forked from fair-acc/chart-fx
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.travis.yml
75 lines (70 loc) · 3.84 KB
/
.travis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
language: java
os: linux
dist: xenial
jdk:
- openjdk11
before_install:
# setup pgp signing key
- if [ -n "$GPG_KEY" ]; then echo $GPG_KEY | base64 --decode | $GPG_EXECUTABLE --import; fi
- if [ -n "$GPG_KEY" ]; then echo $GPG_OWNERTRUST | base64 --decode | $GPG_EXECUTABLE --import-ownertrust; fi
# setup version information
- if [ "$TRAVIS_PULL_REQUEST" = "false" ]; then export REVISION=${TRAVIS_BRANCH}; else export REVISION=${TRAVIS_BRANCH}PR${TRAVIS_PULL_REQUEST}; fi
- if [[ -z "$TRAVIS_TAG" || ! "$TRAVIS_TAG" =~ ^11\.[0-9]*\.[0-9]*$ ]]; then export CHANGELIST=-SNAPSHOT; fi
# download coverity tools and determine if extended scans should be performed
- export COVERITY_RESULTS_ARCHIVE=coverity_report.tar.bz2
- if [ "$TRAVIS_EVENT_TYPE" == "cron" ]; then export COVERITY_SCAN_VERSION="cron"; else if [[ "$TRAVIS_TAG" =~ ^11\.[0-9]*\.[0-9]*$ ]]; then export COVERITY_SCAN_VERSION="$TRAVIS_TAG"; else if [ "$TRAVIS_BRANCH" == "coverity_scan" ]; then export COVERITY_SCAN_VERSION="$TRAVIS_BRANCH"; fi; fi; fi
- echo "detected coverity scan export name ='${COVERITY_SCAN_VERSION}'"
- |-2
if [ -n "$COVERITY_SCAN_VERSION" ]; then
if [ ! -x "$HOME/cov-analysis-linux64-2019.03/bin/cov-build" ]; then
wget https://scan.coverity.com/download/java/Linux --post-data "token=${COVERITY_TOKEN}&project=chart-fx" -O coverity_tool.tgz
tar xzf coverity_tool.tgz --directory $HOME;
else
echo "coverity tool already present"
fi
fi
- sudo apt-get install jq
install:
# Compile, test and install to local m2 repository
- mvn --settings .maven.xml install -Dgpg.skip=true -Dmaven.javadoc.skip=true -B -V -Drevision=${REVISION} -Dchangelist=${CHANGELIST}
script:
# deploy maven project if credentials are available
- if [ -n "$GPG_KEY" ]; then mvn clean deploy --settings .maven.xml -Prelease -Drevision=${REVISION} -Dchangelist=${CHANGELIST}; fi
after_success:
# create and upload coverage report
- mvn jacoco:report-aggregate
- if [ -n "$CODACY_API_TOKEN" ]; then mvn -pl chartfx-report codacy:coverage; fi
- bash <(curl -s https://codecov.io/bash) -s chartfx-report/target/site/jacoco-aggregate/
# upload runtime data to perform exhaustive statical analysis on coverity if enabled for this build
- echo "TRAVIS_EVENT_TYPE = '${TRAVIS_EVENT_TYPE}' TRAVIS_BRANCH = '${TRAVIS_BRANCH}' TRAVIS_TAG = '${TRAVIS_TAG}'"
- |-2
if [ -n "$COVERITY_SCAN_VERSION" ]; then
echo "coverity scan triggered as COVERITY_SCAN_VERSION = '${COVERITY_SCAN_VERSION}'";
if [ -x "$HOME/cov-analysis-linux64-2019.03/bin/cov-build" ]; then
echo "coverity tool is present";
$HOME/cov-analysis-linux64-2019.03/bin/cov-build --dir cov-int mvn clean compile;
tar cjf $COVERITY_RESULTS_ARCHIVE cov-int;
if [ -n "$COVERITY_SCAN_VERSION" ]; then
curl --form token=${COVERITY_TOKEN} \
--form email=$COVERITY_SCAN_NOTIFICATION_EMAIL \
--form file=@$COVERITY_RESULTS_ARCHIVE \
--form version=$COVERITY_SCAN_VERSION \
--form description="Description" \
https://scan.coverity.com/builds?project=chart-fx;
echo "coverity scan submitted as COVERITY_SCAN_VERSION = '${COVERITY_SCAN_VERSION}'";
else
echo "coverity scan not submitted - COVERITY_SCAN_VERSION = '${COVERITY_SCAN_VERSION}'";
fi
else
echo "coverity tool is not present"
fi
else
echo "coverity scan not triggered for COVERITY_SCAN_VERSION = '${COVERITY_SCAN_VERSION}'"
fi
# check for vulnerable dependencies. Only performed in certain builds because downloading the CVE database takes a lot of time
- if [ -n "$COVERITY_SCAN_VERSION" ]; then mvn dependency-check:aggregate@owaspcheck; fi
# cache maven artifacts
cache:
directories:
- $HOME/.m2
- $HOME/cov-analysis-linux64-2019.03