Skip to content

Commit

Permalink
SONAR-21859 Create a GitHub Action to analyze C/C++ code with SonarQube
Browse files Browse the repository at this point in the history
  • Loading branch information
@claire-villard-sonarsource
claire-villard-sonarsource authored Mar 19, 2024
1 parent 59fb609 commit 3b73249
Show file tree
Hide file tree
Showing 13 changed files with 877 additions and 2 deletions.
15 changes: 15 additions & 0 deletions .github/PULL_REQUEST_TEMPLATE.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
Please be aware that we are not actively looking for feature contributions.
The truth is that it's extremely difficult for someone outside SonarSource to comply with our roadmap and expectations.
Therefore, we typically only accept minor cosmetic changes and typo fixes.
If you would like to see a new feature, please create a new thread in the forum ["Suggest new features"](https://community.sonarsource.com/c/suggestions/features).

With that in mind, if you would like to submit a code contribution, make sure that you adhere to the following guidelines and all tests are passing:

- [ ] Please explain your motives to contribute this change: what problem you are trying to fix, what improvement you are trying to make
- [ ] Make sure any code you changed is covered by tests
- [ ] If there is a [JIRA](http://jira.sonarsource.com/browse/SONAR) ticket available, please make your commits and pull request start with the ticket ID (SONAR-XXXX)

We will try to give you feedback on your contribution as quickly as possible.

Thank You!
The SonarSource Team
371 changes: 371 additions & 0 deletions .github/workflows/tests.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,371 @@
name: Tests
on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]

jobs:
create-install-dir-test:
name: create_install_path.sh script test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis

- name: Existing
shell: bash
env:
INSTALL_PATH: '.sonar'
run: |
echo "- Create dir"
mkdir -p "${INSTALL_PATH}"
echo "- Test script behavior"
./scripts/create_install_path.sh > output
grep -v "::error::" output
- name: Non-existing nested in current dir
shell: bash
env:
INSTALL_PATH: '.sonar'
run: |
./scripts/create_install_path.sh > output
grep -v "::error::" output
test -d "${INSTALL_PATH}"
- name: Nonexisting nested in home
shell: bash
env:
INSTALL_PATH: '~/third_party/.sonar'
run: |
./scripts/create_install_path.sh > output
grep -v "::error::" output
test -d "${INSTALL_PATH}"
- name: Empty install dir specified
shell: bash
env:
INSTALL_PATH: ''
run: |
(./scripts/create_install_path.sh || echo "=== Script failed ===") > output
grep "::error::Empty installation path specified" output
grep "=== Script failed ===" output
- name: No permission to create directory
shell: bash
env:
INSTALL_PATH: '/non_creatable'
run: |
(./scripts/create_install_path.sh || echo "=== Script failed ===") > output
grep "::error::Failed to create non-existing installation path '/non_creatable'" output
grep "=== Script failed ===" output
- name: Existing but not directory
shell: bash
env:
INSTALL_PATH: 'not_directory'
run: |
echo "- Create normal file"
echo "content" > "${INSTALL_PATH}"
echo "- Test script behavior"
(./scripts/create_install_path.sh || echo "=== Script failed ===") > output
grep "::error::Installation path 'not_directory' is not a directory" output
grep "=== Script failed ===" output
- name: Existing but not readable
shell: bash
env:
INSTALL_PATH: 'not_readable'
run: |
echo "- Create dir and make it not readable"
mkdir -p "${INSTALL_PATH}"
chmod -r "${INSTALL_PATH}"
echo "- Test script behavior"
(./scripts/create_install_path.sh || echo "=== Script failed ===") > output
grep "::error::Installation path 'not_readable' is not readable" output
grep "=== Script failed ===" output
- name: Existing but not writeable
shell: bash
env:
INSTALL_PATH: 'not_writeable'
run: |
echo "- Create dir and make it not writeable"
mkdir -p "${INSTALL_PATH}"
chmod -w "${INSTALL_PATH}"
echo "- Test script behavior"
(./scripts/create_install_path.sh || echo "=== Script failed ===") > output
grep "::error::Installation path 'not_writeable' is not writeable" output
grep "=== Script failed ===" output
setup-script-test:
name: configure_paths.sh script test
runs-on: ubuntu-latest
env:
INSTALL_PATH: 'install-directory'
SONAR_HOST_URL: 'http://sonar-host.com'
SONAR_SCANNER_VERSION: 'vX.Y.Z.MMMM'
SONAR_SCANNER_URL_WINDOWS: 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-vX.Y.Z.MMMM-windows.zip'
SONAR_SCANNER_SHA_WINDOWS: 'DOWNLOAD-SHA-WINDOWS'
SONAR_SCANNER_URL_LINUX: 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-vX.Y.Z.MMMM-linux.zip'
SONAR_SCANNER_SHA_LINUX: 'DOWNLOAD-SHA-LINUX'
SONAR_SCANNER_URL_MACOSX: 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-vX.Y.Z.MMMM-macosx.zip'
SONAR_SCANNER_SHA_MACOSX: 'DOWNLOAD-SHA-MACOSX'
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis

