Setting up Klocwork with Containers (Linux)
| In this topic: |
Setting up your container to run Klocwork Analysis
- Open ports if you are running a server
- Depending on the underlining system you want to run, choose one of the below docker files to build. Replace the RUN wget URL location to a valid one of the kwbuildtools package. You can add any addition dependencies you need to build your project in the indicated line.
Example: Running Klocwork Analysis on Debian based Linux (for example Ubuntu 20.04):
FROM ubuntu:20.04 # Install Klocwork Dependencies RUN apt update RUN apt install -y lib32ncurses6 lib32ncurses6 numactl libaio1 lsb-core # Install compiler dependencies. This will depend on the source being built # This example installs gcc/g++ 8 RUN apt install -y build-essential gcc-8 g++-8 gcc-8-multilib g++-8-multilib # Get Klocwork build tools package and unzip to a location # This example uses 'wget' to get the installer from an internally hosted Klocwork Portal RUN apt install -y wget unzip RUN mkdir /klocwork WORKDIR /klocwork RUN wget http://klocwork.<yourURL.com>:8080/portal/downloads/kwbuildtools.20.2.0.89.linux64.zip && unzip kwbuildtools.20.2.0.89.linux64.zip && rm kwbuildtools.20.2.0.89.linux64.zip
FROM fedora:32 # Install Klocwork Dependencies RUN yum update -y RUN yum install -y libaio numactl-libs libnsl # Install compiler dependencies. This will depend on the source being built # This example installs gcc/g++ RUN yum install -y gcc-c++ # Get Klocwork build tools package and unzip to a location # This example uses 'wget' to get the installer from an internally hosted Klocwork Portal RUN yum install -y wget unzip RUN mkdir /klocwork WORKDIR /klocwork RUN wget http://klocwork.<yourURL.com>:8080/portal/downloads/kwbuildtools.20.2.0.89.linux64.zip && unzip kwbuildtools.20.2.0.89.linux64.zip && rm kwbuildtools.20.2.0.89.linux64.zip
After completing one of the example above, build the image:
docker build --tag klocwork-buildtools:20.2 .
This builds the base image klocwork-buildtools:20.2.
Data Persistency
When running Klocwork analysis, you may want to store Klocwork build specification and analysis data outside the container (such as your buildspec, tracefiles, tables, .kwlp/.kwps, and projects_root). If your kwbuildproject command uses the --increment parameter, then the --tables-directory must be preserved from analysis to analysis. Similarly, if your native build is incremental, then the build specification must be preserved from build to build. The following example outputs these files to the /project/klocwork_data folder on the host machine. Once the image is built, you can run the container with:
docker run --rm -v /project/src:/project/src -v /project/klocwork_data:/klocwork_data klocwork-buildtools:20.2 sh -c "cd /project/src && /klocwork/kwbuildtools/bin/kwinject -w -o /klocwork_data/kwinject.out make && /klocwork/kwbuildtools/bin/kwbuildproject --url http://klocwork.<yourURL.com>:8080/<project> -o /klocwork_data/tables kwinject.out -f && kwadmin load --url http://klocwork.<yourURL.com>:8080 load <project> /klocwork_data/tables"
This mounts the project to analyze and Klocwork output data to mounts outside of the container. For simplicity, you can extract the sh -c "..." section into a script file for maintainability. For example, make the file build.sh:
#!/bin/sh cd /project/src /klocwork/kwbuildtools/bin/kwinject -w -o /klocwork_data/kwinject.out make /klocwork/kwbuildtools/bin/kwbuildproject --url http://klocwork.<yourURL.com>:8080/<project> -o /klocwork_data/tables -f /klocwork_data/kwinject.out /klocwork/kwbuildtools/bin/kwadmin --url http://klocwork.<yourURL.com>:8080 load <project> /klocwork_data/tables
Then, run:
docker run --rm -v /project/src:/project/src -v /project/klocwork_data:/klocwork_data klocwork-buildtools:20.2 --entrypoint build.sh
Setting up your container to run your Klocwork Server
