[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 1/2] github: add workflow to run Coverity scans



Can someone please tell me how to remove my email account from this list? Thank you.

On 2/18/22 07:36, Roger Pau Monné wrote:
On Fri, Feb 18, 2022 at 12:23:47PM +0000, Andrew Cooper wrote:
On 18/02/2022 12:21, Andrew Cooper wrote:
On 18/02/2022 12:00, Roger Pau Monne wrote:
Add a workflow that performs a build like it's done by osstest
Coverity flight and uploads the result to Coverity for analysis. The
build process is exactly the same as the one currently used in
osstest, and it's also run at the same time (bi-weekly).

This has one big benefit over using osstest: we no longer have to care
about keeping the Coverity tools up to date in osstest.

Suggested-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
---
  .github/workflows/coverity.yml | 35 ++++++++++++++++++++++++++++++++++
  1 file changed, 35 insertions(+)
  create mode 100644 .github/workflows/coverity.yml

diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
new file mode 100644
index 0000000000..12fc9c782b
--- /dev/null
+++ b/.github/workflows/coverity.yml
@@ -0,0 +1,35 @@
+name: Coverity Scan
+
+# We only want to test official release code, not every pull request.
+on:
+  schedule:
+    - cron: '18 9 * * WED,SUN' # Bi-weekly at 9:18 UTC
+
+jobs:
+  coverity:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Install build dependencies
+      run: |
+        sudo apt-get install -y wget git bcc bin86 gawk bridge-utils \
+          iproute2 libcurl4-openssl-dev bzip2 libpci-dev build-essential \
+          make gcc libc6-dev libc6-dev-i386 linux-libc-dev zlib1g-dev \
+          libncurses5-dev patch libvncserver-dev libssl-dev libsdl-dev iasl \
+          libbz2-dev e2fslibs-dev git-core uuid-dev ocaml libx11-dev \
+          ocaml-findlib xz-utils gettext libyajl-dev libpixman-1-dev \
+          libaio-dev libfdt-dev cabextract libglib2.0-dev autoconf automake \
+          libtool libfuse-dev liblzma-dev ninja-build \
+          kpartx python3-dev python3-pip golang python-dev libsystemd-dev
We dropped gettext as a dependency a few releases ago, and we don't need
python3-pip either.  Can fix on commit.

+    - uses: actions/checkout@v2
I think we want

- uses: actions/checkout@v2
   with:
     ref: staging

Can also fix on commit.

Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> (mainly because I
can see that Coverity has done the right thing with this.)

+    - name: Configure Xen
+      run: |
+        ./configure
On second thoughts, we can probably --disable-docs here, because it's
just wasted processing time when all we care about is the C.
We do not build the docs already, because the build command is `make
xen tools`.

Thanks, Roger.




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.