On Wed, 22 Apr 2020 at 18:26, Paolo Bonzini <pbonz...@redhat.com> wrote: > > Just build the container when run-coverity-scan is invoked with > --update-tools-only --docker. This requires moving the "docker build" > logic into the update_coverity_tools function. > > The only snag is that --update-tools-only --docker requires access to > the dockerfile. For now just report an error for --src-tarball, and > "docker build" will fail if not in a source tree. Another possibility > could be to host our container images on a public registry, and use > "FROM qemu:fedora" to make the Dockerfile small enough that it can be > included directly in the run-coverity-scan script.
FWIW, one reason I didn't use 'FROM qemu:fedora' (or the local equivalent) was because of your report that newer Fedora versions broke the coverity tools. > > Signed-off-by: Paolo Bonzini <pbonz...@redhat.com> > --- Reviewed-by: Peter Maydell <peter.mayd...@linaro.org> thanks -- PMM
