Skip to content

ci: Add job for pushing coverity reports

Carlos Garnacho requested to merge wip/carlosg/ci-coverity into master

This job does:

  1. Download the coverity bundle and untar it
  2. Build mutter using clang and the coverity tool
  3. Compress the coverity report
  4. Upload for analysis

Things to note:

  • Analysis are throttled, as per https://scan.coverity.com/faq#frequency we qualify for 21 weekly builds, 3 daily. Mutter is sometimes a busy project, so it seems we'd get often those consumed early in the day. This is something we can resign to, but the times we'll try to upload a report to have it rejected make the operation kinda pointless and probably better throttled by ourselves.
  • Just made it apply to master, given the restrictions above.
  • I had to use clang as the coverity tool doesn't seem to work ATM with gcc as per recent Fedora.
  • The coverity tarball is 714MB in size, which is a bit too big to have it downloaded each time. As per their upload instructions, the tarball gets updated twice yearly, may also be a candidate for caching.
  • The coverity token for mutter is kept private/hidden in gitlab CI settings.

Merge request reports