Skip to content
Snippets Groups Projects
Commit 1143a77e authored by Vivek Dutta's avatar Vivek Dutta
Browse files

Added infer and minor cleanup

parent 73750b51
No related branches found
No related tags found
No related merge requests found
This commit is part of merge request !26. Comments created here will be created in the context of that merge request.
......@@ -18,7 +18,6 @@ RUN \
autoconf \
automake \
build-essential \
clang-format \
cmake \
curl \
gcovr \
......@@ -51,7 +50,6 @@ RUN \
libnl-route-3-dev \
libpcre3-dev \
libssl-dev \
libssl-dev \
libtool \
libtrace-dev \
libuv1-dev \
......@@ -66,27 +64,19 @@ RUN \
# Dependencies for ieee1905
libpcap-dev \
clang \
shellcheck
clang-format \
clang-tidy \
shellcheck \
jq \
python3-pip \
cppcheck \
bear
RUN mkdir /opt/dev && \
mkdir /etc/config
RUN git config --global advice.detachedHead false
# install cppcheck
ARG CPPCHECK_VERSION=2.7
RUN \
cd /opt/dev && \
git clone -b ${CPPCHECK_VERSION} --depth=1 https://github.com/danmar/cppcheck.git && \
cd cppcheck && \
mkdir build && \
cd build && \
cmake -DHAVE_RULES=ON -DUSE_MATCHCOMPILER=ON .. && \
cmake --build . && \
cmake --install . && \
cd ../.. && \
rm -rf cppcheck
# install node
ARG NODEJS_VERSION_MAJOR=16
RUN curl -fsSL "https://deb.nodesource.com/setup_${NODEJS_VERSION_MAJOR}.x" | bash - && \
......@@ -124,7 +114,7 @@ RUN \
git clone https://git.openwrt.org/project/libubox.git && \
cd libubox && mkdir build && cd build && \
git checkout ${LIBUBOX_VERSION} && \
cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" .. && \
cmake -DCMAKE_INSTALL_PREFIX=/usr -DBUILD_LUA=OFF -DCMAKE_BUILD_TYPE:String="Release" .. && \
make -j2 && \
make install
......@@ -161,17 +151,6 @@ RUN \
make -j2 && \
make install
# json-editor
ARG JSON_EDITOR_VERSION=44b32937a062ec4ffc9f7355841dc94ab6efa50f
RUN \
cd /opt/dev && \
git clone https://dev.iopsys.eu/iopsys/json-editor.git && \
cd json-editor && \
git checkout ${JSON_EDITOR_VERSION} && \
cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" . && \
make && \
make install
# json-cpp
ARG JSON_CPP_VERSION=v3.11.2
RUN \
......@@ -256,17 +235,37 @@ RUN \
ln -sf /usr/lib/libmicroxml.so.1.0 /lib/libmicroxml.so && \
ln -sf /usr/lib/libmicroxml.so.1.0 /lib/libmicroxml.so.1
# Download the Infer release
RUN INFER_VERSION=v1.2.0; \
cd /opt && \
curl -sL \
https://github.com/facebook/infer/releases/download/${INFER_VERSION}/infer-linux-x86_64-${INFER_VERSION}.tar.xz | \
tar xJ && \
rm -f /infer && \
ln -s ${PWD}/infer-linux-x86_64-$INFER_VERSION /infer
# Install infer
ENV PATH /infer/bin:${PATH}
# Install python ubus module and valgrind-ci
RUN pip3 install ubus ValgrindCI
WORKDIR /builds/iopsys/
# Prepare supervisor
RUN mkdir -p /var/log/supervisor && \
mkdir -p /etc/supervisor/conf.d/
COPY supervisord.conf /etc/supervisor/
# Prepare JSON Schemas
RUN mkdir -p /usr/share/rpcd/schemas && \
mkdir -p /usr/share/rpcd/definitions
# Copy more_test script
COPY more_test.sh /usr/local/bin/more_test.sh
# Start entrypoint
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
#!/bin/bash
log()
{
echo "# $* ..."
}
exec_cmd()
{
log "Running [$@]"
$@
if [ "$?" -ne 0 ]; then
log "Failed to run [$@]..."
