8
mvn-global-settings: global-settings
mvn-opts: ''
mvn-params: ''
mvn-version: mvn35
coverity-project-name: ''
coverity-token: ''
coverity-user-email: ''
coverity-search-paths: ''
coverity-search-exclude-regexs: ''
max-git-repo-age-hours: 0
stream: master
submodule-recursive: true
submodule-timeout: 10
submodule-disable: false
archive-artifacts: >
cov-int/BUILD.metrics.xml
cov-int/build-log.txt
cov-int/build-timings.txt
cov-int/cov-import-scm-timings.txt
cov-int/coverity-scan-analysed-files.txt
cov-int/scm-untracked-files.txt
cov-int/failed_jsp/*
cov-int/java-security-da-input.dat
cov-int/java-security-da-whitelist.dat
cov-int/jsp-compilation-log.txt
cov-int/jsp-debug-log.txt
cov-int/security.log
properties:
- lf-infra-properties:
build-days-to-keep: '{build-days-to-keep}'
parameters:
- lf-infra-parameters:
project: '{project}'
branch: '{branch}'
stream: '{stream}'
- lf-infra-maven-parameters:
mvn-opts: '{mvn-opts}'
mvn-params: '{mvn-params}'
mvn-version: '{mvn-version}'
- string:
name: ARCHIVE_ARTIFACTS
default: '{archive-artifacts}'
description: Artifacts to archive to the logs server.
- string:
name: SEARCH_PATHS
default: '{coverity-search-paths}'
description: >
Additional directories to search for files to analyse by Coverity
Scan service (space separated).
- string:
name: SEARCH_EXCLUDE_REGEXS
default: '{coverity-search-exclude-regexs}'
description: >
File path patterns to exclude from analysis by Coverity Scan
service (e.g. 3rd-party or auto-generated sources, space
separated).
- string:
name: COVERITY_USER_EMAIL
default: '{coverity-user-email}'
description: >
E-mail address to receive analysis status report after submittion.
It must be a registered user on Coverity Scan service added as a
member to appropriate Coverity Scan project with "Maintainer/Owner"
role.
- bool:
name: DRY_RUN
default: '{dry-run}'
description: Do not submit results to Coverity Scan server at the end of the build.
- string:
name: 'MAX_GIT_REPO_AGE_HOURS'
default: '{max-git-repo-age-hours}'
description: >
If set to non-zero run the code scan only if there were no git
repository commits last MAX_GIT_REPO_AGE_HOURS hours.
It makes sense to set the value twice the 'cron' interval for the
job (e.g. if 'cron: @daily', then MAX_GIT_REPO_AGE_HOURS=48)
triggers:
- timed: '{obj:cron}'
wrappers:
- lf-infra-wrappers:
build-timeout: '{build-timeout}'
jenkins-ssh-credential: '{jenkins-ssh-credential}'
builders:
- lf-infra-pre-build
- lf-maven-install:
mvn-version: '{mvn-version}'
- lf-update-java-alternatives:
java-version: '{java-version}'
- lf-provide-maven-settings:
global-settings-file: global-settings
settings-file: '{mvn-settings}'
- inject:
properties-content: |
COVERITY_PROJECT_NAME={coverity-project-name}
COVERITY_TOKEN={coverity-token}
- shell: !include-raw-escape:
- ../../global-jjb/shell/common-variables.sh
- ../../shell/maven-coverity.sh
- lf-provide-maven-settings-cleanup
publishers:
- lf-infra-publish
scm:
- lf-infra-gerrit-scm:
jenkins-ssh-credential: '{jenkins-ssh-credential}'
git-url: '{git-url}'
refspec: $GERRIT_REFSPEC
branch: $GERRIT_BRANCH
submodule-recursive: '{submodule-recursive}'
submodule-timeout: '{submodule-timeout}'
submodule-disable: '{submodule-disable}'
choosing-strategy: default
|