SERVER-108544 update to latest coverity version (#40738) (#40818)

GitOrigin-RevId: bbdb887c2ac94424af0ee8fcaad39203bdf98671
2025-09-08 15:55:33 -05:00 · 2025-09-08 15:55:33 -05:00 · 667c242e00
parent 108e985666
commit 667c242e00
4 changed files with 37 additions and 51 deletions
--- a/bazel/coverity/BUILD.bazel
+++ b/bazel/coverity/BUILD.bazel
@ -1,5 +1,5 @@
 py_binary(
-    name = "generate_coverity_command",
-    srcs = ["generate_coverity_command.py"],
+    name = "generate_coverity_targets",
+    srcs = ["generate_coverity_targets.py"],
    visibility = ["//visibility:public"],
 )
--- a/bazel/coverity/generate_coverity_targets.py
+++ b/bazel/coverity/generate_coverity_targets.py
@ -31,34 +31,11 @@ proc = subprocess.run(
 )

 print(proc.stderr)
-print(proc.stdout)

 targets = set()
-for line in proc.stdout.splitlines():
-    if line.startswith("  Target: "):
-        targets.add(line.split()[-1])
+with open('coverity_targets.list', 'w') as f: 
+    for line in proc.stdout.splitlines():
+        if line.startswith("  Target: "):
+            f.write(line.split()[-1] + "\n")


-enterprise_coverity_dir = os.path.join("src", "mongo", "db", "modules", "enterprise", "coverity")
-os.makedirs(enterprise_coverity_dir, exist_ok=True)
-with open(os.path.join(enterprise_coverity_dir, "BUILD.bazel"), "w") as buildfile:
-    buildfile.write("""\
-load("@rules_coverity//coverity:defs.bzl", "cov_gen_script")
-cov_gen_script(
-    name="enterprise_coverity_build",
-    testonly=True,
-    tags=["coverity"],
-    deps=[
-""")
-    for target in targets:
-        buildfile.write(
-            """\
-        "%s",
-"""
-            % target
-        )
-
-    buildfile.write("""\
-    ],
-)
-""")
--- a/etc/evergreen_yml_components/variants/coverity.yml
+++ b/etc/evergreen_yml_components/variants/coverity.yml
@ -2,7 +2,7 @@ buildvariants:
  - name: bv_coverity_analysis
    display_name: Coverity Analysis
    # Don't run Coverity analysis as part of patch builds
-    patchable: false
+    patchable: true
    allow_for_git_tag: false
    # Run at 4 am UTC everyday
    cron: "0 4 * * *"
@ -72,12 +72,12 @@ tasks:
          module_name: devprod_coverity
      - func: f_coverity_build
        timeout_secs: 10800 # Idle timeout of 3 hours
-      - func: f_analyze
-        vars:
-          module_prefix: ${workdir}/devprodCoveritySrc
-          module_name: devprod_coverity
-        timeout_secs: 10800 # Idle timeout of 3 hours
-      - func: f_commit
-        vars:
-          module_prefix: ${workdir}/devprodCoveritySrc
-          module_name: devprod_coverity
+      # - func: f_analyze
+      #   vars:
+      #     module_prefix: ${workdir}/devprodCoveritySrc
+      #     module_name: devprod_coverity
+      #   timeout_secs: 10800 # Idle timeout of 3 hours
+      # - func: f_commit
+      #   vars:
+      #     module_prefix: ${workdir}/devprodCoveritySrc
+      #     module_name: devprod_coverity
--- a/evergreen/coverity_build.sh
+++ b/evergreen/coverity_build.sh
@ -6,6 +6,13 @@ cd src

 set -eo pipefail

+covIdir="$workdir/covIdir"
+if [ -d "$covIdir" ]; then
+  echo "covIdir already exists, meaning idir extracted after download from S3"
+else
+  mkdir $workdir/covIdir
+fi
+
 activate_venv
 # number of parallel jobs to use for build.
 # Even with scale=0 (the default), bc command adds decimal digits in case of multiplication. Division by 1 gives us a whole number with scale=0
@ -14,20 +21,22 @@ build_config="--config=local --jobs=$bazel_jobs --compiler_type=gcc --opt=off --
 bazel_query='mnemonic("CppCompile|LinkCompile", filter(//src/mongo, deps(//:install-core)) except //src/mongo/db/modules/enterprise/src/streams/third_party/...)'
 bazel_cache="--output_user_root=$workdir/bazel_cache"

-python bazel/coverity/generate_coverity_command.py --bazel_executable="bazel" --bazel_cache=$bazel_cache --bazel_query="$bazel_query" $build_config --noinclude_artifacts
+python bazel/coverity/generate_coverity_targets.py --bazel_executable="bazel" --bazel_cache=$bazel_cache --bazel_query="$bazel_query" $build_config --noinclude_artifacts
 bazel $bazel_cache build $build_config --build_tag_filters=gen_source //src/...
-bazelBuildCommand="bazel $bazel_cache build $build_config //src/mongo/db/modules/enterprise/coverity:enterprise_coverity_build"
-echo "Bazel Build Command: $bazelBuildCommand"
-covIdir="$workdir/covIdir"
-if [ -d "$covIdir" ]; then
-  echo "covIdir already exists, meaning idir extracted after download from S3"
-else
-  mkdir $workdir/covIdir
-fi
-$workdir/coverity/bin/cov-build --dir "$covIdir" --verbose 0 -j $bazel_jobs --return-emit-failures --parse-error-threshold=99 --bazel $bazelBuildCommand
-ret=$?
-if [ $ret -ne 0 ]; then
+
+buildCommand="bazel \
+    $bazel_cache \
+    build \
+    $build_config \
+    --target_pattern_file=coverity_targets.list"
+echo Building $buildCommand
+cat coverity_targets.list
+if ! $workdir/coverity/bin/cov-build --dir "$covIdir" --verbose 0 -j $bazel_jobs --return-emit-failures --parse-error-threshold=99 --bazel \
+  $buildCommand; then
+  ret=$?
  echo "cov-build failed with exit code $ret"
+  cat $covIdir/replay-log.txt
+  exit $ret
 else
  echo "cov-build was successful"
 fi