- name: Windows
shell: bash
env:
OS: 'Windows'
ARCH: 'X64'
run: |
./scripts/configure_paths.sh > output
grep -v "::error::" output
echo "- Check sonar-scanner:"
grep "sonar-scanner-url=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-vX.Y.Z.MMMM-windows.zip" output
grep "sonar-scanner-sha=DOWNLOAD-SHA-WINDOWS" output
grep "sonar-scanner-dir=install-directory/sonar-scanner-vX.Y.Z.MMMM-windows" output
grep "sonar-scanner-bin=install-directory/sonar-scanner-vX.Y.Z.MMMM-windows/bin/sonar-scanner.bat" output
echo "- Check build-wrapper:"
grep "build-wrapper-url=http://sonar-host.com/static/cpp/build-wrapper-win-x86.zip" output
grep "build-wrapper-dir=install-directory/build-wrapper-win-x86" output
grep "build-wrapper-bin=install-directory/build-wrapper-win-x86/build-wrapper-win-x86-64.exe" output
- name: Linux
shell: bash
env:
OS: 'Linux'
ARCH: 'X64'
run: |
./scripts/configure_paths.sh > output
grep -v "::error::" output
echo "- Check sonar-scanner:"
grep "sonar-scanner-url=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-vX.Y.Z.MMMM-linux.zip" output
grep "sonar-scanner-sha=DOWNLOAD-SHA-LINUX" output
grep "sonar-scanner-dir=install-directory/sonar-scanner-vX.Y.Z.MMMM-linux" output
grep "sonar-scanner-bin=install-directory/sonar-scanner-vX.Y.Z.MMMM-linux/bin/sonar-scanner" output
echo "- Check build-wrapper:"
grep "build-wrapper-url=http://sonar-host.com/static/cpp/build-wrapper-linux-x86.zip" output
grep "build-wrapper-dir=install-directory/build-wrapper-linux-x86" output
grep "build-wrapper-bin=install-directory/build-wrapper-linux-x86/build-wrapper-linux-x86-64" output
- name: macOSX
shell: bash
env:
OS: 'macOS'
ARCH: 'X64'
run: |
./scripts/configure_paths.sh > output
grep -v "::error::" output
echo "- Check sonar-scanner:"
grep "sonar-scanner-url=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-vX.Y.Z.MMMM-macosx.zip" output
grep "sonar-scanner-sha=DOWNLOAD-SHA-MACOSX" output
grep "sonar-scanner-dir=install-directory/sonar-scanner-vX.Y.Z.MMMM-macosx" output
grep "sonar-scanner-bin=install-directory/sonar-scanner-vX.Y.Z.MMMM-macosx/bin/sonar-scanner" output
echo "- Check build-wrapper:"
grep "build-wrapper-url=http://sonar-host.com/static/cpp/build-wrapper-macosx-x86.zip" output
grep "build-wrapper-dir=install-directory/build-wrapper-macosx-x86" output
grep "build-wrapper-bin=install-directory/build-wrapper-macosx-x86/build-wrapper-macosx-x86" output
- name: Unssuported OS
shell: bash
env:
OS: 'unsupportedOS'
ARCH: 'X64'
run: |
(./scripts/configure_paths.sh || echo "=== Script failed ===") > output
echo "- Check errors:"
grep "::error::Unsupported runner OS 'unsupportedOS'" output
grep "=== Script failed ===" output
- name: Unssuported architecture
shell: bash
env:
OS: 'Linux'
ARCH: 'X86'
run: |
(./scripts/configure_paths.sh || echo "=== Script failed ===") > output
echo "- Check errors:"
grep "::error::Architecture 'X86' is unsupported by build-wrapper" output
grep "=== Script failed ===" output
download-script-test:
name: download.sh script test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis

