Re: [PATCH 1/2] github: add workflow to run Coverity scans

[Brian Olson <bjolson1278@xxxxxxxxx>]

Can someone please tell me how to remove my email account from this 
list? Thank you.
On 2/18/22 07:36, Roger Pau Monné wrote:
> On Fri, Feb 18, 2022 at 12:23:47PM +0000, Andrew Cooper wrote:
> > On 18/02/2022 12:21, Andrew Cooper wrote:
> > > On 18/02/2022 12:00, Roger Pau Monne wrote:
> > > > Add a workflow that performs a build like it's done by osstest
> > > > Coverity flight and uploads the result to Coverity for analysis. The
> > > > build process is exactly the same as the one currently used in
> > > > osstest, and it's also run at the same time (bi-weekly).
> > > >
> > > > This has one big benefit over using osstest: we no longer have to care
> > > > about keeping the Coverity tools up to date in osstest.
> > > >
> > > > Suggested-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> > > > Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
> > > > ---
> > > >   .github/workflows/coverity.yml | 35 ++++++++++++++++++++++++++++++++++
> > > >   1 file changed, 35 insertions(+)
> > > >   create mode 100644 .github/workflows/coverity.yml
> > > >
> > > > diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
> > > > new file mode 100644
> > > > index 0000000000..12fc9c782b
> > > > --- /dev/null
> > > > +++ b/.github/workflows/coverity.yml
> > > > @@ -0,0 +1,35 @@
> > > > +name: Coverity Scan
> > > > +
> > > > +# We only want to test official release code, not every pull request.
> > > > +on:
> > > > +  schedule:
> > > > +    - cron: '18 9 * * WED,SUN' # Bi-weekly at 9:18 UTC
> > > > +
> > > > +jobs:
> > > > +  coverity:
> > > > +    runs-on: ubuntu-latest
> > > > +    steps:
> > > > +    - name: Install build dependencies
> > > > +      run: |
> > > > +        sudo apt-get install -y wget git bcc bin86 gawk bridge-utils \
> > > > +          iproute2 libcurl4-openssl-dev bzip2 libpci-dev build-essential \
> > > > +          make gcc libc6-dev libc6-dev-i386 linux-libc-dev zlib1g-dev \
> > > > +          libncurses5-dev patch libvncserver-dev libssl-dev libsdl-dev iasl \
> > > > +          libbz2-dev e2fslibs-dev git-core uuid-dev ocaml libx11-dev \
> > > > +          ocaml-findlib xz-utils gettext libyajl-dev libpixman-1-dev \
> > > > +          libaio-dev libfdt-dev cabextract libglib2.0-dev autoconf automake \
> > > > +          libtool libfuse-dev liblzma-dev ninja-build \
> > > > +          kpartx python3-dev python3-pip golang python-dev libsystemd-dev
> > > We dropped gettext as a dependency a few releases ago, and we don't need
> > > python3-pip either.  Can fix on commit.
> > >
> > > > +    - uses: actions/checkout@v2
> > > I think we want
> > >
> > > - uses: actions/checkout@v2
> > >    with:
> > >      ref: staging
> > >
> > > Can also fix on commit.
> > >
> > > Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> (mainly because I
> > > can see that Coverity has done the right thing with this.)
> > >
> > > > +    - name: Configure Xen
> > > > +      run: |
> > > > +        ./configure
> > On second thoughts, we can probably --disable-docs here, because it's
> > just wasted processing time when all we care about is the C.
> We do not build the docs already, because the build command is `make
> xen tools`.
>
> Thanks, Roger.