mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-11-21 15:12:02 +00:00
Merge pull request #34895 from DevTeamBK/coverity_scan
Attempt at Nightly Coverity Scan and upload
This commit is contained in:
commit
2d87e3587d
49
.github/workflows/nightly.yml
vendored
49
.github/workflows/nightly.yml
vendored
@ -72,3 +72,52 @@ jobs:
|
|||||||
with:
|
with:
|
||||||
name: changed_images
|
name: changed_images
|
||||||
path: ${{ runner.temp }}/changed_images.json
|
path: ${{ runner.temp }}/changed_images.json
|
||||||
|
BuilderCoverity:
|
||||||
|
needs: DockerHubPush
|
||||||
|
runs-on: [self-hosted, builder]
|
||||||
|
steps:
|
||||||
|
- name: Set envs
|
||||||
|
run: |
|
||||||
|
cat >> "$GITHUB_ENV" << 'EOF'
|
||||||
|
TEMP_PATH=${{runner.temp}}/build_check
|
||||||
|
IMAGES_PATH=${{runner.temp}}/images_path
|
||||||
|
REPO_COPY=${{runner.temp}}/build_check/ClickHouse
|
||||||
|
CACHES_PATH=${{runner.temp}}/../ccaches
|
||||||
|
CHECK_NAME=ClickHouse build check (actions)
|
||||||
|
BUILD_NAME=coverity
|
||||||
|
EOF
|
||||||
|
- name: Download changed images
|
||||||
|
uses: actions/download-artifact@v2
|
||||||
|
with:
|
||||||
|
name: changed_images
|
||||||
|
path: ${{ env.IMAGES_PATH }}
|
||||||
|
- name: Clear repository
|
||||||
|
run: |
|
||||||
|
sudo rm -fr "$GITHUB_WORKSPACE" && mkdir "$GITHUB_WORKSPACE"
|
||||||
|
- name: Check out repository code
|
||||||
|
id: coverity-checkout
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
with:
|
||||||
|
submodules: 'true'
|
||||||
|
fetch-depth: 0 # otherwise we will have no info about contributors
|
||||||
|
- name: Build
|
||||||
|
run: |
|
||||||
|
sudo rm -fr "$TEMP_PATH"
|
||||||
|
mkdir -p "$TEMP_PATH"
|
||||||
|
cp -r "$GITHUB_WORKSPACE" "$TEMP_PATH"
|
||||||
|
cd "$REPO_COPY/tests/ci" && python3 build_check.py "$CHECK_NAME" "$BUILD_NAME" "${{ secrets.COV_TOKEN }}"
|
||||||
|
- name: Upload Coverity Analysis
|
||||||
|
if: ${{ success() || failure() }}
|
||||||
|
run: |
|
||||||
|
curl --form token='${{ secrets.COV_TOKEN }}' \
|
||||||
|
--form email='${{ secrets.ROBOT_CLICKHOUSE_EMAIL }}' \
|
||||||
|
--form file="@$TEMP_PATH/$BUILD_NAME/clickhouse-scan.tgz" \
|
||||||
|
--form version="${GITHUB_REF#refs/heads/}-${GITHUB_SHA::6}" \
|
||||||
|
--form description="Nighly Scan: $(date +'%Y-%m-%dT%H:%M:%S')" \
|
||||||
|
https://scan.coverity.com/builds?project=ClickHouse%2FClickHouse
|
||||||
|
- name: Cleanup
|
||||||
|
if: always()
|
||||||
|
run: |
|
||||||
|
docker kill "$(docker ps -q)" ||:
|
||||||
|
docker rm -f "$(docker ps -a -q)" ||:
|
||||||
|
sudo rm -fr "$TEMP_PATH" "$CACHES_PATH"
|
||||||
|
@ -25,13 +25,21 @@ read -ra CMAKE_FLAGS <<< "${CMAKE_FLAGS:-}"
|
|||||||
env
|
env
|
||||||
cmake --debug-trycompile --verbose=1 -DCMAKE_VERBOSE_MAKEFILE=1 -LA "-DCMAKE_BUILD_TYPE=$BUILD_TYPE" "-DSANITIZE=$SANITIZER" -DENABLE_CHECK_HEAVY_BUILDS=1 "${CMAKE_FLAGS[@]}" ..
|
cmake --debug-trycompile --verbose=1 -DCMAKE_VERBOSE_MAKEFILE=1 -LA "-DCMAKE_BUILD_TYPE=$BUILD_TYPE" "-DSANITIZE=$SANITIZER" -DENABLE_CHECK_HEAVY_BUILDS=1 "${CMAKE_FLAGS[@]}" ..
