From 41589fe87ee029ec4b292e009ccfd1ca8a62e9e0 Mon Sep 17 00:00:00 2001 From: Rahul Kar Date: Mon, 26 May 2025 07:01:56 +0000 Subject: [PATCH 01/13] Update curl command to download in a non user accessible folder --- .github/workflows/coverity_scan.yml | 5 ++--- .github/workflows/kernel-demos.yml | 5 ++++- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/coverity_scan.yml b/.github/workflows/coverity_scan.yml index 803a29ba89..826a358b8c 100644 --- a/.github/workflows/coverity_scan.yml +++ b/.github/workflows/coverity_scan.yml @@ -42,9 +42,8 @@ jobs: # ${{ env.stepName }} echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}" - wget -nv -qO- https://scan.coverity.com/download/linux64 --post-data "token=${COVERITY_TOKEN}&project=FreeRTOS-Kernel" | tar -zx --one-top-level=cov_scan --strip-components 1 - echo "cov_scan_path=$(pwd)/cov_scan/bin" >> $GITHUB_ENV - + wget -nv -qO- https://scan.coverity.com/download/linux64 --post-data "token=${COVERITY_TOKEN}&project=FreeRTOS-Kernel" | tar -zx --one-top-level=cov_scan -C "$HOME" + echo "cov_scan_path=$HOME/cov_scan/bin" >> $GITHUB_ENV echo "::endgroup::" echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }} " diff --git a/.github/workflows/kernel-demos.yml b/.github/workflows/kernel-demos.yml index 404c602b57..5e3dc61476 100644 --- a/.github/workflows/kernel-demos.yml +++ b/.github/workflows/kernel-demos.yml @@ -156,9 +156,10 @@ jobs: run: | # ${{ env.stepName }} echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}" - curl -L -O https://dr-download.ti.com/software-development/ide-configuration-compiler-or-debugger/MD-LlCjWuAbzH/9.3.1.2/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z + curl -L -o "$HOME/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z" https://dr-download.ti.com/software-development/ide-configuration-compiler-or-debugger/MD-LlCjWuAbzH/9.3.1.2/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z sudo apt update -y sudo apt install -y p7zip-full + cd "$HOME" 7z x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.7z chmod +x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run sudo ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run --prefix /usr/bin/msp430-gcc --mode unattended @@ -211,6 +212,8 @@ jobs: sudo apt install -y autogen gawk libgmp-dev libmpc-dev libmpfr-dev sudo apt install -y patchutils sharutils zlib1g-dev autoconf2.64 + cd "$HOME" + # Download the mb-gcc toolchain from github curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/binutils-microblaze_2.35-2021-0623+1_amd64.deb; curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/gcc-microblaze_10.2.0-2021-0623+2_amd64.deb; From 53fcf8fd0457664da47adaaa156974992568c3a9 Mon Sep 17 00:00:00 2001 From: Rahul Kar Date: Mon, 26 May 2025 09:12:00 +0000 Subject: [PATCH 02/13] Fix download location --- .github/workflows/kernel-demos.yml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/.github/workflows/kernel-demos.yml b/.github/workflows/kernel-demos.yml index 5e3dc61476..a6333c1550 100644 --- a/.github/workflows/kernel-demos.yml +++ b/.github/workflows/kernel-demos.yml @@ -159,11 +159,12 @@ jobs: curl -L -o "$HOME/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z" https://dr-download.ti.com/software-development/ide-configuration-compiler-or-debugger/MD-LlCjWuAbzH/9.3.1.2/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z sudo apt update -y sudo apt install -y p7zip-full - cd "$HOME" + pushd $HOME 7z x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.7z chmod +x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run sudo ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run --prefix /usr/bin/msp430-gcc --mode unattended echo "::endgroup::" + popd echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }}" - name: Build msp430_GCC Demo @@ -212,8 +213,7 @@ jobs: sudo apt install -y autogen gawk libgmp-dev libmpc-dev libmpfr-dev sudo apt install -y patchutils sharutils zlib1g-dev autoconf2.64 - cd "$HOME" - + pushd $HOME # Download the mb-gcc toolchain from github curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/binutils-microblaze_2.35-2021-0623+1_amd64.deb; curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/gcc-microblaze_10.2.0-2021-0623+2_amd64.deb; @@ -221,14 +221,15 @@ jobs: curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/libnewlib-microblaze-doc_3.3.0-2021-0623+3_all.deb; curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/libnewlib-microblaze_3.3.0-2021-0623+3_all.deb; curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/newlib-source_3.3.0-2021-0623+3_all.deb; + popd # Install the packages for the toolchain - sudo apt install -y ./binutils-microblaze*.deb; - sudo apt install -y ./gcc-microblaze*.deb; - sudo apt install -y ./libnewlib-microblaze-dev*.deb; - sudo apt install -y ./libnewlib-microblaze-doc*.deb; - sudo apt install -y ./libnewlib-microblaze*.deb; - sudo apt install -y ./newlib-source*.deb; + sudo apt install -y $HOME/binutils-microblaze*.deb; + sudo apt install -y $HOME/gcc-microblaze*.deb; + sudo apt install -y $HOME/libnewlib-microblaze-dev*.deb; + sudo apt install -y $HOME/libnewlib-microblaze-doc*.deb; + sudo apt install -y $HOME/libnewlib-microblaze*.deb; + sudo apt install -y $HOME/newlib-source*.deb; # Validate that the toolchain is in the path and can be called which mb-gcc From f3bc128225dbb845e59977b570a53f142a1c1edb Mon Sep 17 00:00:00 2001 From: Rahul Kar Date: Mon, 26 May 2025 09:53:31 +0000 Subject: [PATCH 03/13] Fix lowercase letter in the curl command --- .github/workflows/kernel-demos.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/kernel-demos.yml b/.github/workflows/kernel-demos.yml index a6333c1550..1f2df0fe5e 100644 --- a/.github/workflows/kernel-demos.yml +++ b/.github/workflows/kernel-demos.yml @@ -156,7 +156,7 @@ jobs: run: | # ${{ env.stepName }} echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}" - curl -L -o "$HOME/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z" https://dr-download.ti.com/software-development/ide-configuration-compiler-or-debugger/MD-LlCjWuAbzH/9.3.1.2/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z + curl -L -O "$HOME/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z" https://dr-download.ti.com/software-development/ide-configuration-compiler-or-debugger/MD-LlCjWuAbzH/9.3.1.2/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z sudo apt update -y sudo apt install -y p7zip-full pushd $HOME From 92f56163b9f4869b3fa1187a52b02e1a8fb09a95 Mon Sep 17 00:00:00 2001 From: Rahul Kar Date: Mon, 26 May 2025 10:21:46 +0000 Subject: [PATCH 04/13] Fix curl command --- .github/workflows/kernel-demos.