wireshark/.gitlab-ci.yml

# In the interest of reliability and performance, please avoid installing
# external dependencies here, e.g. via tools/*-setup.sh, apt, dnf, or yum.
# Do so in the appropriate Dockerfile at
# https://gitlab.com/wireshark/wireshark-containers/ instead.
# The resulting images can be found at
# https://hub.docker.com/r/wireshark/wireshark-centos-7-dev
# https://hub.docker.com/r/wireshark/wireshark-centos-8-dev
# https://hub.docker.com/r/wireshark/wireshark-debian-stable-dev
# https://hub.docker.com/r/wireshark/wireshark-fedora-dev
# https://hub.docker.com/r/wireshark/wireshark-opensuse-15.2-dev
# https://hub.docker.com/r/wireshark/wireshark-ubuntu-dev

stages:
  - build
  - analysis
  - test

variables:
  # Ensure that checkouts are a) fast and b) have a reachable tag. In a
  # brighter, more glorious future we might be able to use --shallow-since:
  # https://gitlab.com/gitlab-org/gitlab-runner/-/issues/3460
  # In the mean time, fetching the last 5000 commits does the job.
  GIT_DEPTH: "1"
  GIT_FETCH_EXTRA_FLAGS: "--depth=5000"
  CCACHE_DIR: "${CI_PROJECT_DIR}/ccache"
  # Enable color output in CMake, Ninja, and other tools. https://bixense.com/clicolors/
  CLICOLOR_FORCE: 1

# Scheduled builds additionally set WS_CI_SCHEDULE, which can be one of:
# - daily: Daily at 10:00 UTC
# - coverity-visual-c++: Monday, Wednesday, & Friday at 12:00 UTC
# - coverity-gcc: Sunday, Tuesday, Thursday & Saturday at 12:00 UTC

# Common rules

# Commits that have been approved and merged. Run automatically in the main
# repo and allow manual runs in forks.
.if-merged:
  rules:
    - if: '$CI_PIPELINE_SOURCE == "push" && $CI_PROJECT_URL =~ /.*gitlab.com\/wireshark\/wireshark/'
      when: always
    - if: '$CI_PROJECT_URL !~ /.*gitlab.com\/wireshark\/wireshark/'
      when: manual
    - when: never
# Incoming merge requests.
.if-merge-request:
  rules:
    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
# Incoming non-detached merge requests. Must be used for runners which are only
# available in wireshark/wireshark, e.g. wireshark-windows-*
.if-attached-merge-request:
  rules:
    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" && $CI_PROJECT_URL =~ /.*gitlab.com\/wireshark\/wireshark/'
      when: always
# Daily jobs
.if-daily-schedule:
  rules:
    - if: '$CI_PIPELINE_SOURCE == "schedule" && $WS_CI_SCHEDULE == "daily"'
      when: always

.build:
  stage: build
  after_script:
    - for builddir in build/packaging/rpm/BUILD/wireshark-*/build build/packaging/rpm/BUILD/wireshark-* build obj-*; do [ ! -d "$builddir/run" ] || break; done
    - if [[ "$CI_JOB_NAME" == "build:rpm-opensuse-"* ]]; then export LD_LIBRARY_PATH=$builddir/run; fi
    - if [ -f $builddir/run/tshark ]; then $builddir/run/tshark --version; fi
  needs: []

.build-ubuntu:
  extends: .build
  image: wireshark/wireshark-ubuntu-dev
  retry: 1
  # https://gould.cx/ted/blog/2017/06/10/ccache-for-Gitlab-CI/
  cache:
    # XXX Use ${CI_JOB_NAME}-${CI_MERGE_REQUEST_TARGET_BRANCH_NAME} instead?
    key: ${CI_JOB_NAME}-master
    paths:
      - ccache/
  before_script:
    - useradd user
    - export LANG=en_US.UTF-8
    - export PYTEST_ADDOPTS=--skip-missing-programs=dumpcap,rawshark
    - mkdir -p ccache
    - ccache --show-stats
    - export DEB_BUILD_OPTIONS=nocheck,parallel=$(( $(getconf _NPROCESSORS_ONLN) + 2 ))
    - export DH_QUIET=1
    - export MAKEFLAGS=--silent
    - mkdir build
    - cd build
  after_script:
    # The cache should be large enough to be useful but it shouldn't take
    # too long to restore+save each run.
    - ccache --max-size $( du --summarize --block-size=1M "$CI_PROJECT_DIR/build" | awk '{printf ("%dM", $1 * 1.5)}' )
  script:
    # setcap restricts our library paths
    - CFLAGS=-Wl,-rpath=$(pwd)/run CXXFLAGS=-Wl,-rpath=$(pwd)/run cmake -GNinja $CMAKE_ARGS ..
    - ninja
    - ninja install
    - ninja shellcheck
    - ninja test-programs
    - chown -R user .
    - if [ -f run/dumpcap ]; then setcap cap_net_raw,cap_net_admin+eip run/dumpcap; fi
    - if [ -f run/dumpcap ]; then su user -c "run/dumpcap -D" ; fi
    - su user -c pytest-3

