Ilya, Willy, Am 28.01.21 um 17:19 schrieb Илья Шипицин: > something went wrong > > https://github.com/haproxy/haproxy/runs/1781046618?check_suite_focus=true#step:4:40 >
During dinner I had an idea how to fix this without introducing much additional complexity, I simply modify the Makefile in the Coverity workflow before starting the Coverity check. For the DEBUG variable this is fairly clean. I have tested the patch in my fork to make sure that HAProxy builds with the proper options. I *could not* test with Coverity. You can find the build log here: https://github.com/TimWolla/haproxy/runs/1786232933?check_suite_focus=true You can see that the 'Run Coverity Scan' step works and that it includes the necessary defines. Ilya: Can you please test the patch with Coverity in your fork? Best regards Tim Düsterhus
>From 2ea3507f42c1c62b50f40cbb8eeaed3c62db4b13 Mon Sep 17 00:00:00 2001 From: Tim Duesterhus <[email protected]> Date: Thu, 28 Jan 2021 18:58:53 +0100 Subject: [PATCH] CI: Fix the coverity builds To: [email protected] Cc: [email protected], [email protected] In an attempt to fix the use of DEBUG_STRICT commit 7f0f4786d1927f1450392e871480e3122796024e unfortunately broke the Coverity builds completely. It turns out that Coverity does not properly handle quoting within `COVERITY_SCAN_BUILD_COMMAND`, instead breaking up single arguments at whitespace, thus passing `-DDEBUG_USE_ABORT=1` to `make` as-is. Fix this issue by hijacking the Makefile within the Coverity workflow. We simply replace the default value of the `DEBUG` option with whatever values we need. The build command now only includes the TARGET and USE_* flags, each of which works without any spaces. --- .github/workflows/coverity.yml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml index 78d98bc8e..4fbe295eb 100644 --- a/.github/workflows/coverity.yml +++ b/.github/workflows/coverity.yml @@ -17,7 +17,7 @@ jobs: COVERITY_SCAN_PROJECT_NAME: 'Haproxy' COVERITY_SCAN_BRANCH_PATTERN: '*' COVERITY_SCAN_NOTIFICATION_EMAIL: '[email protected]' - COVERITY_SCAN_BUILD_COMMAND: "make CC=clang DEBUG='-DDEBUG_STRICT=1 -DDEBUG_USE_ABORT=1' TARGET=linux-glibc USE_ZLIB=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_LUA=1 USE_OPENSSL=1 USE_SYSTEMD=1 USE_WURFL=1 WURFL_INC=contrib/wurfl WURFL_LIB=contrib/wurfl USE_DEVICEATLAS=1 DEVICEATLAS_SRC=contrib/deviceatlas USE_51DEGREES=1 51DEGREES_SRC=contrib/51d/src/pattern" + COVERITY_SCAN_BUILD_COMMAND: "make CC=clang TARGET=linux-glibc USE_ZLIB=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_LUA=1 USE_OPENSSL=1 USE_SYSTEMD=1 USE_WURFL=1 WURFL_INC=contrib/wurfl WURFL_LIB=contrib/wurfl USE_DEVICEATLAS=1 DEVICEATLAS_SRC=contrib/deviceatlas USE_51DEGREES=1 51DEGREES_SRC=contrib/51d/src/pattern" steps: - uses: actions/checkout@v2 - name: Install apt dependencies @@ -26,9 +26,16 @@ jobs: sudo apt-get install -y \ liblua5.3-dev \ libsystemd-dev + - name: Hijack Makefile + run: | + # We cannot pass the DEBUG variable in `COVERITY_SCAN_BUILD_COMMAND`, + # because Coverity splits parameters at whitespaces, without taking + # quoting into account. + sed -i 's/^DEBUG =$/DEBUG = -DDEBUG_STRICT=1 -DDEBUG_USE_ABORT=1/' Makefile + - name: Build WURFL + run: make -C contrib/wurfl - name: Run Coverity Scan env: COVERITY_SCAN_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} run: | - make -C contrib/wurfl curl -fsSL "https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh"; | bash || true -- 2.29.0
