aboutsummaryrefslogtreecommitdiff
path: root/scripts/coverity-scan/run-coverity-scan
diff options
context:
space:
mode:
authorPaolo Bonzini <pbonzini@redhat.com>2020-04-22 10:38:57 -0400
committerPaolo Bonzini <pbonzini@redhat.com>2020-06-10 12:09:34 -0400
commitfbb84f074174aa3bb6fde4a63b569a1f7e64f264 (patch)
tree52956f9fe3d2e79b9f0903ab6d43cda1c50b3cc8 /scripts/coverity-scan/run-coverity-scan
parent2e90470e90d660ed03321ba677fba2d5208bc6e4 (diff)
run-coverity-scan: support --update-tools-only --docker
Just build the container when run-coverity-scan is invoked with --update-tools-only --docker. This requires moving the "docker build" logic into the update_coverity_tools function. The only snag is that --update-tools-only --docker requires access to the dockerfile. For now just report an error for --src-tarball, and "docker build" will fail if not in a source tree. Another possibility could be to host our container images on a public registry, and use "FROM qemu:fedora" to make the Dockerfile small enough that it can be included directly in the run-coverity-scan script. Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'scripts/coverity-scan/run-coverity-scan')
-rwxr-xr-xscripts/coverity-scan/run-coverity-scan39
1 files changed, 23 insertions, 16 deletions
diff --git a/scripts/coverity-scan/run-coverity-scan b/scripts/coverity-scan/run-coverity-scan
index 8bff952bf5..03a791dec9 100755
--- a/scripts/coverity-scan/run-coverity-scan
+++ b/scripts/coverity-scan/run-coverity-scan
@@ -95,6 +95,18 @@ check_upload_permissions() {
}
+build_docker_image() {
+ # build docker container including the coverity-scan tools
+ echo "Building docker container..."
+ # TODO: This re-unpacks the tools every time, rather than caching
+ # and reusing the image produced by the COPY of the .tgz file.
+ # Not sure why.
+ tests/docker/docker.py --engine ${DOCKER_ENGINE} build \
+ -t coverity-scanner -f scripts/coverity-scan/coverity-scan.docker \
+ --extra-files scripts/coverity-scan/run-coverity-scan \
+ "$COVERITY_TOOL_BASE"/coverity_tool.tgz
+}
+
update_coverity_tools () {
# Check for whether we need to download the Coverity tools
# (either because we don't have a copy, or because it's out of date)
@@ -128,6 +140,11 @@ update_coverity_tools () {
fi
fi
rm -f coverity_tool.md5.new
+ cd "$SRCDIR"
+
+ if [ "$DOCKER" = yes ]; then
+ build_docker_image
+ fi
}
@@ -252,15 +269,16 @@ fi
PROJNAME=QEMU
TARBALL=cov-int.tar.xz
-if [ "$UPDATE" = only ] && [ "$DOCKER" = yes ]; then
- echo "Combining --docker and --update-only is not supported"
- exit 1
-fi
-
if [ "$UPDATE" = only ]; then
# Just do the tools update; we don't need to check whether
# we are in a source tree or have upload rights for this,
# so do it before some of the command line and source tree checks.
+
+ if [ "$DOCKER" = yes ] && [ ! -z "$SRCTARBALL" ]; then
+ echo --update-tools-only --docker is incompatible with --src-tarball.
+ exit 1
+ fi
+
update_coverity_tools
exit 0
fi
@@ -322,17 +340,6 @@ if [ "$DOCKER" = yes ]; then
echo "Created temporary directory $SECRETDIR"
SECRET="$SECRETDIR/token"
echo "$COVERITY_TOKEN" > "$SECRET"
- if [ "$UPDATE" != no ]; then
- # build docker container including the coverity-scan tools
- echo "Building docker container..."
- # TODO: This re-unpacks the tools every time, rather than caching
- # and reusing the image produced by the COPY of the .tgz file.
- # Not sure why.
- tests/docker/docker.py --engine ${DOCKER_ENGINE} build \
- -t coverity-scanner -f scripts/coverity-scan/coverity-scan.docker \
- --extra-files scripts/coverity-scan/run-coverity-scan \
- "$COVERITY_TOOL_BASE"/coverity_tool.tgz
- fi
echo "Archiving sources to be analyzed..."
./scripts/archive-source.sh "$SECRETDIR/qemu-sources.tgz"
ARGS="--no-update-tools"