blob: a4f64d12834b125303c531c87f7b67c5edacaa0b [file] [log] [blame]
# syntax=docker/dockerfile:1.0.0-experimental
#
# Docker setup for running the "Coverity Scan" tools over the source
# tree and uploading them to the website, as per
# https://scan.coverity.com/projects/qemu/builds/new
# We do this on a fixed config (currently Fedora 30 with a known
# set of dependencies and a configure command that enables a specific
# set of options) so that random changes don't result in our accidentally
# dropping some files from the scan.
#
# We don't build on top of the fedora.docker file because we don't
# want to accidentally change or break the scan config when that
# is updated.
# The work of actually doing the build is handled by the
# run-coverity-scan script.
FROM fedora:30
ENV PACKAGES \
alsa-lib-devel \
bc \
bison \
brlapi-devel \
bzip2 \
bzip2-devel \
ccache \
clang \
curl \
cyrus-sasl-devel \
dbus-daemon \
device-mapper-multipath-devel \
findutils \
flex \
gcc \
gcc-c++ \
gettext \
git \
glib2-devel \
glusterfs-api-devel \
gnutls-devel \
gtk3-devel \
hostname \
libaio-devel \
libasan \
libattr-devel \
libblockdev-mpath-devel \
libcap-devel \
libcap-ng-devel \
libcurl-devel \
libepoxy-devel \
libfdt-devel \
libgbm-devel \
libiscsi-devel \
libjpeg-devel \
libpmem-devel \
libnfs-devel \
libpng-devel \
librbd-devel \
libseccomp-devel \
libssh-devel \
libubsan \
libudev-devel \
libusbx-devel \
libxml2-devel \
libzstd-devel \
llvm \
lzo-devel \
make \
mingw32-bzip2 \
mingw32-curl \
mingw32-glib2 \
mingw32-gmp \
mingw32-gnutls \
mingw32-gtk3 \
mingw32-libjpeg-turbo \
mingw32-libpng \
mingw32-libtasn1 \
mingw32-nettle \
mingw32-nsis \
mingw32-pixman \
mingw32-pkg-config \
mingw32-SDL2 \
mingw64-bzip2 \
mingw64-curl \
mingw64-glib2 \
mingw64-gmp \
mingw64-gnutls \
mingw64-gtk3 \
mingw64-libjpeg-turbo \
mingw64-libpng \
mingw64-libtasn1 \
mingw64-nettle \
mingw64-pixman \
mingw64-pkg-config \
mingw64-SDL2 \
ncurses-devel \
nettle-devel \
nss-devel \
numactl-devel \
perl \
perl-Test-Harness \
pixman-devel \
pulseaudio-libs-devel \
python3 \
python3-sphinx \
PyYAML \
rdma-core-devel \
SDL2-devel \
snappy-devel \
sparse \
spice-server-devel \
systemd-devel \
systemtap-sdt-devel \
tar \
texinfo \
usbredir-devel \
virglrenderer-devel \
vte291-devel \
wget \
which \
xen-devel \
xfsprogs-devel \
zlib-devel
ENV QEMU_CONFIGURE_OPTS --python=/usr/bin/python3
RUN dnf install -y $PACKAGES
RUN rpm -q $PACKAGES | sort > /packages.txt
ENV PATH $PATH:/usr/libexec/python3-sphinx/
ENV COVERITY_TOOL_BASE=/coverity-tools
COPY run-coverity-scan run-coverity-scan
RUN --mount=type=secret,id=coverity.token,required ./run-coverity-scan --update-tools-only --tokenfile /run/secrets/coverity.token