Travis CI +使用Gradle进行Coverity扫描

时间:2016-10-07 06:51:41

标签: java gradle travis-ci coverity

我已成功setup a project使用Travis CI进行构建和测试。现在我正在尝试添加Coverity Scan。

我创建了一个名为coverity_scan的分支,并将其设置为覆盖度构建。在我将提交推送到此分支后,我可以在Travis CI构建控制台中看到Coverity工具开始执行其工作:

Coverity Scan analysis selected for branch coverity_scan.
Coverity Scan analysis authorized per quota.

...

Running Coverity Scan Analysis Tool...

Travis构建成功,在Coverity build-log.txt文件中我看到了:

2016-10-06T21:02:39.132946Z|cov-build|2665|info|> 
2016-10-06T21:02:39.132946Z|cov-build|2665|info|> Build time (cov-build overall): 00:01:36.812431
2016-10-06T21:02:39.132946Z|cov-build|2665|info|> 
2016-10-06T21:02:39.134719Z|cov-build|2665|info|> Build time (Java emits total): 00:01:07.595656
2016-10-06T21:02:39.134719Z|cov-build|2665|info|> 
2016-10-06T21:02:39.134719Z|cov-build|2665|info|> 
2016-10-06T21:02:39.134763Z|cov-build|2665|info|> Emitted 30 Java compilation units (100%) successfully
2016-10-06T21:02:39.134763Z|cov-build|2665|info|> [WARNING] Recoverable errors were encountered during 1 of these Java compilation units.
2016-10-06T21:02:39.134763Z|cov-build|2665|info|> 
2016-10-06T21:02:39.134763Z|cov-build|2665|info|> 30 Java compilation units (100%) are ready for analysis
2016-10-06T21:02:39.134763Z|cov-build|2665|info|>  For more details, please look at: 
2016-10-06T21:02:39.134763Z|cov-build|2665|info|>     /home/travis/build/Edvinas01/chat-rooms/server/cov-int/build-log.txt

但是,在完成此操作后,我在项目Coverity仪表板中看不到任何已提交的构建或更改。项目状态保持在pending

我已按照this指南设置我的.travis.yml文件,如下所示:

language: java
jdk:
  - oraclejdk8
before_script:
  - cd server
  - chmod +x gradlew
script:
  # Run tests when not on coverity branch.
  - if [ ${COVERITY_SCAN_BRANCH} != 1 ]; then
      ./gradlew check;
    fi
cache:
  directories:
  - ~/.gradle
after_success:
  # Upload coveralls when not on coverity branch.
  - if [ ${COVERITY_SCAN_BRANCH} != 1 ]; then
      ./gradlew cobertura coveralls;
    else
      cat cov-int/build-log.txt;
    fi
notifications:
  email:
    on_success: change
env:
  matrix:
    - TERM=dumb
  global:
    # COVERITY_SCAN_TOKEN
    - secure: "<TOKEN>"
before_install:
  - echo -n | openssl s_client -connect scan.coverity.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca-
addons:
  coverity_scan:
    project:
      name: "Edvinas01/chat-rooms"
      description: "Build submitted via Travis CI"
    notification_email: "<EMAIL>"
    build_command_prepend: "./gradlew clean"
    build_command: "./gradlew build"
branch_pattern: coverity_scan

我是否必须指定一些其他配置才能发布我的Coverity版本?

2 个答案:

答案 0 :(得分:2)

花了一些时间,用java和封面分析工具创建了一个虚拟机。拉动我的项目并运行该工具后,我在日志中注意到了这一点:

[WARNING] No files were emitted. This may be due to a problem with your configuration
or because no files were actually compiled by your build command.

在摆弄了很多东西并查看其他项目之后,我发现这是由于Gradle版本。我的项目正在使用3.0,因此我降级为2.14.1,最终似乎正在运作。

答案 1 :(得分:1)

对于什么是值得的,将Coverity与任何Gradle版本一起使用没有问题,只要您确保不使用该守护进程(只是为了确保您可以在命令行中指定--no-daemon) 。

也就是说,还有其他一些容易遗漏的问题,导致错误信息不太明显。

有用的背景信息,请参阅Caleb的回答:

Can't get Coverity Scan to work (Java/Kotlin/Gradle 3.3 on Windows and Travis)

对于工作示例,您可以参考此项目:

https://github.com/ddimtirov/nuggets