On 26 Apr 2024, at 10:57, Simon Horman wrote:
> On Tue, Apr 16, 2024 at 09:44:52AM +0200, Eelco Chaudron wrote: >> This patch adds a daily Coverity run for the OVS main branch >> to the GitHub actions. The result of the runs can be found here: >> >> https://scan.coverity.com/projects/openvswitch >> >> Before applying, we need to add the following two actions secrets >> to the GitHub openvswitch project: >> >> - COVERITY_SCAN_TOKEN; The secret token from the project page >> - COVERITY_SCAN_EMAIL; The maintainer's email alias >> >> Signed-off-by: Eelco Chaudron <echau...@redhat.com> > > Hi Eelco, > > I'm fine with this patch in it's current form. > > Acked-by: Simon Horman <ho...@ovn.org> > > But I do have a few questions. > > 1. Would it be useful to provide instructions to > allow people to become involved in addressing warnings? > > It seems that a signup to scan.coverity.com is required > to see information on warnings. I think my idea was for now to only enable this for maintainers, which I think is how they do it for DPDK also (or people who contribute to a specific area a lot). Trying to maintain a list of all user interested so they can access might be too much (but we could try if we really want to). The goal of the patch was, that if they wanted to, they could put in the secrets and it would run on their fork. > 2. Is there any plan to address warnings? If someone is interested in the work that would be nice. I’ll try if I get any time, but no commitments right now. At least we should find new issues and can ask patch submitters to look at their introduced issue. > 3. See below. > >> --- >> .github/workflows/coverity.yml | 131 +++++++++++++++++++++++++++++++++ >> Makefile.am | 1 + >> README.rst | 2 + >> 3 files changed, 134 insertions(+) >> create mode 100644 .github/workflows/coverity.yml >> >> diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml >> new file mode 100644 >> index 000000000..ae28920de >> --- /dev/null >> +++ b/.github/workflows/coverity.yml >> @@ -0,0 +1,131 @@ >> +name: Coverity scan >> +on: >> + schedule: >> + - cron: '0 0 * * *' >> + >> +env: >> + python_default: 3.12 >> + >> +jobs: >> + build-dpdk: >> + env: >> + dependencies: gcc libbpf-dev libnuma-dev libpcap-dev ninja-build >> pkgconf >> + CC: gcc >> + DPDK_GIT: https://dpdk.org/git/dpdk >> + DPDK_VER: 23.11 >> + name: dpdk gcc >> + outputs: >> + dpdk_key: ${{ steps.gen_dpdk_key.outputs.key }} >> + runs-on: ubuntu-22.04 >> + timeout-minutes: 30 >> + >> + steps: >> + - name: checkout >> + uses: actions/checkout@v4 >> + >> + - name: update PATH >> + run: | >> + echo "$HOME/bin" >> $GITHUB_PATH >> + echo "$HOME/.local/bin" >> $GITHUB_PATH >> + >> + - name: create ci signature file for the dpdk cache key >> + # This will collect most of DPDK related lines, so hash will be >> different >> + # if something changed in a way we're building DPDK including >> DPDK_VER. >> + # This also allows us to use cache from any branch as long as version >> + # and a way we're building DPDK stays the same. >> + run: | >> + cat .ci/dpdk-* > dpdk-ci-signature >> + grep -rwE 'DPDK_GIT|DPDK_VER' .github/ >> dpdk-ci-signature >> + if [ "${DPDK_VER##refs/*/}" != "${DPDK_VER}" ]; then >> + git ls-remote --heads $DPDK_GIT $DPDK_VER >> dpdk-ci-signature >> + fi >> + cat dpdk-ci-signature >> + >> + - name: generate ci DPDK key >> + id: gen_dpdk_key >> + env: >> + ci_key: ${{ hashFiles('dpdk-ci-signature') }} >> + run: echo 'key=dpdk-${{ env.ci_key }}' >> $GITHUB_OUTPUT > > The above two steps seem both complex and somewhat different to > the implementation in build-and-test.yml. > > Would it be worth introducing some sort of helper to generate > the key? Perhaps a script that lives in .ci/ It looks the same in my tree, as I copied it from that file :) But I think as Ilya mentioned, we might be able to use some GitHub action composition, but need to play with this and make it work from within the same repository. >> + >> + - name: cache >> + id: dpdk_cache >> + uses: actions/cache@v4 >> + with: >> + path: dpdk-dir >> + key: ${{ steps.gen_dpdk_key.outputs.key }} > > ... _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