exit 1
fi
}
generate_compilation_db()
{
if [ -n "${COMPILATION_FIXUP}" ]; then
COMPILATION_FIXUP="${COMPILATION_FIXUP/cmake /cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON }"
exec_cmd ${COMPILATION_FIXUP}
fi
exec_cmd bear -- make -C ${SOURCE_FOLDER}
if [ ! -f "compile_commands.json" ]; then
log "Failed to generate compilation db"
exit 2
fi
}
run_cppcheck_validation()
{
if [ -f "compile_commands.json" ]; then
exec_cmd cppcheck --error-exitcode=1 --addon=threadsafety --addon=cert --inline-suppr ${CPPCHECK_OPTIONS} --project=compile_commands.json
else
exec_cmd cppcheck --error-exitcode=1 --addon=threadsafety --addon=cert --inline-suppr ${CPPCHECK_OPTIONS} ${SOURCE_FOLDER}
fi
}
run_infer_analysis()
{
exec_cmd infer --fail-on-issue --compilation-database compile_commands.json
}
main()
{
log "SOURCE_FOLDER: ${SOURCE_FOLDER}"
log "COMPILATION_FIXUP: ${COMPILATION_FIXUP}"
log "CPPCHECK_OPTIONS: ${CPPCHECK_OPTIONS}"
log ""
# Install pre-req if present/defined
if [ -f "./gitlab-ci/install-dependencies.sh" ]; then
exec_cmd ./gitlab-ci/install-dependencies.sh
fi
# Generate compilation db
generate_compilation_db
# TODO: Run gcc fanalyzer analysis
# TODO: Run clag analysis
# Run cppcheck with compilation-db
run_cppcheck_validation
# Run infer analysis
run_infer_analysis
}
main "$@"
variables:
COMMON_IMAGE: "dev.iopsys.eu:5050/iopsys/gitlab-ci-pipeline/code-analysis:0.32"
SOURCE_FOLDER: "src"
COMMON_IMAGE: "dev.iopsys.eu:5050/iopsys/gitlab-ci-pipeline/code-analysis:0.33"
FLAWFINDER_OPTIONS: ""
CPD_OPTIONS: "--minimum-tokens 200 --language c --exclude ./test/ --files"
CPPCHECK_OPTIONS: ""
COMPILATION_FIXUP: ""
SHELL_SRC: ""
FLAWFINDER_OPTIONS: "-m 4 --error-level=4"
CPPCHECK_OPTIONS: " --enable=all --inline-suppr --suppress=unusedFunction --suppress=unreadVariable --suppress=unmatchedSuppression"
CPD_OPTIONS: "--minimum-tokens 200 --language c --exclude ./test/cmocka --files"
SHELLCHECK_OPTIONS: "-e SC2039,SC2034,SC1091 -S info"
DEBUG: "FALSE"
......@@ -13,31 +13,29 @@ run_static_code_analysis:
stage: static_code_analysis
allow_failure: false
script:
- echo "flawfinder ${FLAWFINDER_OPTIONS} ${SOURCE_FOLDER}"
- "flawfinder ${FLAWFINDER_OPTIONS} ${SOURCE_FOLDER}"
- echo "cppcheck --error-exitcode=1 ${CPPCHECK_OPTIONS} ${SOURCE_FOLDER}"
- "cppcheck --error-exitcode=1 --inline-suppr ${CPPCHECK_OPTIONS} ${SOURCE_FOLDER}"
- echo "/usr/local/pmd/bin/run.sh cpd ${CPD_OPTIONS}"
- echo "flawfinder --minlevel 4 --error-level=4 ${FLAWFINDER_OPTIONS} ${SOURCE_FOLDER}"
- "flawfinder --minlevel 4 --error-level=4 ${FLAWFINDER_OPTIONS} ${SOURCE_FOLDER}"
- echo "/usr/local/pmd/bin/run.sh cpd ${CPD_OPTIONS} ${SOURCE_FOLDER}"
- "/usr/local/pmd/bin/run.sh cpd ${CPD_OPTIONS} ${SOURCE_FOLDER}"
- echo "Run cppcheck/infer/clag/gcc to scan for more issues"
- "more_test.sh"
only:
variables:
- $SOURCE_FOLDER
artifacts:
when: always
paths:
- infer-out/report.txt
run_compilation_test:
image: ${COMMON_IMAGE}
stage: static_code_analysis
allow_failure: false
script:
- if [ -n "${COMPILE}" ]; then ${COMPILE}; fi
run_optional_checks:
run_shell_checks:
image: ${COMMON_IMAGE}
stage: static_code_analysis
allow_failure: true
script:
- echo "Running optional tests"
- echo "Running shellcheck ${SHELLCHECK_OPTIONS} ${SHELL_SRC}"
- if [ -n "${SHELL_SRC}" ]; then shellcheck ${SHELLCHECK_OPTIONS} ${SHELL_SRC}; fi
- echo "Running CPPCHECK with threadsafety addon"
- "cppcheck --error-exitcode=0 --addon=threadsafety ${SOURCE_FOLDER}"
- echo "Running CPPCHECK with cert addon"
- "cppcheck --error-exitcode=0 --addon=cert ${SOURCE_FOLDER}"
- echo "Running FlawFinder with depth 3"
- "flawfinder -m 3 --error-level=5 ${SOURCE_FOLDER}"
- "shellcheck ${SHELLCHECK_OPTIONS} ${SHELL_SRC}"
only:
variables:
- $SHELL_SRC
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment