- job-template:
name: '{project-name}-coverity'
id: onap-gerrit-maven-coverity
+ description: >
+ <hr/>
+ <h2>How to access Coverity Scan static analysis results</h2>
+ <ol>
+ <li>Visit <a href="https://scan.coverity.com/projects/{coverity-project-name}">Coverity Scan
+ project page</a>.</li>
+ <li>If you have not been added to the project on Coverity Scan service yet:
+ <ol>
+ <li>Click on <a href="https://scan.coverity.com/memberships/new?project_id={coverity-project-name}">
+ Add me to project</a>.</li>
+ <li>Wait till the project administrators grant you appropriate permissions.</li>
+ </ol>
+ <li>Click on <a href="https://scan.coverity.com/projects/{coverity-project-name}/view_defects">
+ View Defects</a>.</li>
+ </ol>
+ <p>Please note that processing data takes some time. You will get an email when it's done.</p>
+ <p>See more <a href="https://wiki.onap.org/x/Y6vQAw">Coverity Scan HOWTOs</a> on ONAP Developer Wiki.</p>
+ <hr/>
project-type: freestyle
node: '{build-node}'
-
branch: master
build-days-to-keep: 7
- build-timeout: 60
+ build-timeout: 240
cron: '@daily'
disabled: false
+ dry-run: false
git-url: '$GIT_URL/$PROJECT'
java-version: openjdk8
mvn-global-settings: global-settings
coverity-project-name: ''
coverity-token: ''
coverity-user-email: ''
+ coverity-search-paths: ''
+ coverity-search-exclude-regexs: ''
+ max-git-repo-age-hours: 0
stream: master
submodule-recursive: true
submodule-timeout: 10
submodule-disable: false
archive-artifacts: >
- **/*.log
- **/hs_err_*.log
- **/target/**/feature.xml
- **/target/failsafe-reports/failsafe-summary.xml
- **/target/surefire-reports/*-output.txt
+ cov-int/BUILD.metrics.xml
+ cov-int/build-log.txt
+ cov-int/build-timings.txt
+ cov-int/cov-import-scm-timings.txt
+ cov-int/coverity-scan-analysed-files.txt
+ cov-int/scm-untracked-files.txt
+ cov-int/failed_jsp/*
+ cov-int/java-security-da-input.dat
+ cov-int/java-security-da-whitelist.dat
+ cov-int/jsp-compilation-log.txt
+ cov-int/jsp-debug-log.txt
+ cov-int/security.log
properties:
- lf-infra-properties:
name: ARCHIVE_ARTIFACTS
default: '{archive-artifacts}'
description: Artifacts to archive to the logs server.
+ - string:
+ name: SEARCH_PATHS
+ default: '{coverity-search-paths}'
+ description: >
+ Additional directories to search for files to analyse by Coverity
+ Scan service (space separated).
+ - string:
+ name: SEARCH_EXCLUDE_REGEXS
+ default: '{coverity-search-exclude-regexs}'
+ description: >
+ File path patterns to exclude from analysis by Coverity Scan
+ service (e.g. 3rd-party or auto-generated sources, space
+ separated).
+ - string:
+ name: COVERITY_USER_EMAIL
+ default: '{coverity-user-email}'
+ description: >
+ E-mail address to receive analysis status report after submittion.
+ It must be a registered user on Coverity Scan service added as a
+ member to appropriate Coverity Scan project with "Maintainer/Owner"
+ role.
+ - bool:
+ name: DRY_RUN
+ default: '{dry-run}'
+ description: Do not submit results to Coverity Scan server at the end of the build.
+ - string:
+ name: 'MAX_GIT_REPO_AGE_HOURS'
+ default: '{max-git-repo-age-hours}'
+ description: >
+ If set to non-zero run the code scan only if there were no git
+ repository commits last MAX_GIT_REPO_AGE_HOURS hours.
+ It makes sense to set the value twice the 'cron' interval for the
+ job (e.g. if 'cron: @daily', then MAX_GIT_REPO_AGE_HOURS=48)
triggers:
- timed: '{obj:cron}'
properties-content: |
COVERITY_PROJECT_NAME={coverity-project-name}
COVERITY_TOKEN={coverity-token}
- COVERITY_USER_EMAIL={coverity-user-email}
- shell: !include-raw-escape:
- ../../global-jjb/shell/common-variables.sh
- ../../shell/maven-coverity.sh
Code Review / ci-management.git / blobdiff