.build-rpm:
  extends: .build
  before_script:
    # It might make sense to set "GIT_STRATEGY: none" and build from
    # the tarball.
    - git config --global user.email "you@example.com"
    - git config --global user.name "Your Name"
    - mkdir build
    - cd build
    - perl ../tools/make-version.pl --set-release
    - mv -v ../wireshark-*.tar.* .
  artifacts:
    paths:
      - build/packaging/rpm/RPMS
    expire_in: 3 days

.build-windows:
  stage: build
  before_script:
    - if (-Not (Test-Path C:\Development)) { New-Item -Path C:\Development -ItemType "directory" }
    - $env:WIRESHARK_BASE_DIR = "C:\Development"
    - $env:Configuration = "RelWithDebInfo"
    - $env:Path += ";C:\Program Files\CMake\bin"
    - $env:Path += ";C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin"
    - $env:Path += ";C:\qt\5.15.1\msvc2019_64\bin"
    # https://help.appveyor.com/discussions/questions/18777-how-to-use-vcvars64bat-from-powershell
    - cmd.exe /c "call `"C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Auxiliary\Build\vcvars64.bat`" && set > %temp%\vcvars.txt"
    - Get-Content "$env:temp\vcvars.txt" | Foreach-Object { if ($_ -match "^(.*?)=(.*)$") { Set-Content "env:\$($matches[1])" $matches[2] } }
    # Testing / debugging only.
    # - cmd.exe /c "set CI_PIPELINE_SOURCE"
    # - cmd.exe /c "set CI_PROJECT_URL"
    #- dir c:\
    #- dir c:\qt
    #- $env:path.split(";")
    #- cmd.exe /c "set"
    #- Get-Location
    - mkdir build
    - cd build
  needs: []

# Rely on fedora:latest and debian-stable jobs for testing a recent GCC version.
clang-12:
  extends:
    - .build-ubuntu
    - .if-merged
  variables:
    CC: clang-12
    CXX: clang++-12

build:ubuntu-dist:
  stage: .pre
  extends:
    - .build-ubuntu
    - .if-merged
  script:
    - perl ../tools/make-version.pl --set-release || ../perl make-version.pl --set-release
    - cmake -G Ninja $CMAKE_ARGS -DENABLE_CCACHE=ON ..
    - cd $CI_PROJECT_DIR
    - build/packaging/source/git-export-release.sh -d .
  after_script:
    # - ccache --max-size $( du --summarize --block-size=1M "$CI_PROJECT_DIR/build" | awk '{printf ("%dM", $1 * 1.5)}' )
    - for digest in sha256 rmd160 sha1 ; do openssl $digest wireshark-*.tar.* ; done
    # This will break if we produce multiple tarballs, which is arguably a good thing.
    - if [ -n "$AWS_ACCESS_KEY_ID" ] && [ -n "$AWS_SECRET_ACCESS_KEY" ] && [ -n "$S3_DESTINATION_DIST" ] ; then aws s3 cp wireshark-*.tar.* "$S3_DESTINATION_DIST/" ; fi
  artifacts:
    paths:
      - wireshark-*.tar.*

