[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 1/1] CI: add code coverage analysis

On Thu, May 25, 2017 at 08:44:48PM -0300, Claudio André wrote:
Em 25/05/2017 03:49, Martin Kletzander escreveu:
On Thu, May 25, 2017 at 01:14:36AM -0300, claudioandre br gmail com
From: Claudio André <claudioandre br gmail com>

It builds the code coverage report and uploads the coverage data to a
web service in order to allow to track libvirt's code coverage over

You can add the links from the cover letter right here.  It is below the
'---' marker, so it won't be part of the commit message, but it is also
before the first 'diff --git', so it won't be considered part of the
patch either.  Just like the stats below.

Thanks for the information

+  - 'if [ -n "${COVERAGE}" ]; then
+        make -j3 cov;
+        coveralls-lcov --repo-token ${COVERALLS_TOKEN}

I like this, but I have no idea where COVERALLS_TOKEN comes from.

The Token comes from coveralls.io site.
1. create your/libvirt account on coveralls (using GitHub credentials)
2. enable the libvirt repository and you will be able to see a field
named: REPO TOKEN.
3. then, using Travis website (or Travis CLI tool, I prefer the first
for this case) you save the token ciphered.

Oh, so it's saved in your profile on the travis website.  That makes
sense.  I was just wondering where this environment variable gets
defined, that's it.  And I didn't check the documentation because I
didn't like the fact that coveralls.io wanted _write_ access to my
commit messages and repositories, so I didn't sign up.  And their
documentation seems pretty sparse when you're not logged in.

For Coveralls, click here and there and you will find your way to enable
the repository and get the token (probably
For Travis: https://travis-ci.org/YOUR_NICK/libvirt/settings, you'll see
"Environment Variables" and the add button.

 How do we make sure that no user branches will post stuff to the
coveralls.io site?

Because Travis save the token ciphered, nobody else can see the token.
In fact, if you save it using the site, it does not exist even in the
.travis.yml file.
And if Travis, Coveralls, ..., are compromised, you can easily
regenerate the Token fast enough to avoid damage.

Sorry if the message sounds, umm, pedantic.


Attachment: signature.asc
Description: Digital signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]