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/kernel-demos.yml b/.github/workflows/kernel-demos.yml index 1f2df0fe5e..ead24e0646 100644 --- a/.github/workflows/kernel-demos.yml +++ b/.github/workflows/kernel-demos.yml @@ -156,10 +156,10 @@ jobs: run: | # ${{ env.stepName }} echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}" - curl -L -O "$HOME/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z" https://dr-download.ti.com/software-development/ide-configuration-compiler-or-debugger/MD-LlCjWuAbzH/9.3.1.2/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z sudo apt update -y sudo apt install -y p7zip-full pushd $HOME + curl -L -O https://dr-download.ti.com/software-development/ide-configuration-compiler-or-debugger/MD-LlCjWuAbzH/9.3.1.2/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z 7z x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.7z chmod +x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run sudo ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run --prefix /usr/bin/msp430-gcc --mode unattended From fb4cd82c7b449ed52483c12a5ea12355fc2fc6d4 Mon Sep 17 00:00:00 2001 From: Gaurav Aggarwal Date: Mon, 2 Jun 2025 07:18:03 +0000 Subject: [PATCH 05/13] Explicitly specify output filename Signed-off-by: Gaurav Aggarwal --- .github/workflows/kernel-demos.yml | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/kernel-demos.yml b/.github/workflows/kernel-demos.yml index ead24e0646..ec60f7d421 100644 --- a/.github/workflows/kernel-demos.yml +++ b/.github/workflows/kernel-demos.yml @@ -159,7 +159,7 @@ jobs: sudo apt update -y sudo apt install -y p7zip-full pushd $HOME - curl -L -O https://dr-download.ti.com/software-development/ide-configuration-compiler-or-debugger/MD-LlCjWuAbzH/9.3.1.2/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z + curl -L -o msp430-gcc-full-linux-x64-installer-9.3.1.2.7z https://dr-download.ti.com/software-development/ide-configuration-compiler-or-debugger/MD-LlCjWuAbzH/9.3.1.2/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z 7z x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.7z chmod +x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run sudo ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run --prefix /usr/bin/msp430-gcc --mode unattended @@ -215,21 +215,21 @@ jobs: pushd $HOME # Download the mb-gcc toolchain from github - curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/binutils-microblaze_2.35-2021-0623+1_amd64.deb; - curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/gcc-microblaze_10.2.0-2021-0623+2_amd64.deb; - curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/libnewlib-microblaze-dev_3.3.0-2021-0623+3_all.deb; - curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/libnewlib-microblaze-doc_3.3.0-2021-0623+3_all.deb; - curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/libnewlib-microblaze_3.3.0-2021-0623+3_all.deb; - curl -L -O https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/newlib-source_3.3.0-2021-0623+3_all.deb; + curl -L -o binutils-microblaze.deb https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/binutils-microblaze_2.35-2021-0623+1_amd64.deb; + curl -L -o gcc-microblaze.deb https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/gcc-microblaze_10.2.0-2021-0623+2_amd64.deb; + curl -L -o libnewlib-microblaze-dev.deb https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/libnewlib-microblaze-dev_3.3.0-2021-0623+3_all.deb; + curl -L -o libnewlib-microblaze-doc.deb https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/libnewlib-microblaze-doc_3.3.0-2021-0623+3_all.deb; + curl -L -o libnewlib-microblaze.deb