2017-08-08 20:55 GMT+05:00 Steffan Karger <steffan.kar...@fox-it.com>:
> Enable coverity analysis for the release/2.4 branch.
>
> We can only do a limited number of coverity scans per week with our FOSS
> account, but since we only occasionally push commits, that should work out
> fine. But this limit is the reason we don't use the standard travis addon,
> because that would cause the coverity script to run on all of our matrix
> builds. That would cause us to reach our limit faster, and waste travis'
> resources.
>
> Since our FOSS coverity account doesn't handle multiple branches very well,
> we have to pick one branch to run coverity on. I think it's best to use
> the most recent stable branch for that (i.e. for now, release/2.4).
> Though for ease of maintenance, it's probably best to apply the patch to
> both master and release/2.4.
>
I would refactor it like that
https://gist.github.com/chipitsine/8dcae4ff1d59eb43df39f6015c6106fd
however, your is ok as well
>
> Signed-off-by: Steffan Karger <steffan.kar...@fox-it.com>
> ---
> .travis.yml | 8 +++++++-
> .travis/coverity.sh | 17 +++++++++++++++++
> 2 files changed, 24 insertions(+), 1 deletion(-)
> create mode 100755 .travis/coverity.sh
>
> diff --git a/.travis.yml b/.travis.yml
> index db90e03..131d002 100644
> --- a/.travis.yml
> +++ b/.travis.yml
> @@ -21,10 +21,13 @@ env:
> - OPENSSL_VERSION="1.0.2k"
> - OPENSSL_CFLAGS="-I${PREFIX}/include"
> - OPENSSL_LIBS="-L${PREFIX}/lib -lssl -lcrypto"
> + # The next declaration is the encrypted COVERITY_SCAN_TOKEN, created
> + # via the "travis encrypt" command using the project repo's public
> key
> + - secure: "l9mSnEW4LJqjxftH5i1NdDaYfGmQB1mPXnSB3DXnsjzkCWZ+
> yJLfBemfQ0tx/wS7chBYxqUaUIMT0hw4zJVp/LANFJo2vfh//
> ymTS6h0uApRY1ofg9Pp1BFcV1laG6/u8pwSZ2EBy/GhCd3DS436oE8sYBRaFM9FU62L/
> oeQBfJ7r4ID/0eB1b8bqlbD4paty9MHui2P8EZJwR+KAD84prtfpZOcrSMxPh9OUhJxzxUvv
> VoP4s4+lZ5Kgg1bBQ3yzKGDqe8VOgK2BWCEuezqhMMc8oeKmAe7CUkoz5gsGYH++
> k3I9XzP9Z4xeJKoQnC/82qi4xkJmlaOxdionej9bHIcjfRt7D8j1J0U+
> wOj4p8VrDy7yHaxuN2fi0K5MGa/CaXQSrkna8dePniCng+xQ2MY/
> zxuRX2gA6xPNLUyQLU9LqIug7wj4z84Hk9iWib4L20MoPjeEo+
> vAUNq8FtjOPxMuHNpv4iGGx6kgJm7RXl5vC5hxfK6MprrnYe2U5Mcd8jpzag
> KBaKHL3zV2FxX9k0jRO9Mccz7M2WnaV0MQ6zcngzTN4+s0kCjhfGKd2F2ANT2Gkhj3Me36eNHf
> uE0dBbvYCMh4b3Mgd7b/OuXwQWdJ8PjJ1WHXjSOw5sHw1suaV6cEO2Meyz5j1tOkyOi0M9QF+
> LFenQ9vLH4sBCww8U="
>
> matrix:
> include:
> - - env: SSLLIB="openssl"
> + - env: SSLLIB="openssl" RUN_COVERITY="1"
> os: linux
> compiler: gcc
> - env: SSLLIB="openssl" OPENSSL_VERSION="1.1.0f"
> @@ -91,5 +94,8 @@ install:
> - if [ ! -z "${CHOST}" ]; then unset CC; fi
> - .travis/build-deps.sh > build-deps.log 2>&1 || (cat build-deps.log &&
> exit 1)
>
> +before_script:
> + - .travis/coverity.sh
> +
> script:
> - .travis/build-check.sh
> diff --git a/.travis/coverity.sh b/.travis/coverity.sh
> new file mode 100755
> index 0000000..8bb40f4
> --- /dev/null
> +++ b/.travis/coverity.sh
> @@ -0,0 +1,17 @@
> +#!/bin/sh
> +set -eu
> +
> +RUN_COVERITY="${RUN_COVERITY:-0}"
> +
> +export COVERITY_SCAN_PROJECT_NAME="OpenVPN/openvpn"
> +export COVERITY_SCAN_BRANCH_PATTERN="release\/2.4"
> +export COVERITY_SCAN_NOTIFICATION_EMAIL="scan-repo...@openvpn.net"
> +export COVERITY_SCAN_BUILD_COMMAND_PREPEND="autoreconf -vi &&
> ./configure --enable-iproute2 && make clean"
> +export COVERITY_SCAN_BUILD_COMMAND="make"
> +
> +if [ "${RUN_COVERITY}" = "1" ]; then
> + # Ignore exit code, script exits with 1 if we're not on the right
> branch
> + curl -s "https://scan.coverity.com/scripts/travisci_build_
> coverity_scan.sh" | bash || true
> +else
> + echo "Skipping coverity scan because \$RUN_COVERITY != \"1\""
> +fi
> --
> 2.7.4
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Openvpn-devel mailing list
> Openvpn-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-devel
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
