ci: Support building a CI image for Coverity Scan builds

This will be used in an upcoming scheduled CI job.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
This commit is contained in:
Philip Withnall 2020-07-27 13:12:13 +01:00
parent 648986a290
commit c77c5e5b56
4 changed files with 19 additions and 1 deletions

View File

@ -11,6 +11,7 @@ cache:
variables:
FEDORA_IMAGE: "registry.gitlab.gnome.org/gnome/glib/fedora:v9"
COVERITY_IMAGE: "registry.gitlab.gnome.org/gnome/glib/coverity:v1"
DEBIAN_IMAGE: "registry.gitlab.gnome.org/gnome/glib/debian-stable:v6"
ANDROID_IMAGE: "registry.gitlab.gnome.org/gnome/glib/android-ndk:v3"
MINGW_IMAGE: "registry.gitlab.gnome.org/gnome/glib/mingw:v2"

View File

@ -8,7 +8,10 @@ GitLab CI jobs run in a Docker image, defined here. To update that image
1. Edit `.gitlab-ci/Dockerfile` with the changes you want
1. Run `.gitlab-ci/run-docker.sh build --base=debian-stable --base-version=1` to
build the new image (bump the version from the latest listed for that `base`
on https://gitlab.gnome.org/GNOME/glib/container_registry)
on https://gitlab.gnome.org/GNOME/glib/container_registry). If rebuilding the
`coverity.Dockerfile` image, youll need to have access to [Coverity Scan][cs]
and will need to specify your project name and access token as the environment
variables `COVERITY_SCAN_PROJECT_NAME` and `COVERITY_SCAN_TOKEN`.
1. Run `.gitlab-ci/run-docker.sh push --base=debian-stable --base-version=1` to
upload the new image to the GNOME GitLab Docker registry
* If this is the first time you're doing this, you'll need to log into the
@ -21,3 +24,4 @@ GitLab CI jobs run in a Docker image, defined here. To update that image
image
[pat]: https://gitlab.gnome.org/profile/personal_access_tokens
[cs]: https://scan.coverity.com/

View File

@ -0,0 +1,11 @@
FROM registry.gitlab.gnome.org/gnome/glib/fedora:v9
ARG COVERITY_SCAN_PROJECT_NAME
ARG COVERITY_SCAN_TOKEN
RUN curl https://scan.coverity.com/download/linux64 \
-o /tmp/cov-analysis-linux64.tgz \
--form project="${COVERITY_SCAN_PROJECT_NAME}" \
--form token="${COVERITY_SCAN_TOKEN}" \
&& tar xfz /tmp/cov-analysis-linux64.tgz \
&& rm /tmp/cov-analysis-linux64.tgz

View File

@ -103,6 +103,8 @@ if [ $build == 1 ]; then
echo -e "\e[1;32mBUILDING\e[0m: ${base} as ${TAG}"
$SUDO_CMD docker build \
--build-arg HOST_USER_ID="$UID" \
--build-arg COVERITY_SCAN_PROJECT_NAME="${COVERITY_SCAN_PROJECT_NAME}" \
--build-arg COVERITY_SCAN_TOKEN="${COVERITY_SCAN_TOKEN}" \
--tag "${TAG}" \
--file "${base}.Dockerfile" .
exit $?