https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/libnewlib-microblaze_3.3.0-2021-0623+3_all.deb; + curl -L -o newlib-source.deb https://github.com/mdednev/mb-gcc/releases/download/2021-0623%2B2/newlib-source_3.3.0-2021-0623+3_all.deb; popd # Install the packages for the toolchain - sudo apt install -y $HOME/binutils-microblaze*.deb; - sudo apt install -y $HOME/gcc-microblaze*.deb; - sudo apt install -y $HOME/libnewlib-microblaze-dev*.deb; - sudo apt install -y $HOME/libnewlib-microblaze-doc*.deb; - sudo apt install -y $HOME/libnewlib-microblaze*.deb; - sudo apt install -y $HOME/newlib-source*.deb; + sudo apt install -y $HOME/binutils-microblaze.deb; + sudo apt install -y $HOME/gcc-microblaze.deb; + sudo apt install -y $HOME/libnewlib-microblaze-dev.deb; + sudo apt install -y $HOME/libnewlib-microblaze-doc.deb; + sudo apt install -y $HOME/libnewlib-microblaze.deb; + sudo apt install -y $HOME/newlib-source.deb; # Validate that the toolchain is in the path and can be called which mb-gcc From a20e70f3eb0b8d3804add46fd2905369a231102c Mon Sep 17 00:00:00 2001 From: Rahul Kar Date: Mon, 2 Jun 2025 07:42:34 +0000 Subject: [PATCH 06/13] Update inaccessible links for TFM FPU Support --- portable/ThirdParty/GCC/ARM_TFM/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/portable/ThirdParty/GCC/ARM_TFM/README.md b/portable/ThirdParty/GCC/ARM_TFM/README.md index 7df149f54f..bc594b1561 100644 --- a/portable/ThirdParty/GCC/ARM_TFM/README.md +++ b/portable/ThirdParty/GCC/ARM_TFM/README.md @@ -52,13 +52,13 @@ Kernel runs in the Non-Secure Side. The setting of this macro is decided by the setting in Secure Side which is platform-specific. If the Secure Side enables Non-Secure access to FPU, then this macro can be configured as 0 or 1. Otherwise, this macro can only be configured as 0. Please note that Cortex-M23 does not support FPU. -Please refer to [TF-M documentation](https://tf-m-user-guide.trustedfirmware.org/integration_guide/tfm_fpu_support.html) for FPU usage on the Non-Secure side. +Please refer to [TF-M documentation](https://trustedfirmware-m.readthedocs.io/en/latest/integration_guide/tfm_fpu_support.html) for FPU usage on the Non-Secure side. * `configENABLE_MVE` The setting of this macro is decided by the setting in Secure Side which is platform-specific. If the Secure Side enables Non-Secure access to MVE, then this macro can be configured as 0 or 1. Otherwise, this macro can only be configured as 0. Please note that only Cortex-M55 and Cortex-M85 support MVE. -Please refer to [TF-M documentation](https://tf-m-user-guide.trustedfirmware.org/integration_guide/tfm_fpu_support.html) for MVE usage on the Non-Secure side. +Please refer to [TF-M documentation](https://trustedfirmware-m.readthedocs.io/en/latest/integration_guide/tfm_fpu_support.html) for MVE usage on the Non-Secure side. * `configENABLE_TRUSTZONE` This macro should be configured as 0 because TF-M doesn't use the secure context management function of FreeRTOS. New secure context management might be introduced when TF-M supports multiple secure context. From a74129b0e1dde4f554fb9c1661157c710b5be947 Mon Sep 17 00:00:00 2001 From: Rahul Kar Date: Wed, 4 Jun 2025 11:57:28 +0000 Subject: [PATCH 07/13] Add MD5 checksum verification --- .github/workflows/coverity_scan.yml | 20 ++++++++++++++++---- .github/workflows/kernel-demos.yml | 23 +++++++++++++++++------ 2 files changed, 33 insertions(+), 10 deletions(-) diff --git