# The custom CentOS 7 image pre-installs dependencies and compilers to speed up the build:
# https://hub.docker.com/r/wireshark/wireshark-centos-7-dev
# https://gitlab.com/wireshark/wireshark-containers/-/tree/master/dev/centos-7
build:rpm-centos-7:
  extends: .build-rpm
  image: wireshark/wireshark-centos-7-dev
  script:
    - cmake3 -GNinja ..
    - ninja-build rpm-package
  needs:
    - build:ubuntu-dist
test:rpm-centos-7:
  stage: test
  image: wireshark/wireshark-centos-7-dev
  script:
    - yum --nogpgcheck localinstall -y build/packaging/rpm/RPMS/x86_64/*.rpm
    - tshark --version
  needs:
    - build:rpm-centos-7
  variables:
    GIT_STRATEGY: none

build:rpm-centos-8:
  extends: .build-rpm
  image: wireshark/wireshark-centos-8-dev
  script:
    - cmake -GNinja ..
    - ninja-build rpm-package
  needs:
    - build:ubuntu-dist
test:rpm-centos-8:
  stage: test
  image: wireshark/wireshark-centos-8-dev
  script:
    - dnf --nogpgcheck localinstall -y build/packaging/rpm/RPMS/x86_64/*.rpm
    - tshark --version
  needs:
    - build:rpm-centos-8
  variables:
    GIT_STRATEGY: none

build:rpm-opensuse-15.2:
  image: wireshark/wireshark-opensuse-15.2-dev
  extends: .build-rpm
  script:
    - cmake -GNinja ..
    - ninja rpm-package
  needs:
    - build:ubuntu-dist
test:rpm-opensuse-15.2:
  image: wireshark/wireshark-opensuse-15.2-dev
  stage: test
  script:
    - zypper --no-gpg-checks install -y build/packaging/rpm/RPMS/x86_64/*.rpm
    - tshark --version
  variables:
    GIT_STRATEGY: none
  needs:
    - build:rpm-opensuse-15.2

build:rpm-fedora:
  extends: .build-rpm
  image: wireshark/wireshark-fedora-dev
  script:
    # Shared GitLab runners limit the log size to 4M, so reduce verbosity. See
    # https://gitlab.com/gitlab-com/support-forum/issues/2790
    - export FORCE_CMAKE_NINJA_NON_VERBOSE=1
    - cmake3 -GNinja ..
    - ninja rpm-package
  needs:
    - build:ubuntu-dist
# test:rpm-fedora:
#   image: fedora
#   stage: test
#   script:
#     - dnf install -y build/packaging/rpm/RPMS/x86_64/*.rpm
#     - tshark --version
#   variables:
#     GIT_STRATEGY: none
#   needs:
#     - build:rpm-fedora

# Job to generate packages for Debian stable
build:debian-stable:
  extends:
    - .build
    - .if-merged
  image: wireshark/wireshark-debian-stable-dev
  script:
    - perl tools/make-version.pl --set-release
    # Shared GitLab runners limit the log size to 4M, so reduce verbosity. See
    # https://gitlab.com/gitlab-com/support-forum/issues/2790
    - export DH_QUIET=1
    - export MAKEFLAGS=--silent
    - dpkg-buildpackage -b --no-sign -jauto
    - mkdir debian-packages
    - mv ../*.deb debian-packages/
  artifacts:
    paths:
      - debian-packages/*.deb
    expire_in: 3 days
test:debian-stable:
  image: wireshark/wireshark-debian-stable-dev
  stage: test
  script:
    - DEBIAN_FRONTEND=noninteractive apt-get install ./debian-packages/*.deb -y
    - tshark --version
  variables:
    GIT_STRATEGY: none
  needs:
    - build:debian-stable

# Build Wireshark manuals
# Note: Need ubuntu:focal with `ruby-coderay` and `ruby-asciidoctor-pdf` packages to build PDF docs
docbook:
  stage: build
  image: wireshark/wireshark-ubuntu-dev
  rules:
    - changes:
      - "docbook/**"
      - "epan/wslua/**"
  script:
    - mkdir build
    - cd build
    - cmake -GNinja ..
    - ninja all_guides
  after_script:
    - mv build/docbook/wsug_html/ .
    - mv build/docbook/wsug_html_chunked/ .
    - mv build/docbook/wsdg_html/ .
    - mv build/docbook/wsdg_html_chunked/ .
  artifacts:
    paths:
      - wsug_html/
      - wsug_html_chunked/
      - wsdg_html/
      - wsdg_html_chunked/
  needs: []


