jjb/ci-management/ci-management-coverity.yaml

   1 ---
   2 # Coverity Scan static analysis
   3
   4 - job-template:
   5     name: '{project-name}-coverity'
   6     id: onap-gerrit-maven-coverity
   7     description: >
   8       <hr/>
   9       <h2>How to access Coverity Scan static analysis results</h2>
  10       <ol>
  11         <li>Visit <a href="https://scan.coverity.com/projects/{coverity-project-name}">Coverity Scan
  12           project page</a>.</li>
  13         <li>If you have not been added to the project on Coverity Scan service yet:
  14           <ol>
  15             <li>Click on <a href="https://scan.coverity.com/memberships/new?project_id={coverity-project-name}">
  16               Add me to project</a>.</li>
  17             <li>Wait till the project administrators grant you appropriate permissions.</li>
  18           </ol>
  19         <li>Click on <a href="https://scan.coverity.com/projects/{coverity-project-name}/view_defects">
  20           View Defects</a>.</li>
  21       </ol>
  22       <p>Please note that processing data takes some time. You will get an email when it's done.</p>
  23       <hr/>
  24
  25     project-type: freestyle
  26     node: '{build-node}'
  27     branch: master
  28     build-days-to-keep: 7
  29     build-timeout: 240
  30     cron: '@daily'
  31     disabled: false
  32     dry-run: false
  33     git-url: '$GIT_URL/$PROJECT'
  34     java-version: openjdk8
  35     mvn-global-settings: global-settings
  36     mvn-opts: ''
  37     mvn-params: ''
  38     mvn-version: mvn35
  39     coverity-project-name: ''
  40     coverity-token: ''
  41     coverity-user-email: ''
  42     coverity-search-paths: ''
  43     coverity-search-exclude-regexs: ''
  44     max-git-repo-age-hours: 0
  45     stream: master
  46     submodule-recursive: true
  47     submodule-timeout: 10
  48     submodule-disable: false
  49     archive-artifacts: >
  50       cov-int/BUILD.metrics.xml
  51       cov-int/build-log.txt
  52       cov-int/build-timings.txt
  53       cov-int/cov-import-scm-timings.txt
  54       cov-int/coverity-scan-analysed-files.txt
  55       cov-int/scm-untracked-files.txt
  56       cov-int/failed_jsp/*
  57       cov-int/java-security-da-input.dat
  58       cov-int/java-security-da-whitelist.dat
  59       cov-int/jsp-compilation-log.txt
  60       cov-int/jsp-debug-log.txt
  61       cov-int/security.log
  62
  63     properties:
  64       - lf-infra-properties:
  65           build-days-to-keep: '{build-days-to-keep}'
  66
  67     parameters:
  68       - lf-infra-parameters:
  69           project: '{project}'
  70           branch: '{branch}'
  71           stream: '{stream}'
  72       - lf-infra-maven-parameters:
  73           mvn-opts: '{mvn-opts}'
  74           mvn-params: '{mvn-params}'
  75           mvn-version: '{mvn-version}'
  76       - string:
  77           name: ARCHIVE_ARTIFACTS
  78           default: '{archive-artifacts}'
  79           description: Artifacts to archive to the logs server.
  80       - string:
  81           name: SEARCH_PATHS
  82           default: '{coverity-search-paths}'
  83           description: >
  84             Additional directories to search for files to analyse by Coverity
  85             Scan service (space separated).
  86       - string:
  87           name: SEARCH_EXCLUDE_REGEXS
  88           default: '{coverity-search-exclude-regexs}'
  89           description: >
  90             File path patterns to exclude from analysis by Coverity Scan
  91             service (e.g. 3rd-party or auto-generated sources, space
  92             separated).
  93       - string:
  94           name: COVERITY_USER_EMAIL
  95           default: '{coverity-user-email}'
  96           description: >
  97             E-mail address to receive analysis status report after submittion.
  98             It must be a registered user on Coverity Scan service added as a
  99             member to appropriate Coverity Scan project with "Maintainer/Owner"
 100             role.
 101       - bool:
 102           name: DRY_RUN
 103           default: '{dry-run}'
 104           description: Do not submit results to Coverity Scan server at the end of the build.
 105       - string:
 106           name: 'MAX_GIT_REPO_AGE_HOURS'
 107           default: '{max-git-repo-age-hours}'
 108           description: >
 109             If set to non-zero run the code scan only if there were no git
 110             repository commits last MAX_GIT_REPO_AGE_HOURS hours.
 111             It makes sense to set the value twice the 'cron' interval for the
 112             job (e.g. if 'cron: @daily', then MAX_GIT_REPO_AGE_HOURS=48)
 113
 114     triggers:
 115       - timed: '{obj:cron}'
 116
 117     wrappers:
 118       - lf-infra-wrappers:
 119           build-timeout: '{build-timeout}'
 120           jenkins-ssh-credential: '{jenkins-ssh-credential}'
 121
 122     builders:
 123       - lf-infra-pre-build
 124       - lf-maven-install:
 125           mvn-version: '{mvn-version}'
 126       - lf-update-java-alternatives:
 127           java-version: '{java-version}'
 128       - lf-provide-maven-settings:
 129           global-settings-file: global-settings
 130           settings-file: '{mvn-settings}'
 131       - inject:
 132           properties-content: |
 133             COVERITY_PROJECT_NAME={coverity-project-name}
 134             COVERITY_TOKEN={coverity-token}
 135       - shell: !include-raw-escape:
 136           - ../../global-jjb/shell/common-variables.sh
 137           - ../../shell/maven-coverity.sh
 138       - lf-provide-maven-settings-cleanup
 139
 140     publishers:
 141       - lf-infra-publish
 142
 143     scm:
 144       - lf-infra-gerrit-scm:
 145           jenkins-ssh-credential: '{jenkins-ssh-credential}'
 146           git-url: '{git-url}'
 147           refspec: $GERRIT_REFSPEC
 148           branch: $GERRIT_BRANCH
 149           submodule-recursive: '{submodule-recursive}'
 150           submodule-timeout: '{submodule-timeout}'
 151           submodule-disable: '{submodule-disable}'
 152           choosing-strategy: default