How To
Register an ONAP project on Coverity Scan service
Use Jenkins to submit builds for Coverity Scan evaluation periodically
Add the following job project to appropriate yaml config. E.g. for SO (https://git.onap.org/ci-management/tree/jjb/so/so.yaml):
| Code Block |
|---|
|
- project:
name: 'so-coverity'
jobs:
- onap-gerrit-maven-coverity
cron: '@daily'
build-node: 'ubuntu1604-builder-4c-4g'
project: 'so'
project-name: 'so'
branch: 'master'
mvn-settings: 'so-settings'
mvn-params: '-Dmaven.test.skip=true'
coverity-project-name: 'onap-so'
coverity-token: 'PUT YOUR COVERITY PROJECT TOKEN HERE'
coverity-user-email: 'PUT YOUR COVERITY USER EMAIL HERE' |
Access defect details
Reference Coverity defect ID in commit message
| Code Block |
|---|
|
Coverity: CID-12345, CID-67890 |
Reduce amount of defects
Mark Coverity defect as "not-a-bug"
- Go to "Triage" section on the right panel of "View Defects" page.
- Set "Action" to "Ignore" and "Apply".
If you have "Maintainer/Owner" permissions for a project:
- Go to "Project Setting" tab on project page and click "Edit".
- Check "Exclude Findbugs Defects " and "Submit".
Disable tests analysis
Modify "mvn-params" attribute of appropriate Jenkins job to skip build of the tests:
| Code Block |
|---|
|
- project:
name: 'so-coverity'
mvn-params: '-Dmaven.test.skip=true'
... |
See also
