Analyzers/sanitizers #1300
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Analyzers/sanitizers | |
| on: | |
| workflow_run: | |
| workflows: | |
| - "CI v2" | |
| types: | |
| - completed | |
| jobs: | |
| pvs: | |
| if: github.repository_owner == 'victimsnino' && github.event.workflow_run.conclusion == 'success' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: haya14busa/action-workflow_run-status@main | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| fetch-depth: 0 | |
| repository: ${{ github.event.workflow_run.head_repository.full_name }} | |
| ref: ${{ github.event.workflow_run.head_branch }} | |
| # Work around https://github.com/actions/runner-images/issues/8659 | |
| # - name: "Remove GCC 13 from runner image (workaround)" | |
| # shell: bash | |
| # run: | | |
| # sudo apt-get update | |
| # sudo apt-get purge -y g++-13 gcc-13 libstdc++-13-dev | |
| # sudo apt-get install -y --allow-downgrades libstdc++-12-dev libstdc++6=12.* libgcc-s1=12.* | |
| - name: Install Qt | |
| uses: jurplel/install-qt-action@v4 | |
| with: | |
| cache: true | |
| - name: get conan | |
| uses: turtlebrowser/get-conan@main | |
| - name: cache deps | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.conan2 | |
| /Users/runner/.conan2/ | |
| key: deps-ci-ubuntu-clang-Release-${{ hashFiles('**/conanfile.py') }} | |
| restore-keys: deps-ci-ubuntu-clang-Release | |
| - name: conan detect profile | |
| run: | | |
| conan profile detect --force | |
| - name: Install tools | |
| id: setup | |
| continue-on-error: true | |
| run: | | |
| wget -q -O - https://files.pvs-studio.com/etc/pubkey.txt \ | |
| | sudo gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/PVS.gpg --import | |
| sudo apt-key adv --refresh-keys | |
| sudo chmod 644 /etc/apt/trusted.gpg.d/PVS.gpg | |
| sudo wget -O /etc/apt/sources.list.d/viva64.list \ | |
| https://files.pvs-studio.com/etc/viva64.list | |
| sudo apt update | |
| sudo apt install pvs-studio | |
| pvs-studio-analyzer credentials ${{ secrets.PVS_STUDIO_CREDENTIALS }} | |
| - name: Run CMake | |
| if: steps.setup.outcome == 'success' && steps.setup.conclusion == 'success' | |
| uses: lukka/run-cmake@v10 | |
| with: | |
| configurePreset: ci-ubuntu-clang-tests-no-checks | |
| buildPreset: ci-build | |
| - name: Analyze and prepare report | |
| if: steps.setup.outcome == 'success' && steps.setup.conclusion == 'success' | |
| run: | | |
| pvs-studio-analyzer analyze -f build/compile_commands.json -j -e build/_deps/ | |
| plog-converter -t sarif -o pvs-report.sarif PVS-Studio.log | |
| - name: Publish report | |
| if: steps.setup.outcome == 'success' && steps.setup.conclusion == 'success' | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: pvs-report.sarif | |
| category: PVS-Studio | |
| sonarcloud_and_coverage: | |
| runs-on: ubuntu-latest | |
| if: github.repository_owner == 'victimsnino' && github.event.workflow_run.conclusion == 'success' | |
| env: | |
| BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory # Directory where build-wrapper output will be placed | |
| steps: | |
| - uses: haya14busa/action-workflow_run-status@main | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| fetch-depth: 0 | |
| repository: ${{ github.event.workflow_run.head_repository.full_name }} | |
| ref: ${{ github.event.workflow_run.head_branch }} | |
| # Work around https://github.com/actions/runner-images/issues/8659 | |
| # - name: "Remove GCC 13 from runner image (workaround)" | |
| # shell: bash | |
| # run: | | |
| # sudo apt-get update | |
| # sudo apt-get purge -y g++-13 gcc-13 libstdc++-13-dev | |
| # sudo apt-get install -y --allow-downgrades libstdc++-12-dev libstdc++6=12.* libgcc-s1=12.* | |
| - name: Install llvm | |
| run: sudo apt-get update -q && sudo apt-get install llvm -q -y | |
| - name: Install Qt | |
| uses: jurplel/install-qt-action@v4 | |
| with: | |
| cache: true | |
| - name: get conan | |
| uses: turtlebrowser/get-conan@main | |
| - name: cache deps | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.conan2 | |
| /Users/runner/.conan2/ | |
| key: deps-ci-ubuntu-clang-Release-${{ hashFiles('**/conanfile.py') }} | |
| restore-keys: deps-ci-ubuntu-clang-Release | |
| - name: conan detect profile | |
| run: | | |
| conan profile detect --force | |
| - name: Install sonar-scanner and build-wrapper | |
| uses: sonarsource/sonarcloud-github-c-cpp@v2 | |
| - name: Run build-wrapper | |
| run: | | |
| mkdir build | |
| cmake --preset=ci-coverage-clang | |
| build-wrapper-linux-x86-64 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} cmake --build --preset=ci-build | |
| ctest --preset=ci-tests | |
| - name: Process coverage info | |
| run: cmake --build build -t coverage | |
| - name: "Get PR information" | |
| uses: potiuk/get-workflow-origin@v1_3 | |
| id: source-run-info | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| sourceRunId: ${{ github.event.workflow_run.id }} | |
| - name: Submit to codecov.io | |
| uses: codecov/codecov-action@v4 | |
| with: | |
| file: build/test_results/coverage.txt | |
| override_branch: ${{ github.event.workflow_run.head_branch }} | |
| override_pr: ${{ steps.source-run-info.outputs.pullRequestNumber }} | |
| override_commit: ${{ github.event.workflow_run.head_sha }} | |
| - name: Run sonar-scanner on PUSH | |
| if: github.event.workflow_run.event == 'push' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| run: | | |
| sonar-scanner --define sonar.cfamily.build-wrapper-output="${{ env.BUILD_WRAPPER_OUT_DIR }}" --define sonar.scm.revision=${{ github.event.workflow_run.head_sha }} | |
| - name: Run sonar-scanner on PullRequest | |
| if: github.event.workflow_run.event == 'pull_request' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| run: | | |
| sonar-scanner --define sonar.cfamily.build-wrapper-output="${{ env.BUILD_WRAPPER_OUT_DIR }}" --define sonar.scm.revision=${{ github.event.workflow_run.head_sha }} --define sonar.pullrequest.key=${{ steps.source-run-info.outputs.pullRequestNumber }} --define sonar.pullrequest.branch=${{ steps.source-run-info.outputs.sourceHeadBranch }} --define sonar.pullrequest.base=${{ steps.source-run-info.outputs.targetBranch }} |