Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
G
gitlab-ci-pipeline
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Deploy
Releases
Container registry
Model registry
Analyze
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
IOPSYS
gitlab-ci-pipeline
Commits
8836ee16
Commit
8836ee16
authored
11 months ago
by
Vivek Dutta
Browse files
Options
Downloads
Patches
Plain Diff
Added infer and minor cleanup
parent
73750b51
Branches
Branches containing commit
Tags
Tags containing commit
1 merge request
!26
Added infer and minor cleanup
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
docker/code-analysis/Dockerfile
+25
-29
25 additions, 29 deletions
docker/code-analysis/Dockerfile
docker/code-analysis/more_test.sh
+72
-0
72 additions, 0 deletions
docker/code-analysis/more_test.sh
static-code-analysis.yml
+22
-24
22 additions, 24 deletions
static-code-analysis.yml
with
119 additions
and
53 deletions
docker/code-analysis/Dockerfile
+
25
−
29
View file @
8836ee16
...
...
@@ -18,7 +18,6 @@ RUN \
autoconf \
automake \
build-essential \
clang-format \
cmake \
curl \
gcovr \
...
...
@@ -51,7 +50,6 @@ RUN \
libnl-route-3-dev \
libpcre3-dev \
libssl-dev \
libssl-dev \
libtool \
libtrace-dev \
libuv1-dev \
...
...
@@ -66,27 +64,19 @@ RUN \
# Dependencies for ieee1905
libpcap-dev \
clang \
shellcheck
clang-format \
clang-tidy \
shellcheck \
jq \
python3-pip \
cppcheck \
bear
RUN
mkdir
/opt/dev
&&
\
mkdir
/etc/config
RUN
git config
--global
advice.detachedHead
false
# install cppcheck
ARG
CPPCHECK_VERSION=2.7
RUN
\
cd
/opt/dev
&&
\
git clone
-b
${
CPPCHECK_VERSION
}
--depth
=
1 https://github.com/danmar/cppcheck.git
&&
\
cd
cppcheck
&&
\
mkdir
build
&&
\
cd
build
&&
\
cmake
-DHAVE_RULES
=
ON
-DUSE_MATCHCOMPILER
=
ON ..
&&
\
cmake
--build
.
&&
\
cmake
--install
.
&&
\
cd
../..
&&
\
rm
-rf
cppcheck
# install node
ARG
NODEJS_VERSION_MAJOR=16
RUN
curl
-fsSL
"https://deb.nodesource.com/setup_
${
NODEJS_VERSION_MAJOR
}
.x"
| bash -
&&
\
...
...
@@ -124,7 +114,7 @@ RUN \
git clone https://git.openwrt.org/project/libubox.git
&&
\
cd
libubox
&&
mkdir
build
&&
cd
build
&&
\
git checkout
${
LIBUBOX_VERSION
}
&&
\
cmake
-DCMAKE_INSTALL_PREFIX
=
/usr
-DCMAKE_BUILD_TYPE
:String
=
"Release"
..
&&
\
cmake
-DCMAKE_INSTALL_PREFIX
=
/usr
-DBUILD_LUA
=
OFF
-DCMAKE_BUILD_TYPE
:String
=
"Release"
..
&&
\
make
-j2
&&
\
make
install
...
...
@@ -161,17 +151,6 @@ RUN \
make
-j2
&&
\
make
install
# json-editor
ARG
JSON_EDITOR_VERSION=44b32937a062ec4ffc9f7355841dc94ab6efa50f
RUN
\
cd
/opt/dev
&&
\
git clone https://dev.iopsys.eu/iopsys/json-editor.git
&&
\
cd
json-editor
&&
\
git checkout
${
JSON_EDITOR_VERSION
}
&&
\
cmake
-DCMAKE_INSTALL_PREFIX
=
/usr
-DCMAKE_BUILD_TYPE
:String
=
"Release"
.
&&
\
make
&&
\
make
install
# json-cpp
ARG
JSON_CPP_VERSION=v3.11.2
RUN
\
...
...
