Google Git
Sign in
qemu / qemu / 85ff0e956bf26a93c92e4dca8f6257613269a0cf / . / scripts / coverity-scan / coverity-scan.docker
blob: a349578526dada209825f1df8bc0a6b5ab38f3ad [file] [log] [blame]
# syntax=docker/dockerfile:1.0.0-experimental
#
# Docker setup for running the "Coverity Scan" tools over the source
# tree and uploading them to the website, as per
# https://scan.coverity.com/projects/qemu/builds/new
# We do this on a fixed config (currently Fedora 30 with a known
# set of dependencies and a configure command that enables a specific
# set of options) so that random changes don't result in our accidentally
# dropping some files from the scan.
#
# We don't build on top of the fedora.docker file because we don't
# want to accidentally change or break the scan config when that
# is updated.
# The work of actually doing the build is handled by the
# run-coverity-scan script.
FROM registry.fedoraproject.org/fedora:37
RUN dnf install -y nosync && \
echo -e '#!/bin/sh\n\
if test -d /usr/lib64\n\
then\n\
export LD_PRELOAD=/usr/lib64/nosync/nosync.so\n\
else\n\
export LD_PRELOAD=/usr/lib/nosync/nosync.so\n\
fi\n\
exec "$@"' > /usr/bin/nosync && \
chmod +x /usr/bin/nosync && \
nosync dnf update -y && \
nosync dnf install -y \
SDL2-devel \
SDL2_image-devel \
alsa-lib-devel \
bash \
bc \
bison \
brlapi-devel \
bzip2 \
bzip2-devel \
ca-certificates \
capstone-devel \
ccache \
clang \
ctags \
cyrus-sasl-devel \
daxctl-devel \
dbus-daemon \
device-mapper-multipath-devel \
diffutils \
findutils \
flex \
fuse3-devel \
gcc \
gcc-c++ \
gcovr \
genisoimage \
gettext \
git \
glib2-devel \
glib2-static \
glibc-langpack-en \
glibc-static \
glusterfs-api-devel \
gnutls-devel \
gtk3-devel \
hostname \
jemalloc-devel \
json-c-devel \
libaio-devel \
libasan \
libattr-devel \
libbpf-devel \
libcacard-devel \
libcap-ng-devel \
libcmocka-devel \
libcurl-devel \
libdrm-devel \
libepoxy-devel \
libfdt-devel \
libffi-devel \
libgcrypt-devel \
libiscsi-devel \
libjpeg-devel \
libnfs-devel \
libpmem-devel \
libpng-devel \
librbd-devel \
libseccomp-devel \
libselinux-devel \
libslirp-devel \
libssh-devel \
libtasn1-devel \
libubsan \
liburing-devel \
libusbx-devel \
libzstd-devel \
llvm \
lttng-ust-devel \
lzo-devel \
make \
mesa-libgbm-devel \
meson \
ncurses-devel \
nettle-devel \
ninja-build \
nmap-ncat \
numactl-devel \
openssh-clients \
pam-devel \
pcre-static \
pixman-devel \
pkgconfig \
pulseaudio-libs-devel \
python3 \
python3-PyYAML \
python3-numpy \
python3-opencv \
python3-pillow \
python3-pip \
python3-sphinx \
python3-sphinx_rtd_theme \
rdma-core-devel \
rpm \
sed \
snappy-devel \
socat \
sparse \
spice-protocol \
spice-server-devel \
systemd-devel \
systemtap-sdt-devel \
tar \
tesseract \
tesseract-langpack-eng \
usbredir-devel \
util-linux \
virglrenderer-devel \
vte291-devel \
which \
xen-devel \
xfsprogs-devel \
zlib-devel \
zlib-static \
zstd && \
nosync dnf autoremove -y && \
nosync dnf clean all -y && \
rpm -qa | sort > /packages.txt && \
mkdir -p /usr/libexec/ccache-wrappers && \
ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/c++ && \
ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/cc && \
ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/clang && \
ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/g++ && \
ln -s /usr/bin/ccache /usr/libexec/ccache-wrappers/gcc
ENV CCACHE_WRAPPERSDIR "/usr/libexec/ccache-wrappers"
ENV LANG "en_US.UTF-8"
ENV MAKE "/usr/bin/make"
ENV NINJA "/usr/bin/ninja"
ENV PYTHON "/usr/bin/python3"
ENV QEMU_CONFIGURE_OPTS --meson=internal
RUN dnf install -y curl wget
ENV COVERITY_TOOL_BASE=/coverity-tools
COPY coverity_tool.tgz coverity_tool.tgz
RUN mkdir -p /coverity-tools/coverity_tool && cd /coverity-tools/coverity_tool && tar xf /coverity_tool.tgz
COPY run-coverity-scan run-coverity-scan