Static Analysis #1181
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Static Analysis" | |
on: | |
push: | |
pull_request: | |
branches: [ latest ] | |
schedule: | |
- cron: '18 6 * * 2' | |
jobs: | |
local-analysis: | |
name: "custom analysis" | |
runs-on: "ubuntu-latest" | |
steps: | |
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- name: Check Headers | |
run: | | |
tools/check_headers/check_headers.rb "include/**/*.h*" "include/**/**/*.h" | |
tools/check_headers/check_headers.rb "src/**/*.c" | |
tools/check_headers/check_headers.rb "test/**/*.cpp" | |
tools/check_headers/check_headers.rb "docs/examples/**/*.c" | |
- name: Check Localization | |
run: | | |
scripts/check_l10n.rb "include/private/config/locale/*-??.h" | |
- name: Build Documentation | |
run: | | |
sudo apt-get update | |
sudo apt-get install doxygen | |
cmake . | |
make docs | |
codeql-analysis: | |
name: "codeql analysis" | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
language: [ 'cpp' ] | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2.22.3 | |
with: | |
languages: ${{ matrix.language }} | |
- name: Autobuild | |
uses: github/codeql-action/autobuild@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2.22.3 | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2.22.3 | |
sonarcloud-analysis: | |
name: "sonarcloud analysis" | |
runs-on: "ubuntu-latest" | |
steps: | |
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
with: | |
fetch-depth: 0 | |
- name: Configure | |
run: | | |
cmake . | |
- name: Sonarcloud Analysis | |
if: ${{ github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository }} | |
run: | | |
wget -q https://sonarcloud.io/static/cpp/build-wrapper-linux-x86.zip | |
unzip build-wrapper-linux-x86.zip | |
./build-wrapper-linux-x86/build-wrapper-linux-x86-64 --out-dir bw-output make all | |
wget -q https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006-linux.zip | |
unzip -qq -o sonar-scanner-cli-5.0.1.3006-linux.zip | |
chmod +x sonar-scanner-5.0.1.3006-linux/bin/sonar-scanner | |
sonar-scanner-5.0.1.3006-linux/bin/sonar-scanner -Dproject.settings=tools/sonar/sonar-project.properties | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
SONARQUBE_SCANNER_PARAMS: '{"sonar.host.url":"https://sonarcloud.io"}' | |
custom-anaysis: | |
name: Custom Analysis | |
runs-on: "ubuntu-latest" | |
steps: | |
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
with: | |
fetch-depth: 0 | |
- name: "@since standardization" | |
run: | | |
# look for all instances of @since, then look for any that do not meet the required pattern. @since release x.x.x | |
if grep --include=\*.{c,h,cpp,hpp} -rnw . -e ".*@since .*" | grep -qv ".* @since release v[[:digit:]]\+\.[[:digit:]]\+\.[[:digit:]].*"; then | |
# at this point the check has failed, but we want to give some info to the user. i have found it difficult to get the status code | |
# and print out the offending lines without this duplication | |
# get all instances of @since, offending and not offending | |
grep --include=\*.{c,h,cpp,hpp} -rnw . -e "@since .*" | \ | |
# find all instances that do not meet the required pattern | |
grep -v ".* @since release v[[:digit:]]\+\.[[:digit:]]\+\.[[:digit:]].*" | \ | |
# print an error message, including line number with -n from grep. mention supported format. | |
xargs -I{} echo "Static Analysis Failed: \"{}\" Supported format is \"@since release vX.X.X\"" | |
exit 1 | |
else | |
exit 0 | |
fi | |