@@ -256,17 +235,34 @@ RUN \
ln
-sf
/usr/lib/libmicroxml.so.1.0 /lib/libmicroxml.so
&&
\
ln
-sf
/usr/lib/libmicroxml.so.1.0 /lib/libmicroxml.so.1
# Download the Infer release
ARG
INFER_VERSION=v1.2.0
RUN
cd
/opt/dev
&&
\
curl
-sL
https://github.com/facebook/infer/releases/download/
${
INFER_VERSION
}
/infer-linux-x86_64-
${
INFER_VERSION
}
.tar.xz |
tar
xJ
&&
\
mv
/opt/dev/infer-linux-x86_64-
$INFER_VERSION
/infer
# Install infer
ENV
PATH /infer/bin:${PATH}
# Install python ubus module and valgrind-ci
RUN
pip3
install
ubus ValgrindCI
WORKDIR
/builds/iopsys/
# Prepare supervisor
RUN
mkdir
-p
/var/log/supervisor
&&
\
mkdir
-p
/etc/supervisor/conf.d/
COPY
supervisord.conf /etc/supervisor/
# Prepare JSON Schemas
RUN
mkdir
-p
/usr/share/rpcd/schemas
&&
\
mkdir
-p
/usr/share/rpcd/definitions
# Copy more_test script
COPY
more_test.sh /usr/local/bin/more_test.sh
# Start entrypoint
COPY
entrypoint.sh /usr/local/bin/entrypoint.sh
ENTRYPOINT
["/usr/local/bin/entrypoint.sh"]
This diff is collapsed.
Click to expand it.
docker/code-analysis/more_test.sh
0 → 100755
+
72
−
0
View file @
8836ee16
#!/bin/bash
log
()
{
echo
"#
$*
..."
}
exec_cmd
()
{
log
"Running [
$@
]"
$@
if
[
"
$?
"
-ne
0
]
;
then
log
"Failed to run [
$@
]..."
exit
1
fi
}
generate_compilation_db
()
{
if
[
-n
"
${
COMPILATION_FIXUP
}
"
]
;
then
COMPILATION_FIXUP
=
"
${
COMPILATION_FIXUP
/cmake /cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON
}
"
exec_cmd
${
COMPILATION_FIXUP
}
fi
exec_cmd bear
--
make
-C
${
SOURCE_FOLDER
}
if
[
!
-f
"compile_commands.json"
]
;
then
log
"Failed to generate compilation db"
exit
2
fi
}
run_cppcheck_validation
()
{
if
[
-f
"compile_commands.json"
]
;
then
exec_cmd cppcheck
--error-exitcode
=
1
--addon
=
threadsafety
--addon
=
cert
--inline-suppr
${
CPPCHECK_OPTIONS
}
--project
=
compile_commands.json
else
exec_cmd cppcheck
--error-exitcode
=
1
--addon
=
threadsafety
--addon
=
cert
--inline-suppr
${
CPPCHECK_OPTIONS
}
${
SOURCE_FOLDER
}
fi
}
run_infer_analysis
()
{
exec_cmd infer
--fail-on-issue
--compilation-database
compile_commands.json
}
main
()
{
log
"SOURCE_FOLDER:
${
SOURCE_FOLDER
}
"
log
"COMPILATION_FIXUP:
${
COMPILATION_FIXUP
}
"
log
"CPPCHECK_OPTIONS:
${
CPPCHECK_OPTIONS
}
"
log
""
# Install pre-req if present/defined
if
[
-f
"./gitlab-ci/install-dependencies.sh"
]
;
then
exec_cmd ./gitlab-ci/install-dependencies.sh
fi
# Generate compilation db
generate_compilation_db
# TODO: Run gcc fanalyzer analysis
# TODO: Run clag analysis
# Run cppcheck with compilation-db
run_cppcheck_validation
# Run infer analysis
run_infer_analysis
}
main
"
$@
"
This diff is collapsed.
