mbox series

[RFC,0/2] ci: allow running Coverity Scan uploads via GitLab

Message ID 20240304220631.943130-1-pbonzini@redhat.com
Headers show
Series ci: allow running Coverity Scan uploads via GitLab | expand

Message

Paolo Bonzini March 4, 2024, 10:06 p.m. UTC 
The machine that is used to upload QEMU builds to Coverity is used daily
as a development machine by Emanuele and myself, and as a result sometimes
its podman/docker setup gets messed up.  When this happens, Coverity
uploads might stop for extended periods of time.

In the interest of tightening this and of depending less on infrastructure
maintained by specific people, replace the manually-managed crontab
entry with a new job in GitLab's CI; this is also what Libvirt does.
The rules to trigger it are a bit different compared to other jobs:

* on mainline, it only runs for the default (master) branch and only
  as part of scheduled pipeline runs.  A rule is added to remove all
  other jobs when running from a scheduled pipeline.

* on forks, it is always manual (and only appears if QEMU_CI=1 or 2,
  like other build jobs)

For now I implemented these rules directly in the buildtest.yml file,
but it is also possible to add a QEMU_JOB_SCHEDULE variable.

Example of a working run: https://gitlab.com/bonzini/qemu/-/jobs/6312777493

Example of a run that is over quota: https://gitlab.com/bonzini/qemu/-/jobs/6315895373
This run shows an attempt to cancel the job if the quota is exceeded, but
it does not work (it worked on GitLab <17.0) so I removed it from the patch.

Paolo

Paolo Bonzini (2):
  run-coverity-scan: add --check-upload-only option
  gitlab-ci: add manual job to run Coverity

 .gitlab-ci.d/base.yml                   |  4 ++
 .gitlab-ci.d/buildtest.yml              | 36 +++++++++++++++++
 scripts/coverity-scan/run-coverity-scan | 51 ++++++++++++++++++-------
 3 files changed, 78 insertions(+), 13 deletions(-)