Examples for bundling the Coverity analysis toolkit into a base image and using an entrypoint.sh to automatically scan the specified repo/branch.
Instructions
- Copy one of the example Dockerfiles and entrypoint.sh
- Optionally change FROM in Dockerfile to meet your needs
- Copy your Coverity license and analysis installer
- Build the image via
docker build --build-arg VERSION=2023.3.0 -t coverity-scan .
- Scan a repo via
docker run --rm -e COV_URL=YOUR_COV_URL -e COV_USER=YOUR_COV_USER -e COVERITY_PASSPHRASE=YOUR_COVERITY_PASSPHRASE \
coverity-scan https://github.com/WebGoat/WebGoat.git develop