# Build all doxygen docs
doxygen_all:
  stage: build
  image: wireshark/wireshark-ubuntu-dev
  rules:
    - if: '$CI_PIPELINE_SOURCE == "schedule" && $WS_CI_SCHEDULE == "daily"'
      when: always
  script:
    - mkdir build
    - cd build
    - cmake -GNinja ..
    - ninja wsar_html 2>&1 > doxygen_output.txt | tee doxygen_errors.txt
  after_script:
    - mv build/wsar_html .
    - mv build/doxygen_output.txt .
    - mv build/doxygen_errors.txt .
  artifacts:
    when: always
    paths:
    - doxygen_errors.txt
    - doxygen_output.txt
    - wsar_html
  needs: []

# https://docs.gitlab.com/ee/user/gitlab_com/index.html#linux-shared-runners

merge-req:commit-checks:
  extends:
    - .build-ubuntu
    - .if-merge-request
  tags:
    - docker
  script:
    # build-ubuntu puts us in `build`.
    - cd ..
    - bash ./tools/pre-commit 'HEAD^1'
    - tools/validate-commit.py

merge-req:ubuntu-dpkg:
  extends:
    - .build-ubuntu
    - .if-merge-request
  tags:
    - docker
  script:
    # build-ubuntu puts us in `build`.
    - cd ..
    - CC=/usr/lib/ccache/gcc CXX=/usr/lib/ccache/g++ MAKE=ninja dpkg-buildpackage -us -uc -rfakeroot -jauto -Zgzip -zfast
    - lintian --suppress-tags library-not-linked-against-libc,copyright-excludes-files-in-native-package --display-experimental --display-info --pedantic --profile debian
  after_script:
    # dpkg-buildpackage builds in obj-<triplet>, so we need to override
    # .build-ubuntu. We also build more stuff, so decrease our multiplier.
    - ccache --max-size $( du --summarize --block-size=1M --total "$CI_PROJECT_DIR"/obj-* | awk '/total$/ {printf ("%dM", $1 * 1.25)}' )

merge-req:ubuntu-gcc-ctest:
  extends:
    - .build-ubuntu
    - .if-merge-request
  tags:
    - docker
  script:
    # build-ubuntu puts us in `build`.
    - CC=gcc CXX=g++ cmake -DENABLE_EXTRA_COMPILER_WARNINGS=on -DCMAKE_EXPORT_COMPILE_COMMANDS=on -DENABLE_CCACHE=ON -G Ninja ..
    - script --command ninja --flush --quiet --return ../gcc_report.txt
    - ansi2html < ../gcc_report.txt > ../gcc_report.html
    - ninja test-programs
    - chown -R user .
    - su user -c "ctest --parallel $(getconf _NPROCESSORS_ONLN) --force-new-ctest-process --verbose"
  artifacts:
    paths:
      - gcc_report.html

merge-req:ubuntu-clang-other-tests:
  extends:
    - .build-ubuntu
    - .if-merge-request
  tags:
    - docker
  variables:
    CC: clang-12
    CXX: clang++-12
  script:
    # build-ubuntu puts us in `build`.
    - cd ..
    - python3 tools/checklicenses.py
    - ./tools/cppcheck/cppcheck.sh -l 1 -x | tee cppcheck_report.xml
    - ./tools/check_typed_item_calls.py --commits 1 | tee item_calls_check.txt
    - ./tools/check_tfs.py --commits 1 | tee tfs_check.txt
    - if [[ -s "cppcheck_report.xml" ]]; then cppcheck-htmlreport --file cppcheck_report.xml  --report-dir . ; fi
    - cd build
    - cmake -DENABLE_EXTRA_COMPILER_WARNINGS=on -DENABLE_CHECKHF_CONFLICT=on -DCMAKE_EXPORT_COMPILE_COMMANDS=on -DENABLE_CCACHE=ON -G Ninja ..
    - script --command ninja --flush --quiet --return ../clang_report.txt
    - ansi2html < ../clang_report.txt > ../clang_report.html
    - ./run/tshark -v
    - sh -c '[ ! -e ../tools/validate-clang-check.sh ] || ../tools/validate-clang-check.sh'
    - ninja checkAPI
  artifacts:
    paths:
      - clang_report.html
      - cppcheck_report.html
      - cppcheck_report.xml
      - item_calls_check.txt
      - tfs_check.txt

