Static Analysis #1369
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Static Analysis" | |
on: | |
push: | |
pull_request: | |
branches: [ latest ] | |
schedule: | |
- cron: '18 6 * * 2' | |
jobs: | |
local-analysis: | |
name: "custom analysis" | |
runs-on: "ubuntu-latest" | |
steps: | |
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- name: Check Headers | |
run: | | |
tools/check_headers/check_headers.rb "include/**/*.h*" "include/**/**/*.h" | |
tools/check_headers/check_headers.rb "src/**/*.c" | |
tools/check_headers/check_headers.rb "test/**/*.cpp" | |
tools/check_headers/check_headers.rb "docs/examples/**/*.c" | |
- name: Check Localization | |
run: | | |
scripts/check_l10n.rb "include/private/config/locale/*-??.h" | |
- name: Build Documentation | |
run: | | |
sudo apt-get update | |
sudo apt-get install doxygen | |
cmake . | |
make docs | |
codeql-analysis: | |
name: "codeql analysis" | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
language: [ 'cpp' ] | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2.22.3 | |
with: | |
languages: ${{ matrix.language }} | |
- name: Autobuild | |
uses: github/codeql-action/autobuild@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2.22.3 | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2.22.3 | |
sonarcloud-analysis: | |
name: "sonarcloud analysis" | |
runs-on: "ubuntu-latest" | |
steps: | |
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
with: | |
fetch-depth: 0 | |
- name: Configure | |
run: | | |
cmake . | |
- name: Sonarcloud Analysis | |
if: ${{ github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository }} | |
run: | | |
wget -q https://sonarcloud.io/static/cpp/build-wrapper-linux-x86.zip | |
unzip build-wrapper-linux-x86.zip | |
./build-wrapper-linux-x86/build-wrapper-linux-x86-64 --out-dir bw-output make all | |
wget -q https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006-linux.zip | |
unzip -qq -o sonar-scanner-cli-5.0.1.3006-linux.zip | |
chmod +x sonar-scanner-5.0.1.3006-linux/bin/sonar-scanner | |
sonar-scanner-5.0.1.3006-linux/bin/sonar-scanner -Dproject.settings=tools/sonar/sonar-project.properties | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
SONARQUBE_SCANNER_PARAMS: '{"sonar.host.url":"https://sonarcloud.io"}' | |
custom-anaysis: | |
name: Custom Analysis | |
runs-on: "ubuntu-latest" | |
steps: | |
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
with: | |
fetch-depth: 0 | |
- name: "@since standardization" | |
run: | | |
# look for all instances of @since, then look for any that do not meet the required pattern. @since release x.x.x | |
if grep --include=\*.{c,h,cpp,hpp} -rnw . -e ".*@since .*" | grep -qv ".* @since release v[[:digit:]]\+\.[[:digit:]]\+\.[[:digit:]].*"; then | |
# at this point the check has failed, but we want to give some info to the user. i have found it difficult to get the status code | |
# and print out the offending lines without this duplication | |
# get all instances of @since, offending and not offending | |
grep --include=\*.{c,h,cpp,hpp} -rnw . -e "@since .*" | \ | |
# find all instances that do not meet the required pattern | |
grep -v ".* @since release v[[:digit:]]\+\.[[:digit:]]\+\.[[:digit:]].*" | \ | |
# print an error message, including line number with -n from grep. mention supported format. | |
xargs -I{} echo "Static Analysis Failed: \"{}\" Supported format is \"@since release vX.X.X\"" | |
exit 1 | |
else | |
exit 0 | |
fi | |
release-version-and-date-analysis: | |
name: "release version and date analysis" | |
runs-on: "ubuntu-latest" | |
steps: | |
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
with: | |
fetch-depth: 0 | |
- name: Release Version and Date Analysis | |
run: | | |
# search for release and date line from CITATION.cff with format: | |
# 'version: X.X.X' and 'date-released: XXXX-XX-XX' then extract to variables | |
# find the line with each, then extract the value wanted (version number or date) as well as line number | |
version_citation_info=$(grep -n -E -m1 '^version: [0-9]+\.[0-9]+\.[0-9]+' "CITATION.cff") | |
version_citation_line=$(echo "$version_citation_info" | cut -d: -f1) | |
version_citation=$(echo "$version_citation_info" | awk '{print $2}') | |
date_citation_info=$(grep -n -E -m1 'date-released: [0-9]{4}-[0-9]{2}-[0-9]{2}' "CITATION.cff") | |
date_citation_line=$(echo "$date_citation_info" | cut -d: -f1) | |
date_citation=$(echo "$date_citation_info" | awk '{print $2}') | |
# search for version and date line from ChangeLog.md with format: | |
# '## [X.X.X] - [XX-XX-XXXX]' | |
# find most recent line with version and date of release in ChangeLog.md | |
vd_changelog_info=$(grep -n -E -m1 '## \[[0-9]+\.[0-9]+\.[0-9]+\] - [0-9]{4}-[0-9]{2}-[0-9]{2}' "ChangeLog.md") | |
vd_changelog_line=$(echo "$vd_changelog_info" | cut -d: -f1) | |
# extract version, date and line number (since it's always on one line) to variables | |
version_changelog=$(echo "$vd_changelog_info" | awk -F'[][]' '{print $2}') | |
date_changelog=$(echo "$vd_changelog_info" | awk -F' - ' '{print $2}') | |
# compare version numbers and dates between files, listing discrepancies where found | |
if [[ "$version_changelog" != "$version_citation" ]]; then | |
echo "Release version numbers do not match: $version_changelog (ChangeLog.md on line $vd_changelog_line) vs $version_citation (CITATION.cff on line $version_citation_line)" | |
exit 1 | |
fi | |
if [[ "$date_changelog" != "$date_citation" ]]; then | |
echo "Release dates do not match: $date_changelog (ChangeLog.md on line $vd_changelog_line) vs $date_citation (CITATION.cff on line $date_citation_line)" | |
exit 1 | |
fi |