shell/maven-coverity.sh

   1 #!/bin/bash
   2
   3 # Copyright 2019 Samsung Electronics Co., Ltd.
   4 #
   5 # Licensed under the Apache License, Version 2.0 (the "License");
   6 # you may not use this file except in compliance with the License.
   7 # You may obtain a copy of the License at
   8 #
   9 # http://www.apache.org/licenses/LICENSE-2.0
  10 #
  11 # Unless required by applicable law or agreed to in writing, software
  12 # distributed under the License is distributed on an "AS IS" BASIS,
  13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14 # See the License for the specific language governing permissions and
  15 # limitations under the License.
  16
  17 set -Eeuxo pipefail
  18 PS4='+['$(readlink -f "$0")' ${FUNCNAME[0]%main}#$LINENO] '
  19
  20 echo '---> maven-coverity.sh'
  21
  22 #-----------------------------------------------------------------------------
  23 # Check if we are allowed to submit results to Coverity Scan service
  24 # and have not exceeded our upload quota limits
  25 # See also: https://scan.coverity.com/faq#frequency
  26
  27 CURL_OUTPUT=$(
  28   curl \
  29     --verbose \
  30     --silent \
  31     --show-error \
  32     --fail \
  33     --form "project=${COVERITY_PROJECT_NAME}" \
  34     --form "token=${COVERITY_TOKEN}" \
  35     'https://scan.coverity.com/api/upload_permitted'
  36 )
  37
  38 IS_COVERITY_UPLOAD_PERMITTED=$(
  39   echo "${CURL_OUTPUT}" \
  40   | jq '.upload_permitted'
  41 )
  42 if [ x"${IS_COVERITY_UPLOAD_PERMITTED}" != x'true' ]; then
  43   echo "Upload quota reached. Next upload permitted at "$(echo "${CURL_OUTPUT}" | jq '.next_upload_permitted_at') >&2
  44   exit 1
  45 fi
  46
  47 #-----------------------------------------------------------------------------
  48 # Get Coverity Scan build tool
  49
  50 curl \
  51   --verbose \
  52   --silent \
  53   --show-error \
  54   --fail \
  55   --form "project=${COVERITY_PROJECT_NAME}" \
  56   --form "token=${COVERITY_TOKEN}" \
  57   --output 'coverity_tool.tgz' \
  58   'https://scan.coverity.com/download/linux64'
  59
  60 tar \
  61   --extract \
  62   --gunzip \
  63   --file='coverity_tool.tgz'
  64
  65 COVERITY_BUILD_TOOL_DIRECTORY=$(
  66   head -1 <( \
  67     tar \
  68       --list \
  69       --gunzip \
  70       --file='coverity_tool.tgz'
  71   )
  72 )
  73 COVERITY_BINARY_DIRECTORY="${COVERITY_BUILD_TOOL_DIRECTORY}bin"
  74 test -d "${COVERITY_BINARY_DIRECTORY}" \
  75   || exit 1
  76 export PATH="${PATH}:${COVERITY_BINARY_DIRECTORY}"
  77
  78 rm 'coverity_tool.tgz'
  79
  80 #-----------------------------------------------------------------------------
  81 # Build
  82
  83 export MAVEN_OPTS
  84
  85 cov-build \
  86   --dir 'cov-int' \
  87   "${MVN}" clean install \
  88     --errors \
  89     --global-settings "${GLOBAL_SETTINGS_FILE}" \
  90     --settings "${SETTINGS_FILE}" \
  91     ${MAVEN_OPTIONS:=} \
  92     ${MAVEN_PARAMS:=}
  93
  94 cov-import-scm \
  95   --dir 'cov-int' \
  96   --scm 'git'
  97
  98 #-----------------------------------------------------------------------------
  99 # Submit results to Coverity service
 100
 101 tar \
 102   --create \
 103   --gzip \
 104   --file='results.tgz' \
 105   'cov-int'
 106
 107 curl \
 108   --verbose \
 109   --silent \
 110   --show-error \
 111   --fail \
 112   --form "project=${COVERITY_PROJECT_NAME}" \
 113   --form "email=${COVERITY_USER_EMAIL}" \
 114   --form "token=${COVERITY_TOKEN}" \
 115   --form 'file=@results.tgz' \
 116   --form "version=${GIT_COMMIT:0:7}" \
 117   --form "description=${GIT_BRANCH}" \
 118   'https://scan.coverity.com/builds'
 119
 120 #-----------------------------------------------------------------------------
 121
 122 exit 0