- name: Download test without validation
shell: bash
env:
INSTALL_PATH: 'install-directory-no-sha-validation'
DOWNLOAD_URL: 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.6.2.2472-linux.zip'
EXPECTED_SHA: 'incorrect-sha-not-validated'
TMP_ZIP_PATH: ${{ runner.temp }}/sonar-scanner.zip
run: |
./scripts/download.sh > output
test -f "$TMP_ZIP_PATH"
grep -v "::error::" output
- name: Download test with validation
shell: bash
env:
INSTALL_PATH: 'install-directory-sha-validation'
DOWNLOAD_URL: 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.6.2.2472-linux.zip'
EXPECTED_SHA: '9411331814c1d002bd65d37758b872918b7602e7cf3ca5b83a3e19a729b2be05'
TMP_ZIP_PATH: ${{ runner.temp }}/sonar-scanner.zip
run: |
./scripts/download.sh -v > output
test -f "$TMP_ZIP_PATH"
grep -v "::error::" output
- name: Incorrect install dir
shell: bash
env:
INSTALL_PATH: ''
run: |
(./scripts/download.sh || echo "=== Script failed ===") > output
grep "::error::Failed to create" output
grep "=== Script failed ===" output
- name: Incorrect download url
shell: bash
env:
INSTALL_PATH: 'install-directory-incorrect-url'
DOWNLOAD_URL: 'incorrect-url'
run: |
(./scripts/download.sh || echo "=== Script failed ===") > output
grep "::error::Failed to download 'incorrect-url'" output
grep "=== Script failed ===" output
- name: Incorrect SHA256
shell: bash
env:
INSTALL_PATH: 'install-directory-incorrect-sha'
DOWNLOAD_URL: 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.6.2.2472-linux.zip'
EXPECTED_SHA: 'incorrect-sha256'
TMP_ZIP_PATH: ${{ runner.temp }}/sonar-scanner.zip
run: |
(./scripts/download.sh -v || echo "=== Script failed ===") > output
grep "::error::Checking sha256 failed" output
grep "=== Script failed ===" output
- name: Mismatching SHA256
shell: bash
env:
INSTALL_PATH: 'install-directory-mismtaching-sha'
DOWNLOAD_URL: 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.6.2.2472-linux.zip'
EXPECTED_SHA: '3e121d85a4adb1f30b917d5f3eb897966b59e02c3d6d313a78dcd964193dc963'
TMP_ZIP_PATH: ${{ runner.temp }}/sonar-scanner.zip
run: |
(./scripts/download.sh -v || echo "=== Script failed ===") > output
grep "::error::Checking sha256 failed" output
grep "=== Script failed ===" output
fetch-latest-version-test:
name: fetch_latest_version.sh script test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Test script
shell: bash
run: |
./scripts/fetch_latest_version.sh > output
echo "- Check sonar-scanner version:"
grep "sonar-scanner-version=" output
SONAR_SCANNER_VERSION=$(cat output | cut -d= -f 2)
test ! -z "${SONAR_SCANNER_VERSION}"
echo "- Check windows sonar-scanner URLs:"
grep "sonar-scanner-url-windows=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${SONAR_SCANNER_VERSION}-windows.zip" output
grep -e "^sonar-scanner-sha-windows=[0-9A-Fa-f]\+$" output
echo "- Check linux sonar-scanner URLs:"
grep "sonar-scanner-url-linux=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux.zip" output
grep -e "^sonar-scanner-sha-linux=[0-9A-Fa-f]\+$" output
echo "- Check macosx sonar-scanner URLs:"
grep "sonar-scanner-url-macosx=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${SONAR_SCANNER_VERSION}-macosx.zip" output
grep -e "^sonar-scanner-sha-macosx=[0-9A-Fa-f]\+$" output
output-test:
name: Test action outputs
strategy:
matrix:
os: [ubuntu-latest, windows-latest, macos-latest]
cache: [true, false]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis

- name: Run SonarQube C/C++ action
id: run-action
uses: ./
env:
SONAR_HOST_URL: 'https://next.sonarqube.com/'
with:
cache-binaries: ${{ matrix.cache }}

- name: SONAR_HOST_URL is set
shell: bash
run: |
[[ $SONAR_HOST_URL == "https://next.sonarqube.com/" ]]
- name: sonar-scanner is installed and in PATH
run: |
sonar-scanner --help | grep "INFO: usage: sonar-scanner "
- name: sonar-scanner-binary output is correct
shell: bash
env:
BINARY: ${{ steps.run-action.outputs.sonar-scanner-binary }}
run: |
"$BINARY" --help | grep "INFO: usage: sonar-scanner "
# build-wrapper does not have --help or equivalent option.
# Pass to few arguments and ignore error code
- name: build-wrapper is installed and in PATH on Windows
if: runner.os == 'Windows'
shell: bash
run: |
(build-wrapper-win-x86-64.exe || true) | grep "build-wrapper, version "
- name: build-wrapper is installed and in PATH on Linux
if: runner.os == 'Linux'
shell: bash
run: |
(build-wrapper-linux-x86-64 || true) | grep "build-wrapper, version "
- name: build-wrapper is installed and in PATH on macOS
if: runner.os == 'macOs'
shell: bash
run: |
(build-wrapper-macosx-x86 || true) | grep "build-wrapper, version "
- name: build-wrapper-binary output is correct
shell: bash
env:
BINARY: ${{ steps.run-action.outputs.build-wrapper-binary }}
run: |
("$BINARY" || true) | grep "build-wrapper, version "
Loading

0 comments on commit 3b73249

Please sign in to comment.