|
||||||
|
|
||||||
|
if [ "coverity" == "$COMBINED_OUTPUT" ]
|
||||||
|
then
|
||||||
|
wget --post-data "token=$COV_TOKEN&project=ClickHouse%2FClickHouse" -qO- https://scan.coverity.com/download/linux64 | tar xz -C /opt/cov-analysis --strip-components 1
|
||||||
|
export PATH=$PATH:/opt/cov-analysis/bin
|
||||||
|
cov-configure --config ./coverity.config --template --comptype clangcc --compiler "$CC"
|
||||||
|
SCAN_WRAPPER="cov-build --config ./coverity.config --dir cov-int"
|
||||||
|
fi
|
||||||
|
|
||||||
cache_status
|
cache_status
|
||||||
# clear cache stats
|
# clear cache stats
|
||||||
ccache --zero-stats ||:
|
ccache --zero-stats ||:
|
||||||
|
|
||||||
# No quotes because I want it to expand to nothing if empty.
|
# No quotes because I want it to expand to nothing if empty.
|
||||||
# shellcheck disable=SC2086
|
# shellcheck disable=SC2086 # No quotes because I want it to expand to nothing if empty.
|
||||||
ninja $NINJA_FLAGS clickhouse-bundle
|
$SCAN_WRAPPER ninja $NINJA_FLAGS clickhouse-bundle
|
||||||
|
|
||||||
cache_status
|
cache_status
|
||||||
|
|
||||||
@ -91,6 +99,12 @@ then
|
|||||||
mv "$COMBINED_OUTPUT.tgz" /output
|
mv "$COMBINED_OUTPUT.tgz" /output
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [ "coverity" == "$COMBINED_OUTPUT" ]
|
||||||
|
then
|
||||||
|
tar -cv -I pigz -f "coverity-scan.tgz" cov-int
|
||||||
|
mv "coverity-scan.tgz" /output
|
||||||
|
fi
|
||||||
|
|
||||||
# Also build fuzzers if any sanitizer specified
|
# Also build fuzzers if any sanitizer specified
|
||||||
# if [ -n "$SANITIZER" ]
|
# if [ -n "$SANITIZER" ]
|
||||||
# then
|
# then
|
||||||
|
@ -86,6 +86,7 @@ def parse_env_variables(
|
|||||||
additional_pkgs,
|
additional_pkgs,
|
||||||
with_coverage,
|
with_coverage,
|
||||||
with_binaries,
|
with_binaries,
|
||||||
|
coverity_scan,
|
||||||
):
|
):
|
||||||
DARWIN_SUFFIX = "-darwin"
|
DARWIN_SUFFIX = "-darwin"
|
||||||
DARWIN_ARM_SUFFIX = "-darwin-aarch64"
|
DARWIN_ARM_SUFFIX = "-darwin-aarch64"
|
||||||
@ -176,6 +177,9 @@ def parse_env_variables(
|
|||||||
if package_type == "performance":
|
if package_type == "performance":
|
||||||
result.append("COMBINED_OUTPUT=performance")
|
result.append("COMBINED_OUTPUT=performance")
|
||||||
cmake_flags.append("-DENABLE_TESTS=0")
|
cmake_flags.append("-DENABLE_TESTS=0")
|
||||||
|
elif package_type == "coverity":
|
||||||
|
result.append("COMBINED_OUTPUT=coverity")
|
||||||
|
result.append("COV_TOKEN={}".format(cov_token))
|
||||||
elif split_binary:
|
elif split_binary:
|
||||||
result.append("COMBINED_OUTPUT=shared_build")
|
result.append("COMBINED_OUTPUT=shared_build")
|
||||||
|
|
||||||
@ -262,9 +266,8 @@ if __name__ == "__main__":
|
|||||||
# and configs to be used for performance test.
|
# and configs to be used for performance test.
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
"--package-type",
|
"--package-type",
|
||||||
choices=("deb", "binary", "performance"),
|
choices=["deb", "binary", "performance", "coverity"],
|
||||||
required=True,
|
required=True,
|
||||||
help="a build type",
|
|
||||||
)
|
)
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
"--clickhouse-repo-path",
|
"--clickhouse-repo-path",
|
||||||
@ -325,12 +328,13 @@ if __name__ == "__main__":
|
|||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
"--docker-image-version", default="latest", help="docker image tag to use"
|
"--docker-image-version", default="latest", help="docker image tag to use"
|
||||||
)
|
)
|
||||||
|
parser.add_argument("--cov_token", default="")
|
||||||
|
|
||||||
args = parser.parse_args()
|
args = parser.parse_args()
|
||||||
if not os.path.isabs(args.output_dir):
|
if not os.path.isabs(args.output_dir):
|
||||||
args.output_dir = os.path.abspath(os.path.join(os.getcwd(), args.output_dir))
|
args.output_dir = os.path.abspath(os.path.join(os.getcwd(), args.output_dir))
|
||||||
|
|
||||||
image_type = "binary" if args.package_type == "performance" else args.package_type
|
image_type = "binary" if args.package_type in ("performance", "coverity") else args.package_type
|
||||||
image_name = "clickhouse/binary-builder"
|
image_name = "clickhouse/binary-builder"
|
||||||
|
|
||||||
if not os.path.isabs(args.clickhouse_repo_path):
|
if not os.path.isabs(args.clickhouse_repo_path):
|
||||||
@ -372,6 +376,7 @@ if __name__ == "__main__":
|
|||||||
args.additional_pkgs,
|
args.additional_pkgs,
|
||||||
args.with_coverage,
|
args.with_coverage,
|
||||||
args.with_binaries,
|
args.with_binaries,
|
||||||
|
args.cov_token,
|
||||||
)
|
)
|
||||||
|
|
||||||
run_docker_image_with_env(
|
run_docker_image_with_env(
|
||||||
|
@ -55,6 +55,7 @@ def get_packager_cmd(
|
|||||||
image_version: str,
|
image_version: str,
|
||||||
ccache_path: str,
|
ccache_path: str,
|
||||||
official: bool,
|
official: bool,
|
||||||
|
cov_token: str,
|
||||||
) -> str:
|
) -> str:
|
||||||
package_type = build_config["package_type"]
|
package_type = build_config["package_type"]
|
||||||
comp = build_config["compiler"]
|
comp = build_config["compiler"]
|
||||||
@ -87,6 +88,8 @@ def get_packager_cmd(
|
|||||||
if official:
|
if official:
|
||||||
cmd += " --official"
|
cmd += " --official"
|
||||||
|
|
||||||
|
if cov_token:
|
||||||
|
cmd += " --cov-token={}".format(cov_token)
|
||||||
return cmd
|
return cmd
|
||||||
|
|
||||||
|
|
||||||
@ -203,6 +206,9 @@ def main():
|
|||||||
|
|
||||||
build_check_name = sys.argv[1]
|
build_check_name = sys.argv[1]
|
||||||
build_name = sys.argv[2]
|
build_name = sys.argv[2]
|
||||||
|
cov_token = ""
|
||||||
|
if len(sys.argv) > 3:
|
||||||
|
cov_token = sys.argv[3]
|
||||||
|
|
||||||
build_config = get_build_config(build_check_name, build_name)
|
build_config = get_build_config(build_check_name, build_name)
|
||||||
|
|
||||||
@ -296,7 +302,8 @@ def main():
|
|||||||
version.string,
|
version.string,
|
||||||
image_version,
|
image_version,
|
||||||
ccache_path,
|
ccache_path,
|
||||||
official=official_flag,
|
official_flag,
|
||||||
|
cov_token,
|
||||||
)
|
)
|
||||||
|
|
||||||
logging.info("Going to run packager with %s", packager_cmd)
|
logging.info("Going to run packager with %s", packager_cmd)
|
||||||
|
@ -28,6 +28,16 @@ CI_CONFIG = {
|
|||||||
"tidy": "disable",
|
"tidy": "disable",
|
||||||
"with_coverage": False,
|
"with_coverage": False,
|
||||||
},
|
},
|
||||||
|
"coverity": {
|
||||||
|
"compiler": "clang-13",
|
||||||
|
"build_type": "",
|
||||||
|
"sanitizer": "",
|
||||||
|
"package_type": "coverity",
|
||||||
|
"bundled": "bundled",
|
||||||
|
"splitted": "unsplitted",
|
||||||
|
"tidy": "disable",
|
||||||
|
"with_coverage": False,
|
||||||
|
},
|
||||||
"binary_gcc": {
|
"binary_gcc": {
|
||||||
"compiler": "gcc-11",
|
"compiler": "gcc-11",
|
||||||
"build_type": "",
|
"build_type": "",
|
||||||
@ -190,6 +200,7 @@ CI_CONFIG = {
|
|||||||
"ClickHouse build check (actions)": [
|
"ClickHouse build check (actions)": [
|
||||||
"package_release",
|
"package_release",
|
||||||
"performance",
|
"performance",
|
||||||
|
"coverity",
|
||||||
"package_aarch64",
|
"package_aarch64",
|
||||||
"package_asan",
|
"package_asan",
|
||||||
"package_ubsan",
|
"package_ubsan",
|
||||||
|
Loading…
Reference in New Issue
Block a user