From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andrew Cooper <andrew.cooper3@citrix.com>
Subject: Re: [PATCH] scripts: Add a script to build and submit
	to coverity.
Date: Thu, 10 Dec 2015 17:52:52 +0000
Message-ID: <5669BBF4.1000305@citrix.com>
References: <1449766401-31434-1-git-send-email-ian.campbell@citrix.com>
	<5669B155.2010905@citrix.com>
	<22121.47872.686135.711210@mariner.uk.xensource.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <22121.47872.686135.711210@mariner.uk.xensource.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Ian Jackson <Ian.Jackson@eu.citrix.com>
Cc: Ian Campbell <ian.campbell@citrix.com>, jbeulich@suse.com, xen-devel@lists.xen.org
List-Id: xen-devel@lists.xenproject.org

On 10/12/15 17:48, Ian Jackson wrote:
> Andrew Cooper writes ("Re: [PATCH] scripts: Add a script to build and submit to coverity."):
>> On 10/12/15 16:53, Ian Campbell wrote:
>>> ijc: Maybe we can think of a way to add this to osstest while still
>>> keeping the coverity token private?
>> This would be ideal.
> It doesn't sound particularly hard, apart from this wrinkle.
>
>>> +# Set $COV_EMAIL and $COV_TOKEN to credentials, otherwise it will
> ...
>>> +    declare -a curl_args
>>> +    curl_args+=("--form" "token=$COV_TOKEN")
>>> +    curl_args+=("--form" "email=$COV_EMAIL")
>>> +    curl_args+=("--form" "file=@$COV_TARBALL")
>>> +    curl_args+=("--form" "version=$COV_VERSION")
>>> +    curl_args+=("--form" "description=$COV_HEAD")
>>> +    curl_args+=("https://scan.coverity.com/builds?project=XenProject")
> Is there a way to do this that does not involve the authentication
> token being passed on curl's command line ?
>
> Ideally there would be a way to get it to read the token from a file
> in $HOME.  We could then provide the token in ~osstest in the
> production colo.

One way or another, the authentication token needs to be in a post
header.  How this script and `curl` make it happen is open to improvement.

Perhaps something like this? (Completely untested)

--form token=@~osstest/coverity-secret-token

~Andrew