[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 1/2] github: add workflow to run Coverity scans


  • To: Roger Pau Monne <roger.pau@xxxxxxxxxx>, Andrew Cooper <amc96@xxxxxxxx>
  • From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • Date: Fri, 18 Feb 2022 12:58:52 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=lddUhaVDBPtq6QBodkEwUXilrGgtaPioD/w3S4ycJKc=; b=Fos/PXbDqM8INz22x/3RC021KBKVv0dKdJMZI9YkQ50klf6U+f00qnz5QOXSNqaOzRbpoXrU1TcxVFD0MYqsXyBYqaiMcywLkoA6o94HpWJHIqPAcmUM35hUpEPSwKnSJiVc66Lkn7eZDnn8J1df3tyWL25en1s7YJl282KcD8W2ampnPz5Z+0JC05M46li00Pes48EHZ0YR+L2qycVVU6womqrhG5EN4Q+TPKOjKnDO1KbehpU/2J951IzhXJILFAVTHzXg4b+CuOCKGXw0iLj6Ye7Rjn59bbJYrsGKHU8c1lGNXAsXh+kiznRHdqG2SpZHRwr5AuwKPZIri6VuPw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UKpx8OtfNiKqpj3E7/+4tU8un8NBhKyBfhswN6EkyGZNK0zZL0iLDIWpghTVWdOnleuior3KqFJu3Pio/OHw3ix9LEIRfFFWkbZjUWWqIUFzxJYz82e4n7HCZe6J860nPGZJFzOiW/xNWepU6JjzCAKhTrMsPP7Fk0FJM+oUKcB89QmKu8uXXZG5p9tHZWaipl2ZvMsV3hcDvNZtrEH09BarOxtyNQ+UyIG8lKkQDlzVNFIaki+WGi1DZKimQIGkP9b6HY2hdkHgAcde7FEtqfQpDDELaVE4aTNZFapHwJds4zqenRUw+MWeIYvMCOetu7d0BqK4m/wqIQw86+Eolg==
  • Authentication-results: esa3.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "George Dunlap" <George.Dunlap@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, "Julien Grall" <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
  • Delivery-date: Fri, 18 Feb 2022 12:59:15 +0000
  • Ironport-data: A9a23:WjBE/al7ZGZdlctGccME1nzo5gxLJkRdPkR7XQ2eYbSJt1+Wr1Gzt xIZDTjSM/qIYzD8fYx/Ooi09h4FuceGzN9qTAVu+Xo3QyMWpZLJC+rCIxarNUt+DCFioGGLT Sk6QoOdRCzhZiaE/n9BCpC48T8kk/vgqoPUUIYoAAgoLeNfYHpn2UILd9IR2NYy24DjWlPV4 LsenuWEULOb828sWo4rw/rrRCNH5JwebxtB4zTSzdgS1LPvvyF94KA3fMldHFOhKmVgJcaoR v6r8V2M1jixEyHBqD+Suu2TnkUiGtY+NOUV45Zcc/DKbhNq/kTe3kunXRa1hIg+ZzihxrhMJ NtxWZOYaisCJJeLpMYhCzIGFSNmAqYe+aDFCC3q2SCT5xWun3rExvxvCAc9PJEC+/YxCmZLn RAaAGlTNFbZ3bvwme/lDLk37iggBJCD0Ic3k3ds1zzGS90hRojOWf7i7t5ExjYgwMtJGJ4yY uJHNWc2MUSfOnWjPH8zUY8PxN2yo0DvLQBq9lyPpoMdzU/6mVkZPL/Fb4OOJ43iqd9utkSFo mPL+UzpDxdcM8aQoRKe6W6ljOLLmSL9WaoRGae++/osh0ecrkQMDDUGWF39puO24ma3XtkOd WQP4CEg664/6CSDXtT7GhG1vnOAlhodQMZLVf037hmXzajZ6BrfAXILJhZDYtE7sM49RRQxy 0SE2djuAFRSXKa9ECzHsO3O9HXrZHZTfTRqiTI4oRUtwPXIurt0sjDzFv09FqytsdatGC7y6 mXfxMQhvIk7gckO3qS92FnIhTOwu5TEJjIIChXrsnGNtV0gOtP8D2C8wR2CtKsbct7FJrWUl CVcw6CjAPYy4YZhfcBnaMEEB/mX6vmMK1UwanY/TsB6p1xBF5NOFL28AQ2Sxm81Y67omhezO Sc/XD+9ArcKbRNGioctPuqM5zwCl/SIKDgcfqm8giBySpZwbhSb2ypleFSd2Wvg+GB1z/1iY M3HKZfwUy9AYUiC8NZQb75MuVPM7npjrV4/uLihl0j3uVZgTCX9pUg53KumMblisfLsTPT9+ NdDLcqaoyizo8WlChQ7BbU7dAhQRVBiXMieg5UOKoarf1o3cEl8WqS56e5wJORYc1F9y76gE oeVARQDljISRBTvdG23V5yUQOmxBc0m9SpjZ0TB/z+AghAeXGpm149GH7Mfdrg77u1zi/lyS vgOYcKbBfpTDD/A/lwggVPV9eSOqDzDadqyAheY
  • Ironport-hdrordr: A9a23:9JUbQKnF2h4LBPiOjDy/Y3cCTBLpDfOKimdD5ihNYBxZY6Wkfp +V8sjzhCWatN9OYh0dcIi7SdW9qXO1z+8Q3WGIVY3SHTUOy1HYU72KirGSgwEIeheOuNK1sJ 0AT0EQMqyJMbEXt7eZ3OD8Kadc/DDlytHquQ699QYXcegCUcgJhG0Vanf5LqQ1fng9OXNQLu vA2iMtnUvGRZ1jVLXDOpBzZZmkmzSkruOCXTc2QzocrCWehzKh77D3VzKC2A0Fbj9JybA+tU DYjg3Q/MyYwrOG4y6Z81WWw4VdmdPnxNcGLteLkNIpJjLljRvtTJh9WoeFoCs+rIiUmRMXeZ j30lMd1vZImjXsl1KO0ELQMs7boW4TAkrZuBilaL3Y0JfErXwBepB8bMliA2XkAgIbzaBBOe Rwrj6kXtNsfGD9dG6W3am5azh60kWzunYsiugVkjhWVpYfcqZYqcgF8FpSC4poJlO21GkLKp gkMCjn3ocdTbpaVQGvgkB/hNi3GngjFBaPRUYP/sSTzjhNhXh8i08V3tYWkHsM/I80D8As3Z WKDo140LVVCsMGZ6N0A+kMBcOxF2zWWBrJdGafO07uGq0LM2/E75T3/LI27ue3f4Fg9up/pL 3RFFdD8WIicUPnDsODmJVN7xDWWW24GS/gz8lPjqIJ8oEUhICbeBFrZGpe5vdIks9vdPEzAc zDSq6+K8WTWVfTJQ==
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHYJL8wuvXnHhxuC0qfnAoHQI92b6yZOqQAgAABpYCAAAjHAA==
  • Thread-topic: [PATCH 1/2] github: add workflow to run Coverity scans

