Coverity: Download all repos with clone.sh
Coverity job will build several TF-M configs in one job. To avoid waste
of resource, download all needed repos with clones.sh at the beginning
of the job, so that CMake will not clone remote git repo when
configuring each single build configuration.
Signed-off-by: Xinyu Zhang <xinyu.zhang@arm.com>
Change-Id: Ia84ca2f3e3c0ae051a950c33ce99e53f207985da
diff --git a/tf-m-coverity.yaml b/tf-m-coverity.yaml
index 8eb29c3..99b393a 100644
--- a/tf-m-coverity.yaml
+++ b/tf-m-coverity.yaml
@@ -18,19 +18,6 @@
skip-tag: true
shallow-clone: true
wipe-workspace: false
-- scm:
- name: trusted-firmware-m
- scm:
- - git:
- url: https://review.trustedfirmware.org/${TF_GERRIT_PROJECT}
- refspec: ${TF_GERRIT_REFSPEC}
- name: origin
- branches:
- - ${TF_GERRIT_BRANCH}
- basedir: trusted-firmware-m
- skip-tag: true
- shallow-clone: false
- wipe-workspace: false
- job:
name: tf-m-coverity
node: docker-amd64-tf-m-bionic
@@ -49,20 +36,61 @@
num-to-keep: 180
parameters:
- string:
- name: TF_GERRIT_PROJECT
- default: 'TF-M/trusted-firmware-m'
+ name: CODE_REPO
+ default: 'https://git.trustedfirmware.org/TF-M/trusted-firmware-m'
- string:
- name: TF_GERRIT_BRANCH
+ name: GERRIT_REFSPEC
default: 'refs/heads/master'
- string:
- name: TF_GERRIT_REFSPEC
- default: '+refs/heads/master:refs/remotes/origin/master'
+ name: CI_SCRIPTS_REPO
+ default: 'https://git.trustedfirmware.org/ci/tf-m-ci-scripts'
+ - string:
+ name: CI_SCRIPTS_BRANCH
+ default: 'master'
+ - string:
+ name: MBEDTLS_VERSION
+ default: ''
+ - string:
+ name: MBEDTLS_URL
+ default: 'https://git.trustedfirmware.org/mirror/mbed-tls.git'
+ - string:
+ name: MCUBOOT_REFSPEC
+ default: ''
+ - string:
+ name: MCUBOOT_URL
+ default: 'https://git.trustedfirmware.org/mirror/mcuboot.git'
+ - string:
+ name: TFM_TESTS_URL
+ default: 'https://git.trustedfirmware.org/TF-M/tf-m-tests.git'
+ - string:
+ name: TFM_TESTS_REFSPEC
+ default: ''
+ - string:
+ name: TFM_EXTRAS_URL
+ default: 'https://git.trustedfirmware.org/TF-M/tf-m-extras.git'
+ - string:
+ name: TFM_EXTRAS_REFSPEC
+ default: ''
+ - string:
+ name: PSA_ARCH_TESTS_URL
+ default: 'https://git.trustedfirmware.org/mirror/psa-arch-tests.git'
+ - string:
+ name: PSA_ARCH_TESTS_VERSION
+ default: ''
+ - string:
+ name: QCBOR_URL
+ default: 'https://github.com/laurencelundblade/QCBOR.git'
+ - string:
+ name: QCBOR_VERSION
+ default: ''
+ - string:
+ name: SHARE_FOLDER
+ default: '/srv/shared/${JOB_NAME}/${BUILD_NUMBER}'
- bool:
name: UPLOAD_TO_COVERITY_SCAN_ONLINE
default: true
scm:
- tf-m-ci-scripts
- - trusted-firmware-m
wrappers:
- timestamps
- credentials-binding:
@@ -74,8 +102,19 @@
#!/bin/bash
set -e
- # Fetch coverity tool and untar it
cd ${WORKSPACE}
+
+ # Download TF-M dependencies to avoid git clone in each config
+ ${WORKSPACE}/tf-m-ci-scripts/clone.sh
+
+ cnt=$(ls trusted-firmware-m/lib/ext/mbedcrypto/*.patch 2> /dev/null | wc -l)
+ if [ "$cnt" != "0" ] ; then
+ cd mbedtls
+ git apply ../trusted-firmware-m/lib/ext/mbedcrypto/*.patch
+ cd -
+ fi
+
+ # Fetch coverity tool and untar it
wget https://scan.coverity.com/download/linux64 \
--quiet \
--post-data "token=${TF_M_COVERITY_SCAN_TOKEN}&project=Trusted+Firmware-M" \