Analyzers/sanitizers #502
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Analyzers/sanitizers | |
| on: | |
| workflow_run: | |
| workflows: | |
| - "CI v2" | |
| types: | |
| - completed | |
| jobs: | |
| pvs: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| if: github.repository_owner == 'victimsnino' && github.event.workflow_run.conclusion == 'success' | |
| steps: | |
| - uses: haya14busa/action-workflow_run-status@v1 | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| fetch-depth: 0 | |
| repository: ${{ github.event.workflow_run.head_repository.full_name }} | |
| ref: ${{ github.event.workflow_run.head_branch }} | |
| # Work around https://github.com/actions/runner-images/issues/8659 | |
| - name: "Remove GCC 13 from runner image (workaround)" | |
| shell: bash | |
| run: | | |
| sudo rm -f /etc/apt/sources.list.d/ubuntu-toolchain-r-ubuntu-test-jammy.list | |
| sudo apt-get update | |
| sudo apt-get install -y --allow-downgrades libc6=2.35-0ubuntu3.4 libc6-dev=2.35-0ubuntu3.4 libstdc++6=12.3.0-1ubuntu1~22.04 libgcc-s1=12.3.0-1ubuntu1~22.04 | |
| - name: Install tools | |
| run: | | |
| wget -q -O - https://files.pvs-studio.com/etc/pubkey.txt \ | |
| | sudo gpg --no-default-keyring --keyring gnupg-ring:/etc/apt/trusted.gpg.d/PVS.gpg --import | |
| sudo apt-key adv --refresh-keys | |
| sudo chmod 644 /etc/apt/trusted.gpg.d/PVS.gpg | |
| sudo wget -O /etc/apt/sources.list.d/viva64.list \ | |
| https://files.pvs-studio.com/etc/viva64.list | |
| sudo apt update | |
| sudo apt install pvs-studio | |
| pvs-studio-analyzer credentials ${{ secrets.PVS_STUDIO_CREDENTIALS }} | |
| - name: Install Qt | |
| uses: jurplel/install-qt-action@v3 | |
| with: | |
| cache: true | |
| - name: Run CMake | |
| uses: lukka/run-cmake@v10 | |
| with: | |
| configurePreset: ci-ubuntu-clang-tests-no-checks | |
| buildPreset: ci-build | |
| - name: Analyze and prepare report | |
| run: | | |
| pvs-studio-analyzer analyze -f build/compile_commands.json -j -e build/_deps/ | |
| plog-converter -t sarif -o pvs-report.sarif PVS-Studio.log | |
| - name: Publish report | |
| uses: github/codeql-action/upload-sarif@v2 | |
| with: | |
| sarif_file: pvs-report.sarif | |
| category: PVS-Studio | |
| sonarcloud_and_coverage: | |
| runs-on: ubuntu-latest | |
| if: github.repository_owner == 'victimsnino' && github.event.workflow_run.conclusion == 'success' | |
| env: | |
| BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory # Directory where build-wrapper output will be placed | |
| steps: | |
| - uses: haya14busa/action-workflow_run-status@v1 | |
| - uses: actions/checkout@v4 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| fetch-depth: 0 | |
| repository: ${{ github.event.workflow_run.head_repository.full_name }} | |
| ref: ${{ github.event.workflow_run.head_branch }} | |
| - name: Install llvm | |
| run: sudo apt-get update -q && sudo apt-get install llvm -q -y | |
| # Work around https://github.com/actions/runner-images/issues/8659 | |
| - name: "Remove GCC 13 from runner image (workaround)" | |
| shell: bash | |
| run: | | |
| sudo rm -f /etc/apt/sources.list.d/ubuntu-toolchain-r-ubuntu-test-jammy.list | |
| sudo apt-get update | |
| sudo apt-get install -y --allow-downgrades libc6=2.35-0ubuntu3.4 libc6-dev=2.35-0ubuntu3.4 libstdc++6=12.3.0-1ubuntu1~22.04 libgcc-s1=12.3.0-1ubuntu1~22.04 | |
| - name: Install Qt | |
| uses: jurplel/install-qt-action@v3 | |
| with: | |
| cache: true | |
| - name: Install sonar-scanner and build-wrapper | |
| uses: sonarsource/sonarcloud-github-c-cpp@v2 | |
| - name: Run build-wrapper | |
| run: | | |
| mkdir build | |
| cmake --preset=ci-coverage-clang | |
| build-wrapper-linux-x86-64 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} cmake --build --preset=ci-build | |
| ctest --preset=ci-tests | |
| - name: Process coverage info | |
| run: cmake --build build -t coverage | |
| - name: "Get PR information" | |
| uses: potiuk/get-workflow-origin@v1_3 | |
| id: source-run-info | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| sourceRunId: ${{ github.event.workflow_run.id }} | |
| - name: Submit to codecov.io | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| file: build/test_results/coverage.txt | |
| override_branch: ${{ github.event.workflow_run.head_branch }} | |
| override_pr: ${{ steps.source-run-info.outputs.pullRequestNumber }} | |
| override_commit: ${{ github.event.workflow_run.head_sha }} | |
| - name: Run sonar-scanner on PUSH | |
| if: github.event.workflow_run.event == 'push' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| run: | | |
| sonar-scanner --define sonar.cfamily.build-wrapper-output="${{ env.BUILD_WRAPPER_OUT_DIR }}" --define sonar.scm.revision=${{ github.event.workflow_run.head_sha }} | |
| - name: Run sonar-scanner on PullRequest | |
| if: github.event.workflow_run.event != 'push' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| run: | | |
| sonar-scanner --define sonar.cfamily.build-wrapper-output="${{ env.BUILD_WRAPPER_OUT_DIR }}" --define sonar.scm.revision=${{ github.event.workflow_run.head_sha }} --define sonar.pullrequest.key=${{ steps.source-run-info.outputs.pullRequestNumber }} --define sonar.pullrequest.branch=${{ steps.source-run-info.outputs.sourceHeadBranch }} --define sonar.pullrequest.base=${{ steps.source-run-info.outputs.targetBranch }} | |