Skip to content
Snippets Groups Projects
Commit 8836ee16 authored by Vivek Dutta's avatar Vivek Dutta
Browse files

Added infer and minor cleanup

parent 73750b51
Branches
Tags
1 merge request!26Added infer and minor cleanup
......@@ -18,7 +18,6 @@ RUN \
autoconf \
automake \
build-essential \
clang-format \
cmake \
curl \
gcovr \
......@@ -51,7 +50,6 @@ RUN \
libnl-route-3-dev \
libpcre3-dev \
libssl-dev \
libssl-dev \
libtool \
libtrace-dev \
libuv1-dev \
......@@ -66,27 +64,19 @@ RUN \
# Dependencies for ieee1905
libpcap-dev \
clang \
shellcheck
clang-format \
clang-tidy \
shellcheck \
jq \
python3-pip \
cppcheck \
bear
RUN mkdir /opt/dev && \
mkdir /etc/config
RUN git config --global advice.detachedHead false
# install cppcheck
ARG CPPCHECK_VERSION=2.7
RUN \
cd /opt/dev && \
git clone -b ${CPPCHECK_VERSION} --depth=1 https://github.com/danmar/cppcheck.git && \
cd cppcheck && \
mkdir build && \
cd build && \
cmake -DHAVE_RULES=ON -DUSE_MATCHCOMPILER=ON .. && \
cmake --build . && \
cmake --install . && \
cd ../.. && \
rm -rf cppcheck
# install node
ARG NODEJS_VERSION_MAJOR=16
RUN curl -fsSL "https://deb.nodesource.com/setup_${NODEJS_VERSION_MAJOR}.x" | bash - && \
......@@ -124,7 +114,7 @@ RUN \
git clone https://git.openwrt.org/project/libubox.git && \
cd libubox && mkdir build && cd build && \
git checkout ${LIBUBOX_VERSION} && \
cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" .. && \
cmake -DCMAKE_INSTALL_PREFIX=/usr -DBUILD_LUA=OFF -DCMAKE_BUILD_TYPE:String="Release" .. && \
make -j2 && \
make install
......@@ -161,17 +151,6 @@ RUN \
make -j2 && \
make install
# json-editor
ARG JSON_EDITOR_VERSION=44b32937a062ec4ffc9f7355841dc94ab6efa50f
RUN \
cd /opt/dev && \
git clone https://dev.iopsys.eu/iopsys/json-editor.git && \
cd json-editor && \
git checkout ${JSON_EDITOR_VERSION} && \
cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE:String="Release" . && \
make && \
make install
# json-cpp
ARG JSON_CPP_VERSION=v3.11.2
RUN \
......@@ -256,17 +235,34 @@ RUN \
ln -sf /usr/lib/libmicroxml.so.1.0 /lib/libmicroxml.so && \
ln -sf /usr/lib/libmicroxml.so.1.0 /lib/libmicroxml.so.1
# Download the Infer release
ARG INFER_VERSION=v1.2.0
RUN cd /opt/dev && \
curl -sL https://github.com/facebook/infer/releases/download/${INFER_VERSION}/infer-linux-x86_64-${INFER_VERSION}.tar.xz | tar xJ && \
mv /opt/dev/infer-linux-x86_64-$INFER_VERSION /infer
# Install infer
ENV PATH /infer/bin:${PATH}
# Install python ubus module and valgrind-ci
RUN pip3 install ubus ValgrindCI
WORKDIR /builds/iopsys/
# Prepare supervisor
RUN mkdir -p /var/log/supervisor && \
mkdir -p /etc/supervisor/conf.d/
COPY supervisord.conf /etc/supervisor/
# Prepare JSON Schemas
RUN mkdir -p /usr/share/rpcd/schemas && \
mkdir -p /usr/share/rpcd/definitions
# Copy more_test script
COPY more_test.sh /usr/local/bin/more_test.sh
# Start entrypoint
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
#!/bin/bash
log()
{
echo "# $* ..."
}
exec_cmd()
{
log "Running [$@]"
$@
if [ "$?" -ne 0 ]; then
log "Failed to run [$@]..."
exit 1
fi
}
generate_compilation_db()
{
if [ -n "${COMPILATION_FIXUP}" ]; then
COMPILATION_FIXUP="${COMPILATION_FIXUP/cmake /cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON }"
exec_cmd ${COMPILATION_FIXUP}
fi
exec_cmd bear -- make -C ${SOURCE_FOLDER}
if [ ! -f "compile_commands.json" ]; then
log "Failed to generate compilation db"
exit 2
fi
}
run_cppcheck_validation()
{
if [ -f "compile_commands.json" ]; then
exec_cmd cppcheck --error-exitcode=1 --addon=threadsafety --addon=cert --inline-suppr ${CPPCHECK_OPTIONS} --project=compile_commands.json
else
exec_cmd cppcheck --error-exitcode=1 --addon=threadsafety --addon=cert --inline-suppr ${CPPCHECK_OPTIONS} ${SOURCE_FOLDER}
fi
}
run_infer_analysis()
{
exec_cmd infer --fail-on-issue --compilation-database compile_commands.json
}
main()
{
log "SOURCE_FOLDER: ${SOURCE_FOLDER}"
log "COMPILATION_FIXUP: ${COMPILATION_FIXUP}"
log "CPPCHECK_OPTIONS: ${CPPCHECK_OPTIONS}"
log ""
# Install pre-req if present/defined
if [ -f "./gitlab-ci/install-dependencies.sh" ]; then
exec_cmd ./gitlab-ci/install-dependencies.sh
fi
# Generate compilation db
generate_compilation_db
# TODO: Run gcc fanalyzer analysis
# TODO: Run clag analysis
# Run cppcheck with compilation-db
run_cppcheck_validation
# Run infer analysis
run_infer_analysis
}
main "$@"
variables:
COMMON_IMAGE: "dev.iopsys.eu:5050/iopsys/gitlab-ci-pipeline/code-analysis:0.32"
SOURCE_FOLDER: "src"
COMMON_IMAGE: "dev.iopsys.eu:5050/iopsys/gitlab-ci-pipeline/code-analysis:0.33"
FLAWFINDER_OPTIONS: ""
CPD_OPTIONS: "--minimum-tokens 200 --language c --exclude ./test/ --files"
CPPCHECK_OPTIONS: ""
COMPILATION_FIXUP: ""
SHELL_SRC: ""
FLAWFINDER_OPTIONS: "-m 4 --error-level=4"
CPPCHECK_OPTIONS: " --enable=all --inline-suppr --suppress=unusedFunction --suppress=unreadVariable --suppress=unmatchedSuppression"
CPD_OPTIONS: "--minimum-tokens 200 --language c --exclude ./test/cmocka --files"
SHELLCHECK_OPTIONS: "-e SC2039,SC2034,SC1091 -S info"
DEBUG: "FALSE"
......@@ -13,31 +13,29 @@ run_static_code_analysis:
stage: static_code_analysis
allow_failure: false
script:
- echo "flawfinder ${FLAWFINDER_OPTIONS} ${SOURCE_FOLDER}"
- "flawfinder ${FLAWFINDER_OPTIONS} ${SOURCE_FOLDER}"
- echo "cppcheck --error-exitcode=1 ${CPPCHECK_OPTIONS} ${SOURCE_FOLDER}"
- "cppcheck --error-exitcode=1 --inline-suppr ${CPPCHECK_OPTIONS} ${SOURCE_FOLDER}"
- echo "/usr/local/pmd/bin/run.sh cpd ${CPD_OPTIONS}"
- echo "flawfinder --minlevel 4 --error-level=4 ${FLAWFINDER_OPTIONS} ${SOURCE_FOLDER}"
- "flawfinder --minlevel 4 --error-level=4 ${FLAWFINDER_OPTIONS} ${SOURCE_FOLDER}"
- echo "/usr/local/pmd/bin/run.sh cpd ${CPD_OPTIONS} ${SOURCE_FOLDER}"
- "/usr/local/pmd/bin/run.sh cpd ${CPD_OPTIONS} ${SOURCE_FOLDER}"
- echo "Run cppcheck/infer/clag/gcc to scan for more issues"
- "more_test.sh"
only:
variables:
- $SOURCE_FOLDER
artifacts:
when: always
paths:
- infer-out/report.txt
run_compilation_test:
image: ${COMMON_IMAGE}
stage: static_code_analysis
allow_failure: false
script:
- if [ -n "${COMPILE}" ]; then ${COMPILE}; fi
run_optional_checks:
run_shell_checks:
image: ${COMMON_IMAGE}
stage: static_code_analysis
allow_failure: true
script:
- echo "Running optional tests"
- echo "Running shellcheck ${SHELLCHECK_OPTIONS} ${SHELL_SRC}"
- if [ -n "${SHELL_SRC}" ]; then shellcheck ${SHELLCHECK_OPTIONS} ${SHELL_SRC}; fi
- echo "Running CPPCHECK with threadsafety addon"
- "cppcheck --error-exitcode=0 --addon=threadsafety ${SOURCE_FOLDER}"
- echo "Running CPPCHECK with cert addon"
- "cppcheck --error-exitcode=0 --addon=cert ${SOURCE_FOLDER}"
- echo "Running FlawFinder with depth 3"
- "flawfinder -m 3 --error-level=5 ${SOURCE_FOLDER}"
- "shellcheck ${SHELLCHECK_OPTIONS} ${SHELL_SRC}"
only:
variables:
- $SHELL_SRC
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment