From 4edf5729cf6b5a7af51a1d921910a186308937a4 Mon Sep 17 00:00:00 2001 From: Timo Sairiala Date: Tue, 14 Nov 2023 13:57:12 +0200 Subject: [PATCH] Run coverity --- .../workflows/tii-depthai-ctrl-coverity.yaml | 31 ++++++++++++++----- Dockerfile.coverity | 20 ++++++++++-- 2 files changed, 41 insertions(+), 10 deletions(-) diff --git a/.github/workflows/tii-depthai-ctrl-coverity.yaml b/.github/workflows/tii-depthai-ctrl-coverity.yaml index 89af33e..5ed842f 100644 --- a/.github/workflows/tii-depthai-ctrl-coverity.yaml +++ b/.github/workflows/tii-depthai-ctrl-coverity.yaml @@ -1,7 +1,7 @@ name: tii-depthai-ctrl-coverity on: - repository_dispatch: + workflow_dispatch: push: branches: - main @@ -11,26 +11,43 @@ jobs: coverity: runs-on: depthai-ctrl-self-hosted-coverity steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: submodules: recursive + - name: Login to GitHub Container Registry uses: docker/login-action@v2 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 with: driver: docker + - name: Build and push - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . file: Dockerfile.coverity push: false - tags: dephai_ctrl_coverity:latest + tags: depthai_ctrl_coverity:latest + - name: Run coverity scan - run: - docker run --rm -e PROJECT_NAME=${{ github.event.repository.name }} dephai_ctrl_coverity:latest + run: | + docker run --rm \ + -e PROJECT_NAME=${{ github.event.repository.name }} \ + -v "$(pwd):/main_ws/src" \ + depthai_ctrl_coverity:latest + + - name: Update summary + run: | + cat cov-analyze-result.txt >> $GITHUB_STEP_SUMMARY + + - name: Upload coverity scan results + uses: actions/upload-artifact@v3 + with: + name: coverity-html-report-${{ github.event.repository.name }} + path: coverity-output diff --git a/Dockerfile.coverity b/Dockerfile.coverity index 2eb5f57..c23bc9c 100644 --- a/Dockerfile.coverity +++ b/Dockerfile.coverity @@ -1,8 +1,22 @@ -FROM ghcr.io/tiiuae/fog-ros-baseimage-builder-coverity:main +FROM --platform=${BUILDPLATFORM:-linux/amd64} ghcr.io/tiiuae/fog-ros-baseimage-builder-coverity:sha-4da4f0d AS builder + +RUN apt update \ + && apt install -y --no-install-recommends \ + curl RUN curl https://artifacts.luxonis.com/artifactory/luxonis-depthai-data-local/network/yolo-v4-tiny-tf_openvino_2021.4_6shave.blob \ -o /tmp/yolo-v4-tiny-tf_openvino_2021.4_6shave.blob -COPY . /main_ws/src/ +# There is a file at /sdk_install/sysroots/core2-64-oe-linux/usr/include/depthai-shared/common/optional.hpp which has the +# which has the line '#include "tl/optional.hpp"', change it to this with sed: '#include "depthai-shared/3rdparty/tl/optional.hpp"' +RUN YOCTO_TARGET_ARCH=$(/packaging/arch_translation.sh ${TARGETARCH:-amd64}) && \ + sed -i 's/#include "tl\/optional.hpp"/#include "depthai-shared\/3rdparty\/tl\/optional.hpp"/g' /sdk_install/sysroots/${YOCTO_TARGET_ARCH}-oe-linux/usr/include/depthai-shared/common/optional.hpp && \ + sed -i 's/#include "tl\/optional.hpp"/#include "depthai-shared\/3rdparty\/tl\/optional.hpp"/g' /sdk_install/sysroots/${YOCTO_TARGET_ARCH}-oe-linux/usr/include/depthai/pipeline/Node.hpp + +# CV Bridge cmake file has host contamination, which leads to failure in the build. +# This hardcoded path will be different for each of the build. So, the sed command should find the place using OpenCV_CONFIG_PATH and OpenCV_INSTALL_PATH tags +RUN YOCTO_TARGET_ARCH=$(/packaging/arch_translation.sh ${TARGETARCH:-amd64}) && \ + sed -i 's/set(OpenCV_CONFIG_PATH .*)/set(OpenCV_CONFIG_PATH \/sdk_install\/sysroots\/${YOCTO_TARGET_ARCH}-oe-linux\/usr\/lib\/cmake\/opencv4)/g' /sdk_install/sysroots/${YOCTO_TARGET_ARCH}-oe-linux/usr/share/cv_bridge/cmake/cv_bridge-extras.cmake && \ + sed -i 's/set(OpenCV_INSTALL_PATH .*)/set(OpenCV_INSTALL_PATH \/sdk_install\/sysroots\/${YOCTO_TARGET_ARCH}-oe-linux\/usr)/g' /sdk_install/sysroots/${YOCTO_TARGET_ARCH}-oe-linux/usr/share/cv_bridge/cmake/cv_bridge-extras.cmake -RUN /packaging/build.sh +WORKDIR /main_ws