如何设置 Travis/Rails 项目以提交到 Coverity Scan?
How to setup a Travis/Rails project to submit to Coverity Scan?
我正在为 rails 应用程序寻找 std travis coverity 设置。
我当前的 .travis.yml 文件如下所示:
# environment settings
env:
- DB=sqlite
- DB=mysql
- DB=postgresql
env:
global:
# The next declaration is the encrypted COVERITY_SCAN_TOKEN, created
# via the "travis encrypt" command using the project repo's public key
- secure: "<SECURE>"
# project language
language: ruby
rvm:
- 2.3.1
# branches to build (whitelist)
branches:
only:
- master
- coverity_scan
- testing
# command to run before install
before_install:
- echo -n | openssl s_client -connect scan.coverity.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca-
# arguments for the bundler
bundler_args: --without production development
# addons
addons:
coverity_scan:
project:
name: "<PROJECT_NAME>"
description: "Build submitted via Travis CI"
notification_email: <MY_EMAIL>
build_command_prepend: ""
build_command: "--no-command"
branch_pattern: coverity_scan
# script
script:
- RAILS_ENV=test bundle exec rake db:migrate --trace
- bundle exec rake db:test:prepare
- bundle exec rspec spec/
- bundle exec cucumber
# run before script
before_script:
- mysql -e 'create database my_app_test'
- psql -c 'create database my_app_test' -U postgres
我不确定要在 addons.coverity_scan 的 build_command 部分放什么。我已经尝试将其留空,--no-command、bundle install 和 bundle install --jobs=3 --retry=3,但其中 none 有效。 --no_command,例如,给我以下消息:
Coverity Scan analysis selected for branch coverity_scan.
Coverity Scan analysis authorized per quota.
$ curl -s https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh | COVERITY_SCAN_PROJECT_NAME="$PROJECT_NAME" COVERITY_SCAN_NOTIFICATION_EMAIL="<MY_EMAIL>" COVERITY_SCAN_BUILD_COMMAND="--no-command" COVERITY_SCAN_BUILD_COMMAND_PREPEND="" COVERITY_SCAN_BRANCH_PATTERN=coverity_scan bash
Note: COVERITY_SCAN_PROJECT_NAME and COVERITY_SCAN_TOKEN are available on Project Settings page on scan.coverity.com
Coverity Scan configured to run on branch coverity_scan
Coverity Scan analysis authorized per quota.
Downloading Coverity Scan Analysis Tool...
2016-09-13 23:26:36 URL:https://scan.coverity.com/download/Linux [449455458/449455458] -> "/tmp/cov-analysis-Linux.tgz" [1]
Extracting Coverity Scan Analysis Tool...
/tmp/coverity-scan-analysis ~/build/<PROJECT_NAME>
~/build/<PROJECT_NAME>
Running Coverity Scan Analysis Tool...
Coverity Build Capture (64-bit) version 8.5.0.3 on Linux 3.13.0-92-generic x86_64
Internal version numbers: db70178643 p-kent-push-26368.949
[WARNING] No files were emitted. This may be due to a problem with your configuration
or because no files were actually compiled by your build command.
Please make sure you have configured the compilers actually used in the compilation.
For more details, please look at:
/home/travis/build/<PROJECT_NAME>/cov-int/build-log.txt
Extracting SCM data for 0 files...
Please see the log file '/home/travis/build/<PROJECT_NAME>/cov-int/scm_log.txt' for warnings and SCM command issues.
[WARNING] Unable to gather all SCM data - see log at /home/travis/build/<PROJECT_NAME>/cov-int/scm_log.txt for details.
Successfully added SCM data for 0 files
Tarring Coverity Scan Analysis results...
Uploading Coverity Scan Analysis results...
而且因为我使用的是 travis,所以我无法查看日志文件...
当命令为空时,它会失败并出现错误,需要给出一个命令,但它什么都不做。
有人可以帮我为 rails 应用程序进行某种标准设置吗?
提前致谢!
似乎无法分析rails(一般解释的)项目(如果我错了请纠正我)。我从 coverity 中删除了我的项目。
Ruby 在 Coverity 8.5 中受支持。如果没有日志,调试起来很困难。 SCAN 套件可能缺少 Ruby 的配置,可以通过 运行 cov-configure --ruby.
修复
然而,更可能的问题是 Ruby 是 Coverity 认为的 "non-compiled" 语言(这意味着您通常没有在使用它们之前编译它们的构建)。因此,这意味着您需要告知 cov-build 您的 Ruby 文件的位置。查看您的 travis 配置,我希望您需要将此添加到您的 build_command: --fs-capture-search /path/to/your/ruby/files
有关使用 Coverity SCAN 8.5 支持的新语言的说明可在此处找到:https://scan.coverity.com/download?tab=other。我们假设用户在尝试 TravisCI 集成之前首先阅读这些说明。还强烈建议在尝试任何 CI.