On 18/02/2022 12:27, Roger Pau Monne wrote:
> On Fri, Feb 18, 2022 at 12:21:34PM +0000, Andrew Cooper wrote:
>> On 18/02/2022 12:00, Roger Pau Monne wrote:
>>> Add a workflow that performs a build like it's done by osstest
>>> Coverity flight and uploads the result to Coverity for analysis. The
>>> build process is exactly the same as the one currently used in
>>> osstest, and it's also run at the same time (bi-weekly).
>>>
>>> This has one big benefit over using osstest: we no longer have to care
>>> about keeping the Coverity tools up to date in osstest.
>>>
>>> Suggested-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
>>> Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
>>> ---
>>>  .github/workflows/coverity.yml | 35 ++++++++++++++++++++++++++++++++++
>>>  1 file changed, 35 insertions(+)
>>>  create mode 100644 .github/workflows/coverity.yml
>>>
>>> diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
>>> new file mode 100644
>>> index 0000000000..12fc9c782b
>>> --- /dev/null
>>> +++ b/.github/workflows/coverity.yml
>>> @@ -0,0 +1,35 @@
>>> +name: Coverity Scan
>>> +
>>> +# We only want to test official release code, not every pull request.
>>> +on:
>>> +  schedule:
>>> +    - cron: '18 9 * * WED,SUN' # Bi-weekly at 9:18 UTC
>>> +
>>> +jobs:
>>> +  coverity:
>>> +    runs-on: ubuntu-latest
>>> +    steps:
>>> +    - name: Install build dependencies
>>> +      run: |
>>> +        sudo apt-get install -y wget git bcc bin86 gawk bridge-utils \
>>> +          iproute2 libcurl4-openssl-dev bzip2 libpci-dev build-essential \
>>> +          make gcc libc6-dev libc6-dev-i386 linux-libc-dev zlib1g-dev \
>>> +          libncurses5-dev patch libvncserver-dev libssl-dev libsdl-dev 
>>> iasl \
>>> +          libbz2-dev e2fslibs-dev git-core uuid-dev ocaml libx11-dev \
>>> +          ocaml-findlib xz-utils gettext libyajl-dev libpixman-1-dev \
>>> +          libaio-dev libfdt-dev cabextract libglib2.0-dev autoconf 
>>> automake \
>>> +          libtool libfuse-dev liblzma-dev ninja-build \
>>> +          kpartx python3-dev python3-pip golang python-dev libsystemd-dev
>> We dropped gettext as a dependency a few releases ago, and we don't need
>> python3-pip either.  Can fix on commit.
>>
>>> +    - uses: actions/checkout@v2
>> I think we want
>>
>> - uses: actions/checkout@v2
>>   with:
>>     ref: staging
> I've assumed we wanted master as that at least functional per the
> testing done in osstest. But maybe it's indeed better to use staging
> in order to catch issues before they reach master.

IIRC, OSSTest has Coverity following smoke, but these days we're far
better are not breaking the build now that Gitlab CI is in place.

But it might be prudent to check that if the build fails, we don't
submit a partial result to Coverity.

The difference between staging and master is purely how early we get the
report.

~Andrew

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.