Versions Compared

Old Version 1

changes.mady.by.user Ray O'Meara

Saved on

compared with

New Version Current

changes.mady.by.user Ray O'Meara

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Use the following options to integrate Coverity into an ADO pipeline:

  • All-in-one Script
    Add a traditional BAC script as a task in a job under ADO.

  • Individual Tasks 
    Split each BAC step into separate tasks in a job under ADO.

  • Task Group -
    Construct a template of tasks with variables as inputs that can be added directly to the job.

  • Pipeline YAML file 
    CI as code, where the steps are specified in a YAML file, committed to SCM and called from the source repository.

Using a script

This method uses an all-in-one script to do the Coverity BAC as a single task.

...

Code Block
set COVHOST=localhost
set STREAM=hello-java
set IDIR=$(Build.SourcesDirectory)/idir
set AUTHKEY=C:/Tools/Coverity/Analysis/commit-authkey
set COVBIN=C:/Tools/Coverity/Analysis/2019.03/bin
   
%COVBIN%/cov-build --dir %IDIR% --fs-capture-search $(Build.SourcesDirectory) mvn -B clean package -DskipTests
   
%COVBIN%/cov-import-scm --dir %IDIR% --scm git
    
%COVBIN%/cov-analyze --dir %IDIR% --strip-path $(Build.SourcesDirectory) --all --enable-callgraph-metrics --webapp-security
    
%COVBIN%/cov-commit-defects --dir %IDIR% --host %COVHOST% --auth-key-file %AUTHKEY% --stream %STREAM% --description $(Build.BuildURI) --target Windows_x86_64 --version $(Build.SourceVersion)

Using tasks

This method is similar to the all-in-one script but it breaks each step into separate tasks and uses variables: 

  1. Create a New Pipeline

  2. Enter Source Repository

  3. Use Empty Job Template

  4. Add the following, Under the Variables tab:

    • cov.authkey

    • cov.bin

    • cov.host

    • cov.idir

    • cov.stream

  5. Add separate Command Line tasks to Job for cov-build, cov-analyzeand cov-commit-defects.

    Cov-build

    Code Block
    cov-build --dir $(cov.idir) mvn -B clean package -DskipTests

    Cov-analyze

    Code Block
    cov-analyze --dir $(cov.idir) --all --enable-callgraph-metrics --webapp-security

    Cov-commit-defects

    Code Block
    cov-commit-defects --dir $(cov.idir) --host $(cov.host) --auth-key-file $(cov.authkey) --stream $(cov.stream) --description $(Build.BuildURI) --target Windows_x86_64 --version $(Build.SourceVersion)

Using a task group

Newer versions of TFS support task groups that enable you to construct a set of tasks as per the above step, and then export as a JSON file that you can import into other build pipelines.  

Using a YAML file

To set up a YAML based Coverity BAC, commit the following to your repository and then create a new build pipeline, selecting configuration as code and coverity.yml as the YAML source.

...