之前测试本地集成以确保干净的捕获
我正在为 rails 应用程序寻找 std travis coverity 设置。
我当前的 .travis.yml 文件如下所示:
# environment settings
env:
- DB=sqlite
- DB=mysql
- DB=postgresql
env:
global:
# The next declaration is the encrypted COVERITY_SCAN_TOKEN, created
# via the "travis encrypt" command using the project repo's public key
- secure: "<SECURE>"
# project language
language: ruby
rvm:
- 2.3.1
# branches to build (whitelist)
branches:
only:
- master
- coverity_scan
- testing
# command to run before install
before_install:
- echo -n | openssl s_client -connect scan.coverity.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca-
# arguments for the bundler
bundler_args: --without production development
# addons
addons:
coverity_scan:
project:
name: "<PROJECT_NAME>"
description: "Build submitted via Travis CI"
notification_email: <MY_EMAIL>
build_command_prepend: ""
build_command: "--no-command"
branch_pattern: coverity_scan
# script
script:
- RAILS_ENV=test bundle exec rake db:migrate --trace
- bundle exec rake db:test:prepare
- bundle exec rspec spec/
- bundle exec cucumber
# run before script
before_script:
- mysql -e 'create database my_app_test'
- psql -c 'create database my_app_test' -U postgres
我不确定要在 addons.coverity_scan 的 build_command 部分放什么。我已经尝试将其留空,--no-command、bundle install 和 bundle install --jobs=3 --retry=3,但其中 none 有效。 --no_command,例如,给我以下消息:
Coverity Scan analysis selected for branch coverity_scan.
Coverity Scan analysis authorized per quota.
$ curl -s https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh | COVERITY_SCAN_PROJECT_NAME="$PROJECT_NAME" COVERITY_SCAN_NOTIFICATION_EMAIL="<MY_EMAIL>" COVERITY_SCAN_BUILD_COMMAND="--no-command" COVERITY_SCAN_BUILD_COMMAND_PREPEND="" COVERITY_SCAN_BRANCH_PATTERN=coverity_scan bash
Note: COVERITY_SCAN_PROJECT_NAME and COVERITY_SCAN_TOKEN are available on Project Settings page on scan.coverity.com
Coverity Scan configured to run on branch coverity_scan
Coverity Scan analysis authorized per quota.
Downloading Coverity Scan Analysis Tool...
2016-09-13 23:26:36 URL:https://scan.coverity.com/download/Linux [449455458/449455458] -> "/tmp/cov-analysis-Linux.tgz" [1]
Extracting Coverity Scan Analysis Tool...
/tmp/coverity-scan-analysis ~/build/<PROJECT_NAME>
~/build/<PROJECT_NAME>
Running Coverity Scan Analysis Tool...
Coverity Build Capture (64-bit) version 8.5.0.3 on Linux 3.13.0-92-generic x86_64
Internal version numbers: db70178643 p-kent-push-26368.949
[WARNING] No files were emitted. This may be due to a problem with your configuration
or because no files were actually compiled by your build command.
Please make sure you have configured the compilers actually used in the compilation.
For more details, please look at:
/home/travis/build/<PROJECT_NAME>/cov-int/build-log.txt
Extracting SCM data for 0 files...
Please see the log file '/home/travis/build/<PROJECT_NAME>/cov-int/scm_log.txt' for warnings and SCM command issues.
[WARNING] Unable to gather all SCM data - see log at /home/travis/build/<PROJECT_NAME>/cov-int/scm_log.txt for details.
Successfully added SCM data for 0 files
Tarring Coverity Scan Analysis results...
Uploading Coverity Scan Analysis results...
而且因为我使用的是 travis,所以我无法查看日志文件...
当命令为空时,它会失败并出现错误,需要给出一个命令,但它什么都不做。
有人可以帮我为 rails 应用程序进行某种标准设置吗?
提前致谢!
似乎无法分析rails(一般解释的)项目(如果我错了请纠正我)。我从 coverity 中删除了我的项目。
Ruby 在 Coverity 8.5 中受支持。如果没有日志,调试起来很困难。 SCAN 套件可能缺少 Ruby 的配置,可以通过 运行 cov-configure --ruby.
然而,更可能的问题是 Ruby 是 Coverity 认为的 "non-compiled" 语言(这意味着您通常没有在使用它们之前编译它们的构建)。因此,这意味着您需要告知 cov-build 您的 Ruby 文件的位置。查看您的 travis 配置,我希望您需要将此添加到您的 build_command: --fs-capture-search /path/to/your/ruby/files
有关使用 Coverity SCAN 8.5 支持的新语言的说明可在此处找到:https://scan.coverity.com/download?tab=other。我们假设用户在尝试 TravisCI 集成之前首先阅读这些说明。还强烈建议在尝试任何 CI.
之前测试本地集成以确保干净的捕获