Thread (151 messages) 151 messages, 6 authors, 2017-05-11

Re: Automating Coverity, was Re: [PATCH 00/26] Address a couple of issues identified by Coverity

From: Lars Schneider <hidden>
Date: 2017-05-01 11:22:18

On 28 Apr 2017, at 22:29, Johannes Schindelin [off-list ref] wrote:

Hi Stefan,

On Fri, 28 Apr 2017, Stefan Beller wrote:
quoted
On Thu, Apr 27, 2017 at 3:50 PM, Johannes Schindelin
[off-list ref] wrote:
quoted
I still have to find the time to figure out one more detail: how to
download and extract the Coverity tool (the .zip archive has a
variable name for the top-level directory), and doing that only every
once in a while, say, only when there is no previously unpacked tool,
or it is already 4 weeks old.
That is an interesting problem, which I ignored as the older versions of
their tools still works once they release new versions. So I just
manually check every once in a while if they have new versions out
there.

So if you find a nice solution to that problem, let me know, please.
I think I have a working idea (jotting it down in the editor, untested):

	init_or_update_coverity_tool () {
		# check once per week whether there is a new version
		coverity_tool=.git/coverity-tool/
		test ! -d $coverity_tool ||
		test $(($(date +%s)-$(stat -c %Y $coverity_tool))) -gt
			$((7*24*60*60)) ||
		return

		curl --form "token=$(COVERITY.TOKEN)" \
			--form "project=git-for-windows" \
			--time-cond .git/coverity_tool.zip \
			-o .git/coverity_tool.zip.new \
			https://scan.coverity.com/download/win64 &&
		test -f .git/coverity_tool.zip.new || {
			# Try again in a week
			touch $coverity_tool
			return
		}

		mv -f .git/coverity_tool.zip.new .git/coverity_tool.zip ||
		die "Could not overwrite coverity_tool.zip"

		mkdir $coverity_tool.new &&
		(cd $coverity_tool.new &&
		 unzip ../coverity_tool.zip) ||
		die "Could not unpack coverity_tool.zip"

		rm -rf $coverity_tool &&
		mv $coverity_tool.new $coverity_tool ||
		die "Could not switch to new Coverity tool version"
	}

	init_or_update_coverity_tool
	PATH=$(echo $coverity_tool/*/bin):$PATH

I guess I will start from that snippet once I have time to work on that
Coverity automation.

BTW I stumbled over an interesting tidbit today: if you define FLEX_ARRAY
outside of git-compat-util.h, it will not be overridden by Git. That is,
if you want to use 64kB flex arrays by default, you can call

	make CPPFLAGS=-DFLEX_ARRAY=65536

No need to patch the source code.
Looks like Coverity has TravisCI integration and I assume you wouldn't
need to worry about downloading the tool in that setup:
https://scan.coverity.com/travis_ci

I think we should be able to enable it without trouble for the 'master' branch?

Cheers,
Lars
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help