contrib/ci.inria.fr: add a coverity job

Will run in the extended nightly tests.

Runs only on master on the main repo by default.

Signed-off-by: Brice Goglin <[email protected]>

Author: bgoglin

contrib/ci.inria.fr/Jenkinsfile-extended

@@ -6,7 +6,7 @@
 //   + running Unix Debug checks
 //   + building MinGW Windows zipballs
 //   + running Embedded checks
-//   + running Sonarscanner analysis
+//   + running Coverity and Sonarscanner analysis
 //
 // The GIT checkout must use the remote branch name as the checkout local
 // branch name so that tarball names contain the branch name.
@@ -47,6 +47,7 @@ pipeline {
                                         dir('contrib/ci.inria.fr') {
 						stash includes: "job-3-debug.sh", name: 'script-unix-debug'
 						stash includes: "job-3-embedded.sh", name: 'script-embedded'
+						stash includes: "job-3-coverity.sh", name: 'script-coverity'
 						stash includes: "job-3-sonarscanner.sh", name: 'script-sonarscanner'
 						stash includes: "job-3-mingw.*", name: 'scripts-mingw'
 						stash includes: "job-3-cygwin.*", name: 'scripts-cygwin'
@@ -70,6 +71,9 @@ pipeline {
 					if (env.NO_MINGW != 'true') {
 						listOfNodeNames.push('MinGW')
 					}
+					if (env.NO_COVERITY != 'true') {
+						listOfNodeNames.push('Coverity')
+					}
 					if (env.NO_SONARQUBE != 'true') {
 						listOfNodeNames.push('SonarQube Scanner')
 					}
@@ -103,6 +107,16 @@ pipeline {
 										deleteDir()
 								}
 							}
+						} else if (it == 'Coverity') {
+							node('coverity') {
+								dir('check-coverity') {
+									unstash 'tarballgz'
+									unstash 'script-coverity'
+									sh 'chmod 755 job-3-coverity.sh && ./job-3-coverity.sh '+gitRepoURL+' '+gitBranch+' '+tarballgz
+									if (env.KEEP_WORKING_DIRECTORY != 'true')
+										deleteDir()
+								}
+							}
 						} else if (it == 'SonarQube Scanner') {
 							node('sonarscanner') {
 								dir('check-sonarscanner') {

contrib/ci.inria.fr/job-3-coverity.sh

@@ -0,0 +1,67 @@
+#!/bin/bash
+#
+# Copyright © 2012-2019 Inria.  All rights reserved.
+# See COPYING in top-level directory.
+#
+
+echo "############################"
+echo "Running on:"
+uname -a
+echo "Tarball: $3"
+echo "############################"
+
+set -e
+set -x
+
+git_repo_url="$1"
+hwloc_branch="$2"
+tarball="$3"
+
+if test -z "$git_repo_url" || test -z "$hwloc_branch"; then
+  echo "Need repo URL and branch name as arguments."
+  exit 1
+fi
+
+# environment variables
+test -f $HOME/.ciprofile && . $HOME/.ciprofile
+
+# check that the repo is the official one
+# check that this is master
+if test x$hwloc_branch != xmaster -o x$git_repo_url != xhttps://github.com/open-mpi/hwloc.git; then
+  if test x$FORCE_COVERITY = xtrue; then
+    echo "Forcing coverity on non-master-branch or non-official repository."
+  else
+    echo "Ignoring non-master-branch or non-official repository."
+    exit 0
+  fi
+fi
+
+# extract the tarball
+basename=$(basename $tarball .tar.gz)
+test -d $basename && chmod -R u+rwX $basename && rm -rf $basename
+tar xfz $tarball
+rm $tarball
+cd $basename
+
+# ignore clock problems
+touch configure
+
+# configure things
+[email protected]
+VERSION=$basename
+COVDIR=cov-int
+COVBALL=myproject.tgz
+
+# run
+./configure
+cov-build --dir ${COVDIR} make all
+cov-build --dir ${COVDIR} make check
+tar cfvz ${COVBALL} ${COVDIR}
+curl --form file=@${COVBALL} \
+     --form "token=<${COVERITY_TOKEN_FILE}" \
+     --form email=${EMAIL} \
+     --form version=${VERSION} \
+     --form description=manual \
+     https://scan.coverity.com/builds?project=hwloc
+
+exit 0