Below is an example of the command you need to run to install the necessary Klocwork and compiler dependencies, as well as how to install the Klocwork build tools package:
FROM ubuntu:20.04 # Install Klocwork Dependencies RUN apt update RRUN apt install -y lib32ncurses6 lib32ncurses6 numactl libaio1 lsb-core # Install compiler dependencies. This will depend on the source being built RUN apt install -y build-essential gcc-8 g++-8 gcc-8-multilib g++-8-multilib # Get Klocwork build tools package and unzip to a location # This example uses 'wget' to get the installer from an internally hosted Klocwork Portal # Note: server install cannot be done as the root user. This will create a user 'klocwork' RUN apt install -y wget unzip RUN useradd -u 10066 -d /home -s /bin/bash klocwork && groupmod -g 1005 klocwork RUN mkdir /klocwork RUN chown -R klocwork:klocwork /klocwork USER klocwork WORKDIR /klocwork RUN wget <download_server>/kw-server-installer.20.2.0.89.linux64.sh RUN sh kw-server-installer.20.2.0.89.linux64.sh -a server KlocworkServer RUN rm kw-server-installer.20.2.0.89.linux64.sh
where <download_server> is the location of your Klocwork Server installation file.
Next, you need to build the image:
docker build --tag klocwork-server:20.2 .
To preserve server data, set up a folder to hold the Klocwork Server's projects_root folder on the host machine. For example: /data/klocwork/server_data. Once the folder is set up, it needs to be given permissions to write to by the group ID set in the above Dockerfile. In this example, the group ID is 1005.
chown -R 1005:1005 /data/klocwork/server_data
You can set up the server in two ways, interactively or non-interactively. Note that the example below uses Klocwork web port 8086 and Klocwork database port 3386.
Interactively
Docker allows you to run a container in interactive mode. This means you can execute commands inside the container while it is still running. To do so, run the following:
docker run -d -i -t -p 8086:8086 -v /data/klocwork/server_data:/klocwork/server_data --name klocwork_server klocwork-server:20.2
Once the server is running, you can connect to the container using:
docker exec -t -i klocwork_server /bin/bash
After you are connected to the container, you can setup your server:
/klocwork/server/bin/kwservice -r /klocwork/server_data/projects_root setup /klocwork/server/bin/kwservice -r /klocwork/server_data/projects_root set-service-property license host <license_host> /klocwork/server/bin/kwservice -r /klocwork/server_data/projects_root set-service-property klocwork port 8086 /klocwork/server/bin/kwservice -r /klocwork/server_data/projects_root set-service-property database port 3386 /klocwork/server/bin/kwservice -r /klocwork/server_data/projects_root start exit
Non-Interactively
If you prefer to run your container in non-interactive mode, run the following:
docker run -d -p 8086:8086 -v /data/klocwork/server_data:/klocwork/server_data --name klocwork_server klocwork-server:20.2 --entrypoint server.sh
Where server.sh is:
/klocwork/server/bin/kwservice -r /klocwork/server_data/projects_root setup /klocwork/server/bin/kwservice -r /klocwork/server_data/projects_root set-service-property license host <license_host> /klocwork/server/bin/kwservice -r /klocwork/server_data/projects_root set-service-property klocwork port 8086 /klocwork/server/bin/kwservice -r /klocwork/server_data/projects_root set-service-property database port 3386 /klocwork/server/bin/kwservice -r /klocwork/server_data/projects_root start tail -f /dev/null
Once the server is setup, you'll only need to run the kwservice start command:
docker run -d -p 8086:8086 -v /data/klocwork/server_data:/klocwork/server_data --name klocwork_server klocwork-server:20.2 sh -c "/klocwork/server/bin/kwservice -r /klocwork/server_data/projects_root start && tail -f /dev/null"
Perforce is also here to help! If you need help with setting up or using containers with Klocwork, you can contact Static Code Analysis Professional Services to discuss assistance via a services engagement.
