nasa/fprime
1
0
Fork 0
mirror of https://github.com/nasa/fprime.git synced 2026-04-12 05:19:03 -05:00
Code Issues Packages Projects Releases 34 Wiki Activity
Files
docs/auto-documentation
fprime/.github/workflows/cppcheck-scan.yml
M Starch f62ade55ca OSAL clean-up (#2933) 
* OSAL clean-up

* Adding comments to file

* Regressing ubuntu-latest to ubuntu-22.04

* Fixing 24.0.4 santizer bug

* Fixing regression in cmd sequencer

* Fixing other cleanups
2024-10-09 17:55:41 -07:00

73 lines
3.0 KiB
YAML
Raw Permalink Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Adapted from https://github.com/nasa/cFS/blob/c36aa2c1df0fb47a3838577908af3d0d0ab0ef54/.github/workflows/static-analysis.yml
name: "Cppcheck Scan"
on:
push:
branches: [ devel, release/** ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ devel, release/** ]
paths-ignore:
- 'docs/**'
- '**.md'
- '.github/actions/spelling/**'
- '.github/ISSUE_TEMPLATE/**'
jobs:
cppcheck:
name: Cppcheck
runs-on: ubuntu-22.04
permissions:
actions: read
contents: read
security-events: write
steps:
- name: "Checkout F´ Repository"
uses: actions/checkout@v4
with:
fetch-depth: 0
submodules: true
- uses: ./.github/actions/setup
- name: Install cppcheck
run: sudo apt-get install cppcheck xsltproc -y
- name: Install sarif tool
run: npm i -g @microsoft/sarif-multitool
# With a CMake-based project, we get the list of files by setting up a build with CMAKE_EXPORT_COMPILE_COMMANDS=ON and
# referencing the compile_commands.json file produced by the tool. This will capture the correct include paths and
# compile definitions based on how the source is actually compiled. See https://cppcheck.sourceforge.io/manual.html
- name: Generate & build F´
run: |
fprime-util generate -DCMAKE_EXPORT_COMPILE_COMMANDS=ON
fprime-util build --all --jobs "$(nproc || printf '%s\n' 1)"
echo CPPCHECK_OPTS=--project="$GITHUB_WORKSPACE/build-fprime-automatic-native/compile_commands.json" >> $GITHUB_ENV
- name: Run cppcheck
run: cppcheck --force --relative-paths=$(pwd) --inline-suppr --std=c++11 -j "$(nproc || printf '%s\n' 1)" --max-ctu-depth=16 --enable=warning,performance,portability --suppress=variableScope --inconclusive --xml $CPPCHECK_OPTS 2> cppcheck_err.xml
- name: Convert cppcheck results to SARIF
run: npx "@microsoft/sarif-multitool" convert "cppcheck_err.xml" --tool "CppCheck" --output "cppcheck_err.sarif"
- name: Convert cppcheck results to Markdown & Integrate them in the workflow summary
run: xsltproc .github/scripts/cppcheck-xml2text.xslt cppcheck_err.xml | tee $GITHUB_STEP_SUMMARY cppcheck_err.txt
- name: Upload SARIF file to GitHub Code Scanning Alerts
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: ${{ github.workspace }}/cppcheck_err.sarif
category: "cppcheck"
- name: Archive static analysis artifacts to download and view
uses: actions/upload-artifact@v4
with:
name: cppcheck-errors
path: ./*cppcheck_err.*
# Make the whole step fail if there is an error detected by cppcheck. By default, GitHub Actions enables the set -e.
# See https://stackoverflow.com/questions/73066461/github-actions-why-an-intermediate-command-failure-in-shell-script-would-cause.
- name: Check for reported errors
run: tail -n 1 cppcheck_err.txt | grep -q '^\*\*0 error(s) reported\*\*$'
Reference in New Issue View Git Blame Copy Permalink