# Windows runners are still beta, at least technically:
# https://docs.gitlab.com/ee/user/gitlab_com/index.html#windows-shared-runners-beta
merge-req:windows:
  extends:
    - .build-windows
    - .if-attached-merge-request
  tags:
    - wireshark-windows-merge-req
  script:
    - cmake -G "Visual Studio 16 2019" -A x64 -DENABLE_LTO=off ..
    - msbuild /verbosity:minimal "/consoleloggerparameters:PerformanceSummary;NoSummary" /maxcpucount Wireshark.sln
    - msbuild /verbosity:minimal test-programs.vcxproj
    - ctest -C RelWithDebInfo --parallel 3 --force-new-ctest-process --verbose

# Adapted from https://www.synopsys.com/blogs/software-security/integrating-coverity-scan-with-gitlab-ci/
# and https://gitlab.gnome.org/GNOME/glib/-/blob/8f57a5b9/.gitlab-ci.yml#L481
coverity-gcc:
  rules:
    - if: '$CI_PIPELINE_SOURCE == "schedule" && $WS_CI_SCHEDULE == "coverity-gcc"'
      when: always
  image: wireshark/wireshark-ubuntu-dev
  stage: analysis
  needs: []
  variables:
    CC: gcc
    CXX: g++
    # cov-build doesn’t handle GLIB_DEPRECATED_ENUMERATOR
    CFLAGS: '-DGLIB_DISABLE_DEPRECATION_WARNINGS'
    CXXFLAGS: '-DGLIB_DISABLE_DEPRECATION_WARNINGS'
  script:
    - curl --output /tmp/cov-analysis-linux64.tar.gz --form project=$COVERITY_SCAN_PROJECT_NAME --form token=$COVERITY_SCAN_TOKEN https://scan.coverity.com/download/linux64
    - tar --directory=/tmp --extract --gzip --file /tmp/cov-analysis-linux64.tar.gz
    - mkdir build
    - cd build
    - cmake -G Ninja ..
    - /tmp/cov-analysis-linux64-*/bin/cov-build --return-emit-failures --dir cov-int ninja
    - tar --create --gzip --file cov-int.tar.gz cov-int
    # - curl --form file=@cov-int.tar.gz --form token=$COVERITY_SCAN_TOKEN --form email=$GITLAB_USER_EMAIL --form description="Ubuntu $( git describe --tags ) $CI_COMMIT_REF_NAME:$CI_PIPELINE_ID" --form version=$( git describe --tags ) https://scan.coverity.com/builds?project=$COVERITY_SCAN_PROJECT_NAME
    - curl --data "project=$COVERITY_SCAN_PROJECT_NAME&token=$COVERITY_SCAN_TOKEN&email=$GITLAB_USER_EMAIL&url=$CI_JOB_URL/artifacts/file/build/cov-int.tar.gz&version=$( git describe --tags )&description=Ubuntu $( git describe --tags ) $CI_COMMIT_REF_NAME:$CI_PIPELINE_ID" https://scan.coverity.com/builds
  artifacts:
    paths:
      - build/cov-int.tar.gz

coverity-visual-c++:
  rules:
    - if: '$CI_PIPELINE_SOURCE == "schedule" && $WS_CI_SCHEDULE == "coverity-visual-c++"'
      when: always
  extends: .build-windows
  tags:
    - wireshark-windows-merge-req
  stage: analysis
  needs: []
  script:
    - $gitDescription = (( git describe --tags ) | Out-String).Trim()
    - C:\Windows\System32\curl --output $env:temp\cov-analysis-win64.zip --form project=$COVERITY_SCAN_PROJECT_NAME --form token=$COVERITY_SCAN_TOKEN https://scan.coverity.com/download/win64
    - C:\ProgramData\chocolatey\tools\7z x "$env:temp\cov-analysis-win64.zip" -y -r -o"$env:temp"
    - cmake -DTEST_EXTRA_ARGS=--enable-release -DENABLE_LTO=off -G "Visual Studio 16 2019" -A x64 ..
    - $covAnalysisWin64 = (Get-ChildItem -Path $env:temp -Filter "cov-analysis-win64-*" -Directory)[0].FullName
    - Invoke-Expression "& $covAnalysisWin64\bin\cov-build.exe --return-emit-failures --dir cov-int msbuild /verbosity:minimal `"/consoleloggerparameters:PerformanceSummary;NoSummary`" /maxcpucount:1 Wireshark.sln"
    - C:\ProgramData\chocolatey\tools\7z a -tzip cov-int.zip cov-int
    # - C:\Windows\System32\curl --form file=@cov-int.zip --form token=$COVERITY_SCAN_TOKEN--form email=$GITLAB_USER_EMAIL --form description="Windows $gitDescription $env:CI_COMMIT_REF_NAME`:$env:CI_PIPELINE_ID" --form version=$gitDescription https://scan.coverity.com/builds?project=$COVERITY_SCAN_PROJECT_NAME
    - curl --data "project=$COVERITY_SCAN_PROJECT_NAME&token=$COVERITY_SCAN_TOKEN&email=$GITLAB_USER_EMAIL&url=$CI_JOB_URL/artifacts/file/build/cov-int.zip&version=$gitDescription&description=Windows $gitDescription $env:CI_COMMIT_REF_NAME`:$env:CI_PIPELINE_ID" https://scan.coverity.com/builds
  artifacts:
    paths:
      - build/cov-int.zip