a/.github/workflows/coverity_scan.yml b/.github/workflows/coverity_scan.yml index 826a358b8c..0afc8e2e1f 100644 --- a/.github/workflows/coverity_scan.yml +++ b/.github/workflows/coverity_scan.yml @@ -42,10 +42,22 @@ jobs: # ${{ env.stepName }} echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}" - wget -nv -qO- https://scan.coverity.com/download/linux64 --post-data "token=${COVERITY_TOKEN}&project=FreeRTOS-Kernel" | tar -zx --one-top-level=cov_scan -C "$HOME" - echo "cov_scan_path=$HOME/cov_scan/bin" >> $GITHUB_ENV - echo "::endgroup::" - echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }} " + wget -nv -q -O "$HOME/cov-analysis.tar.gz" https://scan.coverity.com/download/linux64 --post-data="token=${COVERITY_TOKEN}&project=FreeRTOS-Kernel" + + EXPECTED_MD5="e4418004b073140d67390cffba79c3b2" + GENERATED_MD5=$(md5sum "$HOME/cov-analysis.tar.gz" | awk '{print $1}') + + if [ "$GENERATED_MD5" = "$EXPECTED_MD5" ]; then + tar -zxf "$HOME/cov-analysis.tar.gz" --one-top-level=cov_scan -C "$HOME" + echo "cov_scan_path=$HOME/cov_scan/bin" >> $GITHUB_ENV + sudo rm -f "$HOME/cov-analysis.tar.gz" + echo "::endgroup::" + echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }} " + else + echo -e "${{ env.bashFail }} MD5 checksum verification failed for cov-analysis.tar.gz ${{ env.bashEnd }}" + echo -e "${{ env.bashFail }} ${{ env.stepName }} ${{ env.bashEnd }}" + exit -1 + fi - env: stepName: Coverity Build diff --git a/.github/workflows/kernel-demos.yml b/.github/workflows/kernel-demos.yml index ec60f7d421..9371e9ceaa 100644 --- a/.github/workflows/kernel-demos.yml +++ b/.github/workflows/kernel-demos.yml @@ -160,12 +160,23 @@ jobs: sudo apt install -y p7zip-full pushd $HOME curl -L -o msp430-gcc-full-linux-x64-installer-9.3.1.2.7z https://dr-download.ti.com/software-development/ide-configuration-compiler-or-debugger/MD-LlCjWuAbzH/9.3.1.2/msp430-gcc-full-linux-x64-installer-9.3.1.2.7z - 7z x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.7z - chmod +x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run - sudo ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run --prefix /usr/bin/msp430-gcc --mode unattended - echo "::endgroup::" - popd - echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }}" + + EXPECTED_MD5="2db2f99b4cd5c541ca0389ee20c67527" + GENERATED_MD5=$(md5sum msp430-gcc-full-linux-x64-installer-9.3.1.2.7z | awk '{print $1}') + + if [ "$GENERATED_MD5" = "$EXPECTED_MD5" ]; then + 7z x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.7z + chmod +x ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run + sudo ./msp430-gcc-full-linux-x64-installer-9.3.1.2.run --prefix /usr/bin/msp430-gcc --mode unattended + echo "::endgroup::" + popd + echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }}" + else + popd + echo -e "${{ env.bashFail }} MD5 checksum verification failed for msp430-gcc-full-linux-x64-installer-9.3.1.2.7z ${{ env.bashEnd }}" + echo -e "${{ env.bashFail }} ${{ env.stepName }} ${{ env.bashEnd }}" + exit -1 + fi - name: Build msp430_GCC Demo shell: bash From 5ba917c3da84d915eed3f07327887b9b8c0c22bf Mon Sep 17 00:00:00 2001 From: Rahul Kar Date: Thu, 5 Jun 2025 09:23:16 +0000 Subject: [PATCH 08/13] Test to check failure path in MD5 checksum validation in coverity --- .github/workflows/coverity_scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coverity_scan.yml b/.github/workflows/coverity_scan.yml index 0afc8e2e1f..fe40799e56 