coverity code checker in Extras
Warren Togami
wtogami at redhat.com
Fri Sep 1 09:16:10 UTC 2006
Dan Williams wrote:
>
> I think the easiest solution at the current time is to run the Coverity
> scans on one or two parallel machines that harvest successful build
> results from the actual Extras buildsystem, and which non-Red Hat people
> don't have shell access to. Furthermore, this ensures that released
> Extras packages are fully externally reproducible, since the Coverity
> scanner sits between the build scripts and GCC. The web-based reports
> portal would be still be accessible to package maintainers of course.
>
> Like Warren says, then there's no slowdown for the build system, we stay
> clear of any difficult contractual or legal issues related to access to
> Coverity binaries, and the packages are completely externally
> reproducible.
This is an important addition to my previous stated rationale.
In Thursday's Extras and Infrastructure meetings, both committees favor
the asynchronous approach run outside of the Fedora Project. This
should be a parallel service operated by and within Red Hat on Fedora
repositories.
I will talk with Max about this when he returns next Tuesday.
Warren Togami
wtogami at redhat.com
More information about the fedora-extras-list
mailing list