Click to expand it.
static-code-analysis.yml
+
22
−
24
View file @
8836ee16
variables
:
COMMON_IMAGE
:
"
dev.iopsys.eu:5050/iopsys/gitlab-ci-pipeline/code-analysis:0.32"
SOURCE_FOLDER
:
"
src"
COMMON_IMAGE
:
"
dev.iopsys.eu:5050/iopsys/gitlab-ci-pipeline/code-analysis:0.33"
FLAWFINDER_OPTIONS
:
"
"
CPD_OPTIONS
:
"
--minimum-tokens
200
--language
c
--exclude
./test/
--files"
CPPCHECK_OPTIONS
:
"
"
COMPILATION_FIXUP
:
"
"
SHELL_SRC
:
"
"
FLAWFINDER_OPTIONS
:
"
-m
4
--error-level=4"
CPPCHECK_OPTIONS
:
"
--enable=all
--inline-suppr
--suppress=unusedFunction
--suppress=unreadVariable
--suppress=unmatchedSuppression"
CPD_OPTIONS
:
"
--minimum-tokens
200
--language
c
--exclude
./test/cmocka
--files"
SHELLCHECK_OPTIONS
:
"
-e
SC2039,SC2034,SC1091
-S
info"
DEBUG
:
"
FALSE"
...
...
@@ -13,31 +13,29 @@ run_static_code_analysis:
stage
:
static_code_analysis
allow_failure
:
false
script
:
-
echo "flawfinder ${FLAWFINDER_OPTIONS} ${SOURCE_FOLDER}"
-
"
flawfinder
${FLAWFINDER_OPTIONS}
${SOURCE_FOLDER}"
-
echo "cppcheck --error-exitcode=1 ${CPPCHECK_OPTIONS} ${SOURCE_FOLDER}"
-
"
cppcheck
--error-exitcode=1
--inline-suppr
${CPPCHECK_OPTIONS}
${SOURCE_FOLDER}"
-
echo "/usr/local/pmd/bin/run.sh cpd ${CPD_OPTIONS}"
-
echo "flawfinder --minlevel 4 --error-level=4 ${FLAWFINDER_OPTIONS} ${SOURCE_FOLDER}"
-
"
flawfinder
--minlevel
4
--error-level=4
${FLAWFINDER_OPTIONS}
${SOURCE_FOLDER}"
-
echo "/usr/local/pmd/bin/run.sh cpd ${CPD_OPTIONS} ${SOURCE_FOLDER}"
-
"
/usr/local/pmd/bin/run.sh
cpd
${CPD_OPTIONS}
${SOURCE_FOLDER}"
-
echo "Run cppcheck/infer/clag/gcc to scan for more issues"
-
"
more_test.sh"
only
:
variables
:
-
$SOURCE_FOLDER
artifacts
:
when
:
always
paths
:
-
infer-out/report.txt
run_compilation_test
:
image
:
${COMMON_IMAGE}
stage
:
static_code_analysis
allow_failure
:
false
script
:
-
if [ -n "${COMPILE}" ]; then ${COMPILE}; fi
run_
optiona
l_checks
:
run_
shel
l_checks
:
image
:
${COMMON_IMAGE}
stage
:
static_code_analysis
allow_failure
:
true
script
:
-
echo "Running optional tests"
-
echo "Running shellcheck ${SHELLCHECK_OPTIONS} ${SHELL_SRC}"
-
if [ -n "${SHELL_SRC}" ]; then shellcheck ${SHELLCHECK_OPTIONS} ${SHELL_SRC}; fi
-
echo "Running CPPCHECK with threadsafety addon"
-
"
cppcheck
--error-exitcode=0
--addon=threadsafety
${SOURCE_FOLDER}"
-
echo "Running CPPCHECK with cert addon"
-
"
cppcheck
--error-exitcode=0
--addon=cert
${SOURCE_FOLDER}"
-
echo "Running FlawFinder with depth 3"
-
"
flawfinder
-m
3
--error-level=5
${SOURCE_FOLDER}"
-
"
shellcheck
${SHELLCHECK_OPTIONS}
${SHELL_SRC}"
only
:
variables
:
-
$SHELL_SRC
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment