Xen project Mailing List

Re: [PATCH 1/2] github: add workflow to run Coverity scans

To: Roger Pau Monne <roger.pau@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx

From: Andrew Cooper <amc96@xxxxxxxx>

Date: Fri, 18 Feb 2022 12:23:47 +0000

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>

Delivery-date: Fri, 18 Feb 2022 12:23:55 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 18/02/2022 12:21, Andrew Cooper wrote: > On 18/02/2022 12:00, Roger Pau Monne wrote: >> Add a workflow that performs a build like it's done by osstest >> Coverity flight and uploads the result to Coverity for analysis. The >> build process is exactly the same as the one currently used in >> osstest, and it's also run at the same time (bi-weekly). >> >> This has one big benefit over using osstest: we no longer have to care >> about keeping the Coverity tools up to date in osstest. >> >> Suggested-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> >> Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> >> --- >> .github/workflows/coverity.yml | 35 ++++++++++++++++++++++++++++++++++ >> 1 file changed, 35 insertions(+) >> create mode 100644 .github/workflows/coverity.yml >> >> diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml >> new file mode 100644 >> index 0000000000..12fc9c782b >> --- /dev/null >> +++ b/.github/workflows/coverity.yml >> @@ -0,0 +1,35 @@ >> +name: Coverity Scan >> + >> +# We only want to test official release code, not every pull request. >> +on: >> + schedule: >> + - cron: '18 9 * * WED,SUN' # Bi-weekly at 9:18 UTC >> + >> +jobs: >> + coverity: >> + runs-on: ubuntu-latest >> + steps: >> + - name: Install build dependencies >> + run: | >> + sudo apt-get install -y wget git bcc bin86 gawk bridge-utils \ >> + iproute2 libcurl4-openssl-dev bzip2 libpci-dev build-essential \ >> + make gcc libc6-dev libc6-dev-i386 linux-libc-dev zlib1g-dev \ >> + libncurses5-dev patch libvncserver-dev libssl-dev libsdl-dev iasl >> \ >> + libbz2-dev e2fslibs-dev git-core uuid-dev ocaml libx11-dev \ >> + ocaml-findlib xz-utils gettext libyajl-dev libpixman-1-dev \ >> + libaio-dev libfdt-dev cabextract libglib2.0-dev autoconf automake >> \ >> + libtool libfuse-dev liblzma-dev ninja-build \ >> + kpartx python3-dev python3-pip golang python-dev libsystemd-dev > We dropped gettext as a dependency a few releases ago, and we don't need > python3-pip either. Can fix on commit. > >> + - uses: actions/checkout@v2 > I think we want > > - uses: actions/checkout@v2 > with: > ref: staging > > Can also fix on commit. > > Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> (mainly because I > can see that Coverity has done the right thing with this.) > >> + - name: Configure Xen >> + run: | >> + ./configure On second thoughts, we can probably --disable-docs here, because it's just wasted processing time when all we care about is the C. ~Andrew

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.