Bug 1277228 - scan-builds for TC with information about libssl and freebl, r=ttaubert
authorFranziskus Kiefer <franziskuskiefer@gmail.com>
Wed, 06 Jul 2016 15:04:26 +0200
changeset 12361 bfdbb92d5d0147fc905693c2e35114b6be38a659
parent 12360 97a6fc5db60e3939a7afd1ee898db9350639ee26
child 12362 d81d6127781e334fd00479350af27fe8dc44c747
push id1374
push userfranziskuskiefer@gmail.com
push dateWed, 06 Jul 2016 13:05:02 +0000
reviewersttaubert
bugs1277228
Bug 1277228 - scan-builds for TC with information about libssl and freebl, r=ttaubert
automation/taskcluster/graph/tools/scan-build.yml
automation/taskcluster/scripts/run_scan_build.sh
new file mode 100644
--- /dev/null
+++ b/automation/taskcluster/graph/tools/scan-build.yml
@@ -0,0 +1,45 @@
+---
+- reruns: 0
+  task:
+    created: !from_now 0
+    deadline: !from_now 24
+    provisionerId: aws-provisioner-v1
+    workerType: hg-worker
+    schedulerId: task-graph-scheduler
+
+    metadata:
+      owner: !env TC_OWNER
+      source: !env TC_SOURCE
+      name: scan-build
+      description: scan-build
+
+    payload:
+      maxRunTime: 3600
+      image: ttaubert/nss-ci:0.0.17
+
+      artifacts:
+        public:
+          type: directory
+          path: /home/worker/artifacts
+          expires: !from_now 24
+
+      command:
+        - "/bin/bash"
+        - "-c"
+        - "bin/checkout.sh && nss/automation/taskcluster/scripts/run_scan_build.sh"
+
+      env:
+        NSS_HEAD_REPOSITORY: !env NSS_HEAD_REPOSITORY
+        NSS_HEAD_REVISION: !env NSS_HEAD_REVISION
+        GCC_VERSION: clang
+        GXX_VERSION: clang++
+        NSS_ENABLE_TLS_1_3: 1
+        USE_64: 1
+
+    extra:
+      treeherder:
+        build:
+          platform: nss-tools
+        machine:
+          platform: nss-tools
+        symbol: scan-build-3.8
new file mode 100755
--- /dev/null
+++ b/automation/taskcluster/scripts/run_scan_build.sh
@@ -0,0 +1,42 @@
+#!/usr/bin/env bash
+
+set -v -e -x
+
+if [ $(id -u) = 0 ]; then
+    source $(dirname $0)/tools.sh
+
+    # Set compiler.
+    switch_compilers
+
+    # Drop privileges by re-running this script.
+    exec su worker $0 $@
+fi
+
+# Clone NSPR if needed.
+if [ ! -d "nspr" ]; then
+    hg clone https://hg.mozilla.org/projects/nspr
+fi
+
+# Build.
+cd nss && make nss_build_all
+
+# we run scan-build on these folders
+declare -a scan=("lib/ssl" "lib/freebl")
+
+for i in "${scan[@]}"
+do
+   echo "cleaning $i ..."
+   find "$i" -name "*.OBJ" | xargs rm -fr
+done
+
+# run scan-build
+scan-build -o /home/worker/artifacts/ make nss_build_all && cd ..
+
+# print errors we found
+set +v +x
+for i in "${scan[@]}"
+do
+   n=$(grep -Rn "${i#*/}/" /home/worker/artifacts/*/index.html | wc -l)
+   # TODO: print FAILED/PASSED and set exit code for folders we expect to be clean
+   echo "$(date '+%T') WARNING - TEST-UNEXPECTED-FAIL: $i contains $n scan-build errors"
+done