Coverity and Blackduck checks

Setup

Coverity is running inside a docker container within the pipeline. To run the coverity checks the pipeline uses three different stages, i.e. “Coverity Build”, “Coverity Analyze” and “Coverity Commit”.

For Blackduck Jenkins usese plugin within the pipeline. To run the Blackduck checks the pipeline uses the “Blackduck Scan” stage.

Pipeline configuration

Currently they are triggered by a nightly build which is configured through a cron job. If you want to change it for another branch or time just find the following lines in the jenkinsfile and configure it as you like:

triggers {
    gitlab(triggerOnPush: true, triggerOnMergeRequest: true, branchFilterType: 'All')
    cron('develop' == env.BRANCH_NAME ? '0 2 * * *' : '')
}

Every stage ensures that it is only triggered through a “TimerTrigger”. If you want to change that behaviour configure the following code lines:

when {
    allOf {
        branch 'develop'
        triggeredBy('TimerTrigger')
    }
}

If you want to see the findings use the blackduck or coverity hub to show them.