100644 --- a/.github/workflows/coverity_scan.yml +++ b/.github/workflows/coverity_scan.yml @@ -44,7 +44,7 @@ jobs: wget -nv -q -O "$HOME/cov-analysis.tar.gz" https://scan.coverity.com/download/linux64 --post-data="token=${COVERITY_TOKEN}&project=FreeRTOS-Kernel" - EXPECTED_MD5="e4418004b073140d67390cffba79c3b2" + EXPECTED_MD5="e4418004b073140d67390cffba79c3b1" GENERATED_MD5=$(md5sum "$HOME/cov-analysis.tar.gz" | awk '{print $1}') if [ "$GENERATED_MD5" = "$EXPECTED_MD5" ]; then From e0a2dcd41e025f736d003b6f4bba388eda24102f Mon Sep 17 00:00:00 2001 From: Rahul Kar Date: Thu, 5 Jun 2025 09:39:24 +0000 Subject: [PATCH 09/13] Update yml file to trigger coverity scan --- .github/workflows/coverity_scan.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/coverity_scan.yml b/.github/workflows/coverity_scan.yml index fe40799e56..b1dd9b0cf2 100644 --- a/.github/workflows/coverity_scan.yml +++ b/.github/workflows/coverity_scan.yml @@ -3,6 +3,8 @@ on: # Run on every commit to mainline push: branches: main + pull_request: + branches: main # Allow manual running of the scan workflow_dispatch: From b5c643aad8e33ef26d5a96a8ab53f502dd8be2ff Mon Sep 17 00:00:00 2001 From: Rahul Kar Date: Thu, 5 Jun 2025 09:41:33 +0000 Subject: [PATCH 10/13] Revert to expected MD5 to see if check passes --- .github/workflows/coverity_scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coverity_scan.yml b/.github/workflows/coverity_scan.yml index b1dd9b0cf2..a040a60d78 100644 --- a/.github/workflows/coverity_scan.yml +++ b/.github/workflows/coverity_scan.yml @@ -46,7 +46,7 @@ jobs: wget -nv -q -O "$HOME/cov-analysis.tar.gz" https://scan.coverity.com/download/linux64 --post-data="token=${COVERITY_TOKEN}&project=FreeRTOS-Kernel" - EXPECTED_MD5="e4418004b073140d67390cffba79c3b1" + EXPECTED_MD5="e4418004b073140d67390cffba79c3b2" GENERATED_MD5=$(md5sum "$HOME/cov-analysis.tar.gz" | awk '{print $1}') if [ "$GENERATED_MD5" = "$EXPECTED_MD5" ]; then From 2dffbbe874865c5492b4c7c873238c848055409f Mon Sep 17 00:00:00 2001 From: Rahul Kar Date: Thu, 5 Jun 2025 10:03:30 +0000 Subject: [PATCH 11/13] Add verbose logs --- .github/workflows/coverity_scan.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/coverity_scan.yml b/.github/workflows/coverity_scan.yml index a040a60d78..47333d6198 100644 --- a/.github/workflows/coverity_scan.yml +++ b/.github/workflows/coverity_scan.yml @@ -44,11 +44,14 @@ jobs: # ${{ env.stepName }} echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}" - wget -nv -q -O "$HOME/cov-analysis.tar.gz" https://scan.coverity.com/download/linux64 --post-data="token=${COVERITY_TOKEN}&project=FreeRTOS-Kernel" + wget --verbose -O "$HOME/cov-analysis.tar.gz" https://scan.coverity.com/download/linux64 --post-data="token=${COVERITY_TOKEN}&project=FreeRTOS-Kernel" EXPECTED_MD5="e4418004b073140d67390cffba79c3b2" GENERATED_MD5=$(md5sum "$HOME/cov-analysis.tar.gz" | awk '{print $1}') + echo "Expected MD5: $EXPECTED_MD5" + echo "Generated MD5: $GENERATED_MD5" + if [ "$GENERATED_MD5" = "$EXPECTED_MD5" ]; then tar -zxf "$HOME/cov-analysis.tar.gz" --one-top-level=cov_scan -C "$HOME" echo "cov_scan_path=$HOME/cov_scan/bin" >> $GITHUB_ENV From be13ec9820d537877e861cb5eb19db961a2e604c Mon Sep 17 00:00:00 2001 From: Rahul Kar Date: Thu, 5 Jun 2025 10:10:02 +0000 Subject: [PATCH 12/13] Dummy check --- .github/workflows/coverity_scan.yml | 23 ++++------------------- 1 file changed, 4 insertions(+), 