1# syntax=docker/dockerfile:1.0.0-experimental 2# 3# Docker setup for running the "Coverity Scan" tools over the source 4# tree and uploading them to the website, as per 5# https://scan.coverity.com/projects/qemu/builds/new 6# We do this on a fixed config (currently Fedora 30 with a known 7# set of dependencies and a configure command that enables a specific 8# set of options) so that random changes don't result in our accidentally 9# dropping some files from the scan. 10# 11# We don't build on top of the fedora.docker file because we don't 12# want to accidentally change or break the scan config when that 13# is updated. 14 15# The work of actually doing the build is handled by the 16# run-coverity-scan script. 17 18FROM fedora:30 19ENV PACKAGES \ 20 alsa-lib-devel \ 21 bc \ 22 bison \ 23 brlapi-devel \ 24 bzip2 \ 25 bzip2-devel \ 26 ccache \ 27 clang \ 28 curl \ 29 cyrus-sasl-devel \ 30 dbus-daemon \ 31 device-mapper-multipath-devel \ 32 findutils \ 33 flex \ 34 gcc \ 35 gcc-c++ \ 36 gettext \ 37 git \ 38 glib2-devel \ 39 glusterfs-api-devel \ 40 gnutls-devel \ 41 gtk3-devel \ 42 hostname \ 43 libaio-devel \ 44 libasan \ 45 libattr-devel \ 46 libblockdev-mpath-devel \ 47 libcap-devel \ 48 libcap-ng-devel \ 49 libcurl-devel \ 50 libepoxy-devel \ 51 libfdt-devel \ 52 libgbm-devel \ 53 libiscsi-devel \ 54 libjpeg-devel \ 55 libpmem-devel \ 56 libnfs-devel \ 57 libpng-devel \ 58 librbd-devel \ 59 libseccomp-devel \ 60 libssh-devel \ 61 libubsan \ 62 libudev-devel \ 63 libusbx-devel \ 64 libxml2-devel \ 65 libzstd-devel \ 66 llvm \ 67 lzo-devel \ 68 make \ 69 mingw32-bzip2 \ 70 mingw32-curl \ 71 mingw32-glib2 \ 72 mingw32-gmp \ 73 mingw32-gnutls \ 74 mingw32-gtk3 \ 75 mingw32-libjpeg-turbo \ 76 mingw32-libpng \ 77 mingw32-libtasn1 \ 78 mingw32-nettle \ 79 mingw32-nsis \ 80 mingw32-pixman \ 81 mingw32-pkg-config \ 82 mingw32-SDL2 \ 83 mingw64-bzip2 \ 84 mingw64-curl \ 85 mingw64-glib2 \ 86 mingw64-gmp \ 87 mingw64-gnutls \ 88 mingw64-gtk3 \ 89 mingw64-libjpeg-turbo \ 90 mingw64-libpng \ 91 mingw64-libtasn1 \ 92 mingw64-nettle \ 93 mingw64-pixman \ 94 mingw64-pkg-config \ 95 mingw64-SDL2 \ 96 ncurses-devel \ 97 nettle-devel \ 98 nss-devel \ 99 numactl-devel \ 100 perl \ 101 perl-Test-Harness \ 102 pixman-devel \ 103 pulseaudio-libs-devel \ 104 python3 \ 105 python3-sphinx \ 106 PyYAML \ 107 rdma-core-devel \ 108 SDL2-devel \ 109 snappy-devel \ 110 sparse \ 111 spice-server-devel \ 112 systemd-devel \ 113 systemtap-sdt-devel \ 114 tar \ 115 texinfo \ 116 usbredir-devel \ 117 virglrenderer-devel \ 118 vte291-devel \ 119 wget \ 120 which \ 121 xen-devel \ 122 xfsprogs-devel \ 123 zlib-devel 124ENV QEMU_CONFIGURE_OPTS --python=/usr/bin/python3 125 126RUN dnf install -y $PACKAGES 127RUN rpm -q $PACKAGES | sort > /packages.txt 128ENV PATH $PATH:/usr/libexec/python3-sphinx/ 129ENV COVERITY_TOOL_BASE=/coverity-tools 130COPY run-coverity-scan run-coverity-scan 131RUN --mount=type=secret,id=coverity.token,required ./run-coverity-scan --update-tools-only --tokenfile /run/secrets/coverity.token 132