TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / ci / tf-m-job-configs.git / 59f7fee186d1501c122f825421f96a4594994890 / . / tf-m-coverity.yaml
blob: ed42c503f227dc2edbc69e1ff54d21b60d87f5dc [file] [log] [blame]
Xinyu Zhang59f7fee2021-05-21 14:04:11 +0800[diff] [blame^]1#-------------------------------------------------------------------------------
2# Copyright (c) 2020-2021, Arm Limited. All rights reserved.
3#
4# SPDX-License-Identifier: BSD-3-Clause
5#
6#-------------------------------------------------------------------------------
7
Leonardo Sandoval472f5d82020-11-30 11:24:13 -0600[diff] [blame]8- scm:
9 name: tf-m-ci-scripts
10 scm:
11 - git:
12 url: https://git.trustedfirmware.org/ci/tf-m-ci-scripts.git
13 refspec: +refs/heads/master:refs/remotes/origin/master
14 name: origin
15 branches:
16 - refs/heads/master
17 basedir: tf-m-ci-scripts
18 skip-tag: true
19 shallow-clone: true
20 wipe-workspace: false
21- scm:
22 name: trusted-firmware-m
23 scm:
24 - git:
25 url: https://review.trustedfirmware.org/${TF_GERRIT_PROJECT}
26 refspec: ${TF_GERRIT_REFSPEC}
27 name: origin
28 branches:
29 - ${TF_GERRIT_BRANCH}
30 basedir: trusted-firmware-m
31 skip-tag: true
32 shallow-clone: false
33 wipe-workspace: false
34- job:
35 name: tf-m-coverity
36 node: docker-amd64-tf-m-bionic
37 project-type: freestyle
38 concurrent: true
39 disabled: false
40 defaults: global
41 description: |
42 Run the Coverity tool on Trusted Firmware M and submit the resulting
43 tarball to <a href="https://scan.coverity.com/projects/trusted-firmware-m-35b064f0-65c2-4afb-9ba9-24aa432fb7fa">Coverity Scan Online</a>.
44 <br/>
45 This job runs <b>every weekday</b> and by default uses the <b>master</b> branch on trustedfirmware.org.
46 properties:
47 - build-discarder:
48 days-to-keep: 180
49 num-to-keep: 180
50 - authorization:
51 anonymous:
52 - job-discover
53 - job-read
54 - job-extended-read
55 - job-workspace
56 lsandov1:
57 - job-read
58 - job-extended-read
59 - job-build
60 - job-cancel
61 - run-update
62 parameters:
63 - string:
64 name: TF_GERRIT_PROJECT
65 default: 'TF-M/trusted-firmware-m'
66 - string:
67 name: TF_GERRIT_BRANCH
68 default: 'refs/heads/master'
69 - string:
70 name: TF_GERRIT_REFSPEC
71 default: '+refs/heads/master:refs/remotes/origin/master'
Leonardo Sandovalec4d5002021-02-03 16:14:45 -0600[diff] [blame]72 - string:
73 name: COVERITY_VERSION
74 default: '2020.09'
Leonardo Sandoval472f5d82020-11-30 11:24:13 -0600[diff] [blame]75 - bool:
76 name: UPLOAD_TO_COVERITY_SCAN_ONLINE
Leonardo Sandovalb20632f2021-03-12 09:11:37 -0600[diff] [blame]77 default: true
Leonardo Sandoval472f5d82020-11-30 11:24:13 -0600[diff] [blame]78 scm:
79 - tf-m-ci-scripts
80 - trusted-firmware-m
81 wrappers:
82 - timestamps
83 - credentials-binding:
84 - text:
85 credential-id: TF-M-COVERITY-SCAN-TOKEN
86 variable: TF_M_COVERITY_SCAN_TOKEN
87 builders:
88 - shell: |-
89 #!/bin/bash
90 set -e
91
92 # Fetch coverity tool and untar it
Leonardo Sandoval472f5d82020-11-30 11:24:13 -0600[diff] [blame]93 cd ${WORKSPACE}
94 wget https://scan.coverity.com/download/linux64 \
95 --quiet \
96 --post-data "token=${TF_M_COVERITY_SCAN_TOKEN}&project=Trusted+Firmware-M" \
97 -O coverity_tool.tgz
98 tar -xzf coverity_tool.tgz
99 mv cov-analysis-linux64-${COVERITY_VERSION} coverity
100 export PATH=${WORKSPACE}/coverity/bin:${PATH}
101
102 # Run coverity
103 cd ${WORKSPACE}/trusted-firmware-m
104 ${WORKSPACE}/tf-m-ci-scripts/run-coverity.py --tf $(pwd)
105
106 - conditional-step:
107 condition-kind: boolean-expression
108 condition-expression: "${UPLOAD_TO_COVERITY_SCAN_ONLINE}"
109 on-evaluation-failure: dont-run
110 steps:
111 - shell: |-
112 #!/bin/bash
113
114 echo "Uploading tarball to Coverity Scan Online..."
115 cd ${WORKSPACE}/trusted-firmware-m
116 GIT_COMMIT=$(git rev-parse HEAD)
117
118 curl \
119 --form token=${TF_M_COVERITY_SCAN_TOKEN} \
120 --form email=Karl.Zhang@arm.com \
121 --form file=@"arm-tf-coverity-results.tgz" \
122 --form version="Commit ${GIT_COMMIT}" \
123 --form description="Build ${BUILD_DISPLAY_NAME}" \
124 https://scan.coverity.com/builds?project=Trusted+Firmware-M
125 triggers:
126 - timed: H H(4-6) * * 1-5