1#!/usr/bin/env bash
2
3set -e
4
5# if no DOCKER_TAG is set, warn and default to fedora-30
6if [ -z "$DOCKER_TAG" ]; then
7  echo "WARN: DOCKER_TAG is not set, defaulting to fedora-30"
8  export DOCKER_TAG="fedora-30"
9fi
10
11  #
12  # Docker starts you in a cloned repo of your project with the PR checkout out.
13  # We want those changes IN the docker image, so use the -v option to mount the
14  # project repo in the docker image.
15  #
16  # Also, pass in any env variables required for the build via .ci/docker.env file
17  #
18  # Execute the build and test procedure by running .ci/docker.run
19  #
20if [ "$TRAVIS_BRANCH" != "coverity_scan" ]; then
21  echo "Running non-coverity build"
22  # Do normal CI script
23  ci_env=$(bash <(curl -s https://codecov.io/env))
24  docker run $ci_env --env-file .ci/docker.env \
25    -v "$(pwd):/workspace/tpm2-tss" "tpm2software/tpm2-tss:$DOCKER_TAG" \
26    /bin/bash -c '/workspace/tpm2-tss/.ci/docker.run'
27
28    exit 0
29fi
30
31# branch is coverity_scan
32echo "Running coverity build"
33
34# Do coverity steps
35# we don't run with clang and we only run if COVERITY_RUN is true
36if [[ "$CC" == clang* || "$COVERITY_RUN" != "true" ]]; then
37  echo "Nothing to do on the coverity_scan branch...exiting!"
38  exit 0
39fi
40
41# ensure coverity_scan tool is available to the container
42if [ ! -f "$(pwd)/coverity-analysis/bin/cov-build" ]; then
43  wget https://scan.coverity.com/download/linux64 --quiet --post-data "token=$COVERITY_SCAN_TOKEN&project=tpm2-software%2Ftpm2.0-tss" -O coverity_tool.tgz
44  wget https://scan.coverity.com/download/linux64 --quiet --post-data "token=$COVERITY_SCAN_TOKEN&project=tpm2-software%2Ftpm2.0-tss&md5=1" -O coverity_tool.md5
45  echo "$(cat coverity_tool.md5)" coverity_tool.tgz | md5sum -c
46fi
47
48echo "unpacking cov-analysis"
49tar -xf coverity_tool.tgz
50mv cov-analysis-* cov-analysis
51
52
53# perform the scan
54docker run --env-file .ci/docker.env \
55  -v "$(pwd):/workspace/tpm2-tss" "tpm2software/tpm2-tss:$DOCKER_TAG" \
56  /bin/bash -c '/workspace/tpm2-tss/.ci/coverity.run'
57
58# upload the results
59test -f "$(pwd)/tpm2-tss-scan.tgz"
60
61echo "Submitting data to Coverity"
62curl --form token="$COVERITY_SCAN_TOKEN" \
63  --form email=tadeusz.struk@intel.com \
64  --form project=tpm2-software/tpm2.0-tss \
65  --form file=@"$(pwd)/tpm2-tss-scan.tgz" \
66  --form version="$TRAVIS_COMMIT" \
67  --form description="$TRAVIS_REPO_SLUG $TRAVIS_BRANCH" \
68  https://scan.coverity.com/builds?project=tpm2-software%2Ftpm2.0-tss
69
70rm -fr tpm2-tss-scan.tgz
71
72exit 0
73