[Build-System] Add a Dockerfile for Coverity scan.

diff --git a/docker/coverity/Dockerfile b/docker/coverity/Dockerfile
new file mode 100644 (file)
index 0000000..7f3fb92
--- /dev/null
+++ b/docker/coverity/Dockerfile
@@ -0,0 +1,49 @@
+FROM debian:bookworm-20241202\r
+MAINTAINER Andrey Volk <andrey@signalwire.com>\r
+\r
+ARG REPOTOKEN\r
+ARG COVERITYTOKEN\r
+\r
+RUN apt-get update && \\r
+    DEBIAN_FRONTEND=noninteractive apt-get -yq install \\r
+    wget gnupg2 dos2unix apt-transport-https lsb-release git\r
+RUN echo "machine freeswitch.signalwire.com login signalwire password ${REPOTOKEN}" > /etc/apt/auth.conf\r
+RUN wget --http-user=signalwire --http-password=${REPOTOKEN} -O /usr/share/keyrings/signalwire-freeswitch-repo.gpg https://freeswitch.signalwire.com/repo/deb/debian-release/signalwire-freeswitch-repo.gpg \r
+RUN echo "deb [signed-by=/usr/share/keyrings/signalwire-freeswitch-repo.gpg] https://freeswitch.signalwire.com/repo/deb/debian-release/ `lsb_release -sc` main" > /etc/apt/sources.list.d/freeswitch.list\r
+RUN echo "deb-src [signed-by=/usr/share/keyrings/signalwire-freeswitch-repo.gpg] https://freeswitch.signalwire.com/repo/deb/debian-release/ `lsb_release -sc` main" >> /etc/apt/sources.list.d/freeswitch.list\r
+RUN apt-get update\r
+RUN apt-get -y build-dep freeswitch\r
+RUN mkdir /data\r
+\r
+ENV PATH="/coverity/cov-analysis-linux64/bin:${PATH}"\r
+\r
+RUN echo "#!/bin/bash\n\\r
+wget https://scan.coverity.com/download/linux64 --post-data \"token=${COVERITYTOKEN}&project=FreeSWITCH\" -O /coverity_tool.tgz\n\\r
+COVERITYFOLDER=\$(tar -tf /coverity_tool.tgz | head -n1)\n\\r
+mkdir -p /coverity\n\\r
+tar zxvf /coverity_tool.tgz -C /coverity/\n\\r
+cd /coverity\n\\r
+mv \$COVERITYFOLDER cov-analysis-linux64\n\\r
+apt-get update && apt-get -y build-dep freeswitch\n\\r
+apt-get install -y libv8-6.1-dev\n\\r
+cd /\n\\r
+git clone https://github.com/signalwire/freeswitch -b "\$FSBRANCH"\n\\r
+cd /freeswitch\n\\r
+git status\n\\r
+mkdir modules\n\\r
+cd modules\n\\r
+../debian/bootstrap.sh -c bookworm\n\\r
+cd ..\n\\r
+./bootstrap.sh\n\\r
+cp ./modules/modules_.conf ./modules.conf\n\\r
+./configure\n\\r
+cov-build --dir cov-int make -j\$(nproc)\n\\r
+tar czvf /data/freeswitch.tgz cov-int\n "\\r
+>> /run.sh\r
+\r
+RUN echo /run.sh\r
+\r
+WORKDIR /data\r
+RUN chmod 755 /run.sh\r
+RUN dos2unix /run.sh\r
+CMD ["/run.sh"]
\ No newline at end of file

diff --git a/docker/coverity/README.md b/docker/coverity/README.md
new file mode 100644 (file)
index 0000000..aef36d0
--- /dev/null
+++ b/docker/coverity/README.md
@@ -0,0 +1,23 @@
+# Coverity scan
+
+## Build an image for Coverity
+```
+docker build -t coverity --build-arg REPOTOKEN=<signalwire token> --build-arg COVERITYTOKEN=<coverity token> .
+```
+
+## Scan FreeSWITCH using a Coverity image
+```
+docker run --rm -itv .:/data -e FSBRANCH="master" coverity
+```
+
+This will output `freeswitch.tgz` file to the current folder
+
+## Uploading the result to the Coverity server
+```
+curl --form token=<coverity token> \
+  --form email=andrey@signalwire.com \
+  --form file=@freeswitch.tgz \
+  --form version="Version" \
+  --form description="Description" \
+  https://scan.coverity.com/builds?project=FreeSWITCH
+```
\ No newline at end of file