19 deletions(-) diff --git a/.github/workflows/coverity_scan.yml b/.github/workflows/coverity_scan.yml index 47333d6198..615c09283b 100644 --- a/.github/workflows/coverity_scan.yml +++ b/.github/workflows/coverity_scan.yml @@ -44,25 +44,10 @@ jobs: # ${{ env.stepName }} echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}" - wget --verbose -O "$HOME/cov-analysis.tar.gz" https://scan.coverity.com/download/linux64 --post-data="token=${COVERITY_TOKEN}&project=FreeRTOS-Kernel" - - EXPECTED_MD5="e4418004b073140d67390cffba79c3b2" - GENERATED_MD5=$(md5sum "$HOME/cov-analysis.tar.gz" | awk '{print $1}') - - echo "Expected MD5: $EXPECTED_MD5" - echo "Generated MD5: $GENERATED_MD5" - - if [ "$GENERATED_MD5" = "$EXPECTED_MD5" ]; then - tar -zxf "$HOME/cov-analysis.tar.gz" --one-top-level=cov_scan -C "$HOME" - echo "cov_scan_path=$HOME/cov_scan/bin" >> $GITHUB_ENV - sudo rm -f "$HOME/cov-analysis.tar.gz" - echo "::endgroup::" - echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }} " - else - echo -e "${{ env.bashFail }} MD5 checksum verification failed for cov-analysis.tar.gz ${{ env.bashEnd }}" - echo -e "${{ env.bashFail }} ${{ env.stepName }} ${{ env.bashEnd }}" - exit -1 - fi + wget --verbose -O- https://scan.coverity.com/download/linux64 --post-data "token=${COVERITY_TOKEN}&project=FreeRTOS-Kernel" | tar -zx --one-top-level=cov_scan -C "$HOME" + echo "cov_scan_path=$HOME/cov_scan/bin" >> $GITHUB_ENV + echo "::endgroup::" + echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }} " - env: stepName: Coverity Build From b604dad22bad8f3bcd0d98273becac093f2a0cef Mon Sep 17 00:00:00 2001 From: Rahul Kar Date: Thu, 5 Jun 2025 12:07:56 +0000 Subject: [PATCH 13/13] Revert back changes done for test --- .github/workflows/coverity_scan.yml | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/.github/workflows/coverity_scan.yml b/.github/workflows/coverity_scan.yml index 615c09283b..0afc8e2e1f 100644 --- a/.github/workflows/coverity_scan.yml +++ b/.github/workflows/coverity_scan.yml @@ -3,8 +3,6 @@ on: # Run on every commit to mainline push: branches: main - pull_request: - branches: main # Allow manual running of the scan workflow_dispatch: @@ -44,10 +42,22 @@ jobs: # ${{ env.stepName }} echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}" - wget --verbose -O- https://scan.coverity.com/download/linux64 --post-data "token=${COVERITY_TOKEN}&project=FreeRTOS-Kernel" | tar -zx --one-top-level=cov_scan -C "$HOME" - echo "cov_scan_path=$HOME/cov_scan/bin" >> $GITHUB_ENV - echo "::endgroup::" - echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }} " + wget -nv -q -O "$HOME/cov-analysis.tar.gz" https://scan.coverity.com/download/linux64 --post-data="token=${COVERITY_TOKEN}&project=FreeRTOS-Kernel" + + EXPECTED_MD5="e4418004b073140d67390cffba79c3b2" + GENERATED_MD5=$(md5sum "$HOME/cov-analysis.tar.gz" | awk '{print $1}') + + if [ "$GENERATED_MD5" = "$EXPECTED_MD5" ]; then + tar -zxf "$HOME/cov-analysis.tar.gz" --one-top-level=cov_scan -C "$HOME" + echo "cov_scan_path=$HOME/cov_scan/bin" >> $GITHUB_ENV + sudo rm -f "$HOME/cov-analysis.tar.gz" + echo "::endgroup::" + echo -e "${{ env.bashPass }} ${{ env.stepName }} ${{ env.bashEnd }} " + else + echo -e "${{ env.bashFail }} MD5 checksum verification failed for cov-analysis.tar.gz ${{ env.bashEnd }}" + echo -e "${{ env.bashFail }} ${{ env.stepName }} ${{ env.bashEnd }}" + exit -1 + fi - env: stepName: Coverity Build