Adding Coverity Reports to Continuous Integration pipeline using Jenkins

Hi all,

A recent interesting activity assigned to me at work, once again brought out the mechanic in me 🙂 I’m the sort of guy who likes to get his hands dirty with a various tools to get my tasks done and I was excited and rearing to go!

Task : Query the coverity server after every coverity build and display a table of outstanding issues (consisting of high, medium & low impact defect count in various modules) within the Jenkins email notifications.

Hmmm… This is a simple one I felt.. The overconfident me 😉

I quickly jotted down my plan!!

  • Query Coverity Server to get the list of outstanding issues.
  • Export queries to excel sheets
  • Use some simple logic to get total impact count of issues
  • Append table & send mail!

Though the task on the outset looked like a fairly simple one, on closer evaluation it seemed that there were some challenges in it. For a start the coverity server did not have a good query mechanism provided by means of %installation_folder%/bin/cov-manage-im.exe. The query gave us a list of issues with 8 fields i.e  stream name, cid, checker, status, classification,  owner, severity & action.

There was no field which stated the ‘Impact’ of the issue! How could this happen I thought. I tried querying the server in many different ways. No good! To make things worse I was not able to get the filenames in the same query along with 8 other fields.

The overconfidence melted completely after spending almost a day experimenting with various queries and not finding the optimum one… The best I could get was 2 queries  :-

  • Query 1 : Gave me a csv with list of files with the above mentioned 8 fields

“C:\Program Files\Coverity\Coverity Static Analysis\bin\cov-manage-im.exe” –mode defects –stream %stream_name% –host %hostname% –port 8080 –user%username%  –password %password%  –show –status New –status Triaged –action “Undecided” –action “Fix Required” –action “Fix Submitted” –action “Modeling Required” >%path to csv%\detailed_query.csv


  • Query 2 : Gave me a list of filenames one below the other.

 “C:\Program Files\Coverity\Coverity Static Analysis\bin\cov-manage-im.exe” –mode defects –stream %stream_name% –host %hostname% –port 8080 –user %username% –password %password% –show –fields file –status New –status Triaged –action “Undecided” –action “Fix Required” –action “Fix Submitted” –action “Modeling Required” > %path to csv%\issues_filenames.csv


From csv1(Query 1) we get a Column named “Checker” with various fields in it. There is a reference document provided in C:\Coverity\Coverity Static Analysis\doc\en\cov_checker_ref.pdf. This gives a mapping of the impact for the given Checker Field.

So with the help of these 3 files I was able to create a summary report something like this. I filled in the Legacy defects part and this will serve as a benchmark for further builds.

Summary_Report1 (1)

Suspense!!  – I will not reveal all my secrets of how I proceeded on my job from this point onwards. It is quite obvious that I used some sort of scripting language to automate my tasks namely :-

  1. Run queries to get 2 csv files.
  2. Compare the checkers with the checker ref file and assign an impact to it
  3. Use some logic to get the final count of high impact, medium impact and low impact issues.
  4. Populate the summary report which for me was in excel(xls) format.
  5. Embed this report within Jenkins email notification
  6. Send mail 😀 😀

I assure you that the learning curve is higher when you figure out how to do these tasks…Each in one’s own style will be able to innovate and find awesome solutions :).

This task sure was a reminder to me that challenges in IT are not how it seems. It might be a simple thing that you might be asked off. Never be overconfident or underconfident … Just wear a smile on your face and say “Yes.. I will do it…After an initial evaluation of the task” 🙂

You’re generous feedback and comments are always welcome. If you run into any roadblocks do let me know.



2 responses to “Adding Coverity Reports to Continuous Integration pipeline using Jenkins

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s