From: Paolo Bonzini <pbonzini@redhat.com>
To: qemu-devel@nongnu.org
Cc: peter.maydell@linaro.org, berrange@redhat.com
Subject: [PATCH 1/2] run-coverity-scan: add --check-upload-only option
Date: Tue, 5 Mar 2024 20:09:01 +0100 [thread overview]
Message-ID: <20240305190902.364753-2-pbonzini@redhat.com> (raw)
In-Reply-To: <20240305190902.364753-1-pbonzini@redhat.com>
Add an option to check if upload is permitted without actually
attempting a build. This can be useful to add a third outcome
beyond success and failure---namely, a CI job can self-cancel
if the uploading quota has been reached.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
scripts/coverity-scan/run-coverity-scan | 51 ++++++++++++++++++-------
1 file changed, 38 insertions(+), 13 deletions(-)
diff --git a/scripts/coverity-scan/run-coverity-scan b/scripts/coverity-scan/run-coverity-scan
index d56c9b66776..4bc991f70fd 100755
--- a/scripts/coverity-scan/run-coverity-scan
+++ b/scripts/coverity-scan/run-coverity-scan
@@ -28,6 +28,7 @@
# project settings, if you have maintainer access there.
# Command line options:
+# --check-upload-only : return success if upload is possible
# --dry-run : run the tools, but don't actually do the upload
# --docker : create and work inside a container
# --docker-engine : specify the container engine to use (docker/podman/auto);
@@ -57,18 +58,18 @@
# putting it in a file and using --tokenfile. Everything else has
# a reasonable default if this is run from a git tree.
-check_upload_permissions() {
+upload_permitted() {
# Check whether we can do an upload to the server; will exit the script
# with status 1 if the check failed (usually a bad token);
# will exit the script with status 0 if the check indicated that we
# can't upload yet (ie we are at quota)
- # Assumes that COVERITY_TOKEN, PROJNAME and DRYRUN have been initialized.
+ # Assumes that COVERITY_TOKEN and PROJNAME have been initialized.
echo "Checking upload permissions..."
if ! up_perm="$(wget https://scan.coverity.com/api/upload_permitted --post-data "token=$COVERITY_TOKEN&project=$PROJNAME" -q -O -)"; then
echo "Coverity Scan API access denied: bad token?"
- exit 1
+ exit 99
fi
# Really up_perm is a JSON response with either
@@ -76,25 +77,40 @@ check_upload_permissions() {
# We do some hacky string parsing instead of properly parsing it.
case "$up_perm" in
*upload_permitted*true*)
- echo "Coverity Scan: upload permitted"
+ return 0
;;
*next_upload_permitted_at*)
- if [ "$DRYRUN" = yes ]; then
- echo "Coverity Scan: upload quota reached, continuing dry run"
- else
- echo "Coverity Scan: upload quota reached; stopping here"
- # Exit success as this isn't a build error.
- exit 0
- fi
+ return 1
;;
*)
echo "Coverity Scan upload check: unexpected result $up_perm"
- exit 1
+ exit 99
;;
esac
}
+check_upload_permissions() {
+ # Check whether we can do an upload to the server; will exit the script
+ # with status 1 if the check failed (usually a bad token);
+ # will exit the script with status 0 if the check indicated that we
+ # can't upload yet (ie we are at quota)
+ # Assumes that COVERITY_TOKEN, PROJNAME and DRYRUN have been initialized.
+
+ if upload_permitted; then
+ echo "Coverity Scan: upload permitted"
+ else
+ if [ "$DRYRUN" = yes ]; then
+ echo "Coverity Scan: upload quota reached, continuing dry run"
+ else
+ echo "Coverity Scan: upload quota reached; stopping here"
+ # Exit success as this isn't a build error.
+ exit 0
+ fi
+ fi
+}
+
+
build_docker_image() {
# build docker container including the coverity-scan tools
echo "Building docker container..."
@@ -152,9 +168,14 @@ update_coverity_tools () {
DRYRUN=no
UPDATE=yes
DOCKER=no
+PROJNAME=QEMU
while [ "$#" -ge 1 ]; do
case "$1" in
+ --check-upload-only)
+ shift
+ DRYRUN=check
+ ;;
--dry-run)
shift
DRYRUN=yes
@@ -251,6 +272,11 @@ if [ -z "$COVERITY_TOKEN" ]; then
exit 1
fi
+if [ "$DRYRUN" = check ]; then
+ upload_permitted
+ exit $?
+fi
+
if [ -z "$COVERITY_BUILD_CMD" ]; then
NPROC=$(nproc)
COVERITY_BUILD_CMD="make -j$NPROC"
@@ -266,7 +292,6 @@ if [ -z "$SRCDIR" ]; then
SRCDIR="$PWD"
fi
-PROJNAME=QEMU
TARBALL=cov-int.tar.xz
if [ "$UPDATE" = only ]; then
--
2.43.2
next prev parent reply other threads:[~2024-03-05 19:09 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-05 19:09 [PATCH 0/2] ci: allow running Coverity Scan uploads via GitLab Paolo Bonzini
2024-03-05 19:09 ` Paolo Bonzini [this message]
2024-03-07 12:47 ` [PATCH 1/2] run-coverity-scan: add --check-upload-only option Peter Maydell
2024-03-05 19:09 ` [PATCH 2/2] gitlab-ci: add manual job to run Coverity Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240305190902.364753-2-pbonzini@redhat.com \
--to=pbonzini@redhat.com \
--cc=berrange@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.