jjb/ci-management/ci-management-coverity.yaml

   1 ---
   2 # Coverity Scan static analysis
   3
   4 - job-template:
   5     name: '{project-name}-coverity'
   6     id: onap-gerrit-maven-coverity
   7     description: >
   8       <hr/>
   9       <h2>How to access Coverity Scan static analysis results</h2>
  10       <ol>
  11         <li>Visit <a href="https://scan.coverity.com/projects/{coverity-project-name}">Coverity Scan
  12           project page</a>.</li>
  13         <li>If you have not been added to the project on Coverity Scan service yet:
  14           <ol>
  15             <li>Click on <a href="https://scan.coverity.com/memberships/new?project_id={coverity-project-name}">
  16               Add me to project</a>.</li>
  17             <li>Wait till the project administrators grant you appropriate permissions.</li>
  18           </ol>
  19         <li>Click on <a href="https://scan.coverity.com/projects/{coverity-project-name}/view_defects">
  20           View Defects</a>.</li>
  21       </ol>
  22       <p>Please note that processing data takes some time. You will get an email when it's done.</p>
  23       <hr/>
  24
  25     project-type: freestyle
  26     node: '{build-node}'
  27     branch: master
  28     build-days-to-keep: 7
  29     build-timeout: 240
  30     cron: '@daily'
  31     disabled: false
  32     dry-run: false
  33     git-url: '$GIT_URL/$PROJECT'
  34     java-version: openjdk8
  35     mvn-global-settings: global-settings
  36     mvn-opts: ''
  37     mvn-params: ''
  38     mvn-version: mvn35
  39     coverity-project-name: ''
  40     coverity-token: ''
  41     coverity-user-email: ''
  42     coverity-search-paths: ''
  43     coverity-search-exclude-regexs: ''
  44     stream: master
  45     submodule-recursive: true
  46     submodule-timeout: 10
  47     submodule-disable: false
  48     archive-artifacts: >
  49       cov-int/BUILD.metrics.xml
  50       cov-int/build-log.txt
  51       cov-int/build-timings.txt
  52       cov-int/cov-import-scm-timings.txt
  53       cov-int/coverity-scan-analysed-files.txt
  54       cov-int/scm-untracked-files.txt
  55       cov-int/failed_jsp/*
  56       cov-int/java-security-da-input.dat
  57       cov-int/java-security-da-whitelist.dat
  58       cov-int/jsp-compilation-log.txt
  59       cov-int/jsp-debug-log.txt
  60       cov-int/security.log
  61
  62     properties:
  63       - lf-infra-properties:
  64           build-days-to-keep: '{build-days-to-keep}'
  65
  66     parameters:
  67       - lf-infra-parameters:
  68           project: '{project}'
  69           branch: '{branch}'
  70           stream: '{stream}'
  71       - lf-infra-maven-parameters:
  72           mvn-opts: '{mvn-opts}'
  73           mvn-params: '{mvn-params}'
  74           mvn-version: '{mvn-version}'
  75       - string:
  76           name: ARCHIVE_ARTIFACTS
  77           default: '{archive-artifacts}'
  78           description: Artifacts to archive to the logs server.
  79       - string:
  80           name: SEARCH_PATHS
  81           default: '{coverity-search-paths}'
  82           description: >
  83             Additional directories to search for files to analyse by Coverity
  84             Scan service (space separated).
  85       - string:
  86           name: SEARCH_EXCLUDE_REGEXS
  87           default: '{coverity-search-exclude-regexs}'
  88           description: >
  89             File path patterns to exclude from analysis by Coverity Scan
  90             service (e.g. 3rd-party or auto-generated sources, space
  91             separated).
  92       - string:
  93           name: COVERITY_USER_EMAIL
  94           default: '{coverity-user-email}'
  95           description: >
  96             E-mail address to receive analysis status report after submittion.
  97             It must be a registered user on Coverity Scan service added as a
  98             member to appropriate Coverity Scan project with "Maintainer/Owner"
  99             role.
 100       - bool:
 101           name: DRY_RUN
 102           default: '{dry-run}'
 103           description: Do not submit results to Coverity Scan server at the end of the build.
 104
 105     triggers:
 106       - timed: '{obj:cron}'
 107
 108     wrappers:
 109       - lf-infra-wrappers:
 110           build-timeout: '{build-timeout}'
 111           jenkins-ssh-credential: '{jenkins-ssh-credential}'
 112
 113     builders:
 114       - lf-infra-pre-build
 115       - lf-maven-install:
 116           mvn-version: '{mvn-version}'
 117       - lf-update-java-alternatives:
 118           java-version: '{java-version}'
 119       - lf-provide-maven-settings:
 120           global-settings-file: global-settings
 121           settings-file: '{mvn-settings}'
 122       - inject:
 123           properties-content: |
 124             COVERITY_PROJECT_NAME={coverity-project-name}
 125             COVERITY_TOKEN={coverity-token}
 126       - shell: !include-raw-escape:
 127           - ../../global-jjb/shell/common-variables.sh
 128           - ../../shell/maven-coverity.sh
 129       - lf-provide-maven-settings-cleanup
 130
 131     publishers:
 132       - lf-infra-publish
 133
 134     scm:
 135       - lf-infra-gerrit-scm:
 136           jenkins-ssh-credential: '{jenkins-ssh-credential}'
 137           git-url: '{git-url}'
 138           refspec: $GERRIT_REFSPEC
 139           branch: $GERRIT_BRANCH
 140           submodule-recursive: '{submodule-recursive}'
 141           submodule-timeout: '{submodule-timeout}'
 142           submodule-disable: '{submodule-disable}'
 143           choosing-strategy: default