clang-scan-build:
  extends: .if-daily-schedule
  image: wireshark/wireshark-ubuntu-dev
  stage: analysis
  needs: []
  variables:
    CLANG_VERSION: 12
    CC: "clang-${CLANG_VERSION}"
    CXX: "clang++-${CLANG_VERSION}"
  script:
    - mkdir build
    - cd build
    - scan-build-${CLANG_VERSION} cmake -DCMAKE_BUILD_TYPE=Debug -DDISABLE_WERROR=ON -G Ninja ..
    - scan-build-${CLANG_VERSION} -o ../sbout ninja
    - cd ../sbout
    - RAW_DIR=$( find ../sbout -type d -name "20??-??-??-*" -printf "%P\n" | head )
    - SB_DIR="scan-build-$RAW_DIR"
    - mv "$RAW_DIR" "$SB_DIR"
    - if [ -d logs ] ; then mv logs $SB_DIR ; fi
    - chmod -R u=rwX,go=rX "$SB_DIR"
    - zip -9 -r "${SB_DIR}.zip" "$SB_DIR"
    - if [ -n "$AWS_ACCESS_KEY_ID" ] && [ -n "$AWS_SECRET_ACCESS_KEY" ] && [ -n "$S3_DESTINATION_ANALYSIS" ] ; then aws s3 cp "${SB_DIR}.zip" "$S3_DESTINATION_ANALYSIS/" ; fi

# Windows runners are still beta, at least technically:
# https://docs.gitlab.com/ee/user/gitlab_com/index.html#windows-shared-runners-beta
build:windows-vs-code-analysis:
  extends: .build-windows
  tags:
    - wireshark-windows-dev
  rules:
    # The wireshark-windows-* tags are only available in wireshark/wireshark.
    - if: '$CI_PIPELINE_SOURCE == "schedule" && $WS_CI_SCHEDULE == "daily" && $CI_PROJECT_URL =~ /.*gitlab.com\/wireshark\/wireshark/'
      when: always
  script:
    - $env:caexcludepath = "C:\Qt;$env:INCLUDE"
    - cmake -DENABLE_CODE_ANALYSIS=ON -G "Visual Studio 16 2019" -A x64 -DENABLE_LTO=off ..
    - msbuild /verbosity:minimal "/consoleloggerparameters:PerformanceSummary;NoSummary" /maxcpucount:2 Wireshark.sln

sloccount:
  extends:
    - .build-ubuntu
    - .if-daily-schedule
  stage: analysis
  variables:
    SLOC_OUT: sloccount.txt
  needs: []
  script:
    - cmake -G Ninja ..
    - ninja
    - cd ..
    - echo -n "SLOCCount version:\ "
    - sloccount --version
    - sloccount . | awk "/^Computing results/ { results=1 } { if (results) print }" > $SLOC_OUT
    - cat $SLOC_OUT
    - if [ -n "$AWS_ACCESS_KEY_ID" ] && [ -n "$AWS_SECRET_ACCESS_KEY" ] && [ -n "$S3_DESTINATION_ANALYSIS" ] ; then aws s3 cp "$SLOC_OUT" "$S3_DESTINATION_ANALYSIS/" ; fi