vdk-coverity: Adding Coverity Scan #2753
Conversation
shanmathik
force-pushed
the
person/skailasam/vdk-coverity
branch
from
e6306c1
to
8fb15a5
Compare
… of SDL procedure.
for more information, see https://pre-commit.ci
shanmathik
force-pushed
the
person/skailasam/vdk-coverity
branch
from
a0c7278
to
82ec20f
Compare
|
Please add Testing Done secttion (with link to the successful pipeline that ran the coverity job) . Please also describe better what is coverity scanning providing for the project. Why would it be useful to have it in a bit more details. And lastly please document the new CICD variables in https://github.com/vmware/versatile-data-kit/wiki/Gitlab-CICD |
|
Why? What? How has this been tested? What type of change are you making? |
|
That's great description. Please do put it in the PR description. The PR description is used as the commit message when merging |
|
How do I actually see the report? |
$COVERITY_SCAN_PROJECT_NAME variable has been replaced with versatile-data-kit.
antoniivanov
changed the title
Why?
The coverity scan is a SAST scan which is required for every product or service to conform to Vmware SDL procedures.
What?
This job constitutes of a script which downloads the coverity-analysis. Untars the analysis file and then executes the build for various projects to create intermediate folder within the vdk repo. It then combines the intermediate folder and uploads it to the https://scan.coverity.com/.
How has this been tested?
Coverity Scan Test:
The job was triggered to run from a rule based on commit on a private branch and the link for successful pipeline run is here:https://gitlab.com/vmware-analytics/versatile-data-kit/-/pipelines/1024643834.
Only change was the commit branch has been changed to point to main instead of a specific branch before merging.
What type of change are you making?
The change is in the gitlab-ci.yaml file where a new job has been added as part of the existing pipeline configuration. This will create a new stage/job when it is triggered.