-
Notifications
You must be signed in to change notification settings - Fork 55
/
Copy pathcoverity-bac.yml
62 lines (62 loc) · 2.26 KB
/
coverity-bac.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
# example pipeline for Coverity scans using the Synopsys Coverity extension and a classic BAC
# https://marketplace.visualstudio.com/items?itemName=synopsys-coverity.synopsys-coverity-azure-devops
trigger:
- main
pool:
vmImage: ubuntu-latest
variables:
- group: poc222.coverity.synopsys.com
- name: COVERITY_TOOL_HOME
value: $(Agent.TempDirectory)/$(COVERITY_TOOLKIT)
steps:
- task: JavaToolInstaller@0
displayName: 'Use Java 17'
inputs:
versionSpec: 17
jdkArchitectureOption: x64
jdkSourceOption: PreInstalled
- task: Maven@4
displayName: 'Maven Build'
inputs:
options: '-B -DskipTests'
- bash: |
curl -fLsS --user $COV_USER:$COVERITY_PASSPHRASE $COVERITY_URL/downloadFile.htm?fn=$COVERITY_TOOLKIT.tar.gz | tar -C $(Agent.TempDirectory) -xzf -
curl -fLsS --user $COV_USER:$COVERITY_PASSPHRASE -o $COVERITY_TOOL_HOME/bin/license.dat $COVERITY_URL/downloadFile.htm?fn=license.dat
$COVERITY_TOOL_HOME/bin/cov-configure --java
$COVERITY_TOOL_HOME/bin/cov-configure --javascript
env:
COV_USER: $(COV_USER)
COVERITY_PASSPHRASE: $(COVERITY_PASSPHRASE)
displayName: 'Coverity Download'
- task: synopsys-coverity@1
displayName: 'Coverity Scan'
inputs:
coverityService: 'poc222.coverity.synopsys.com'
allowUntrusted: true
projectName: '$(Build.Repository.Name)'
streamName: '$(Build.Repository.Name)-$(Build.SourceBranchName)'
checkIssues: true
issueView: 'Outstanding Issues'
issueStatus: 'unstable'
buildCommand: 'mvn -B -DskipTests clean package'
customCommandArgs: true
covBuildArgs: '--fs-capture-search $(Build.SourcesDirectory)'
covAnalyzeArgs: '--ticker-mode none --strip-path $(Build.SourcesDirectory) --webapp-security'
covCommitArgs: '--ticker-mode none --description $(Build.BuildURI) --version $(Build.SourceVersion) --scm git'
- task: CopyFiles@2
displayName: 'Copy Log Files'
condition: succeededOrFailed()
enabled: false
inputs:
Contents: |
idir/build-log.txt
idir/output/analysis-log.txt
TargetFolder: '$(Build.ArtifactStagingDirectory)'
flattenFolders: true
- task: PublishBuildArtifacts@1
displayName: 'Publish Log Files'
condition: succeededOrFailed()
enabled: false
inputs:
PathtoPublish: '$(Build.ArtifactStagingDirectory)'
ArtifactName: 'logs'