thodg/libgit2/script/coverity.sh
-
Show log
Commit
-
Hash : 50174ab4
Author :
Date : 2016-02-10T11:06:23
coverity: use https URL for posting build When posting our instrumented build results to Coverity we have to include sensitive information, in particular our authorization token. Currently we use an unencrypted channel to post this information, leading to the token being transferred in plain. Fix this by using a secured connection instead.
-
script/coverity.sh
-
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58
#!/bin/bash set -e # Environment check [ -z "$COVERITY_TOKEN" ] && echo "Need to set a coverity token" && exit 1 # Only run this on our branches echo "Pull request: $TRAVIS_PULL_REQUEST | Slug: $TRAVIS_REPO_SLUG" if [ "$TRAVIS_PULL_REQUEST" != "false" -o "$TRAVIS_REPO_SLUG" != "libgit2/libgit2" ]; then echo "Only analyzing 'development' on the main repo." exit 0 fi COV_VERSION=6.6.1 case $(uname -m) in i?86) BITS=32 ;; amd64|x86_64) BITS=64 ;; esac SCAN_TOOL=https://scan.coverity.com/download/linux-${BITS} TOOL_BASE=$(pwd)/_coverity-scan # Install coverity tools if [ ! -d "$TOOL_BASE" ]; then echo "Downloading coverity..." mkdir -p "$TOOL_BASE" pushd "$TOOL_BASE" wget -O coverity_tool.tgz $SCAN_TOOL \ --post-data "project=libgit2&token=$COVERITY_TOKEN" tar xzf coverity_tool.tgz popd TOOL_DIR=$(find "$TOOL_BASE" -type d -name 'cov-analysis*') ln -s "$TOOL_DIR" "$TOOL_BASE"/cov-analysis fi cp script/user_nodefs.h "$TOOL_BASE"/cov-analysis/config/user_nodefs.h COV_BUILD="$TOOL_BASE/cov-analysis/bin/cov-build" # Configure and build rm -rf _build mkdir _build cd _build cmake .. -DTHREADSAFE=ON COVERITY_UNSUPPORTED=1 \ $COV_BUILD --dir cov-int \ cmake --build . # Upload results tar czf libgit2.tgz cov-int SHA=$(git rev-parse --short HEAD) curl \ --form token="$COVERITY_TOKEN" \ --form email=bs@github.com \ --form file=@libgit2.tgz \ --form version="$SHA" \ --form description="Travis build" \ https://scan.coverity.com/builds?project=libgit2