-
Notifications
You must be signed in to change notification settings - Fork 2
/
.gitlab-ci.yml
51 lines (48 loc) · 1.58 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
stages:
- coverity
variables:
COVERITY_IMAGE: $CI_COVERITY_IMAGE
COVERITY_SERVER: $CI_COVERITY_SERVER
COVERITY_AUTH_KEY_FILE: $CI_COVERITY_AUTH_KEY_FILE
limani:
stage: coverity
image: $COVERITY_IMAGE
before_script:
- chmod 400 $COVERITY_AUTH_KEY_FILE
- stream="limani_master"
script:
- cov-build --config ./coverity/config.xml --dir ./coverity/scan/ --fs-capture-search ./src --no-command
- cov-analyze --dir ./coverity/scan/ --strip-path $PWD --all
- cov-commit-defects
--dir ./coverity/scan/
--url $COVERITY_SERVER
--stream $stream
--version $CI_COMMIT_SHORT_SHA
--auth-key-file $COVERITY_AUTH_KEY_FILE
only:
refs:
- main
changes:
- src/**/*
blackduck:
stage: scan
image: debian:bullseye-slim
before_script:
- apt-get update && apt-get install -y bash curl
- apt-get install -y openjdk-11-jdk
script:
- bash <(curl -s -L https://detect.synopsys.com/detect8.sh)
--blackduck.url=${BLACKDUCK_URL}
--blackduck.api.token=${BLACKDUCK_TOKEN}
--blackduck.trust.cert=true
--blackduck.offline.mode=false
--detect.project.codelocation.unmap=true
--detect.project.name="limani"
--detect.project.version.name="24.2.0"
--detect.tools=SIGNATURE_SCAN,IMPACT_ANALYSIS,DETECTOR,DOCKER
--detect.blackduck.signature.scanner.individual.file.matching=ALL
--detect.blackduck.signature.scanner.license.search=true
--detect.impact.analysis.enabled=true
--detect.diagnostic=false
--detect.timeout=600
--logging.level.com.synopsys.integration=DEBUG