Skip to content
Snippets Groups Projects
Commit 979f787c authored by Vivek Dutta's avatar Vivek Dutta
Browse files

Tidy-up workspace and infer option for suppression

parent 19b8bd5b
Branches
Tags
1 merge request!30Tidy-up workspace and infer option for suppression
Hide whitespace changes
Inline Side-by-side
docker/code-analysis/static_code_analysis.sh
+ 47
12
View file @ 979f787c
...@@ -5,60 +5,95 @@ log() ...@@ -5,60 +5,95 @@ log()
echo "# $* #" echo "# $* #"
} }
log_err()
{
RED='\033[0;31m'
NC='\033[0m'
echo -e "${RED}# $* #${NC}"
}
exec_cmd() exec_cmd()
{ {
log "Running [$@]" log "Running [$@]"
$@ $@
if [ "$?" -ne 0 ]; then if [ "$?" -ne 0 ]; then
log "Failed to run [$@]..." log_err "Failed to run [$@]..."
if [ -n "${CI}" ]; then if [ -n "${CI}" ]; then
exit 1 exit 1
else else
# Ignore errors for development environment # Ignore errors for development environment
log "Ignoring the last error ..." log_err "Ignoring the last error ..."
fi fi
fi fi
} }
generate_compilation_db() generate_compilation_db()
{ {
if [ -f "compile_commands.json" ]; then
if jq -e '. | length == 0' compile_commands.json; then
log_err "Compilation db empty, probably COMPILATION_FIXUP not set"
exit 1
fi
log "Compilation db already exits, skip generation"
return 0
fi
if [ -n "${COMPILATION_FIXUP}" ]; then if [ -n "${COMPILATION_FIXUP}" ]; then
COMPILATION_FIXUP="${COMPILATION_FIXUP/cmake /cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON }" COMPILATION_FIXUP="${COMPILATION_FIXUP/cmake /cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON }"
exec_cmd ${COMPILATION_FIXUP} exec_cmd ${COMPILATION_FIXUP}
fi fi
if [ -f "compile_commands.json" ]; then
if jq -e '. | length == 0' compile_commands.json; then
log_err "Empty compilation db, probably COMPILATION_FIXUP incorrect"
exit 3
fi
log "Compilation db got generated with COMPILATION_FIXUP ..."
return 0
fi
exec_cmd bear -- make -C ${SOURCE_FOLDER} exec_cmd bear -- make -C ${SOURCE_FOLDER}
make -C ${SOURCE_FOLDER} clean make -C ${SOURCE_FOLDER} clean
if [ ! -f "compile_commands.json" ]; then if [ ! -f "compile_commands.json" ]; then
log "Failed to generate compilation db" log_err "Failed to generate compilation db"
exit 2 exit 2
fi fi
if jq -e '. | length == 0' compile_commands.json; then
log_err "Empty compilation db, probably COMPILATION_FIXUP not set"
exit 4
fi
} }
run_cppcheck_validation() run_cppcheck_validation()
{ {
mkdir -p /tmp/cppcheck
if [ -f "compile_commands.json" ]; then if [ -f "compile_commands.json" ]; then
exec_cmd cppcheck --error-exitcode=1 --addon=threadsafety --addon=cert -i ./test --inline-suppr ${CPPCHECK_OPTIONS} --project=compile_commands.json exec_cmd cppcheck --error-exitcode=1 --addon=threadsafety --addon=cert -i ./test --inline-suppr ${CPPCHECK_OPTIONS} --project=compile_commands.json --cppcheck-build-dir=/tmp/cppcheck
else
exec_cmd cppcheck --error-exitcode=1 --addon=threadsafety --addon=cert -i ./test --inline-suppr ${CPPCHECK_OPTIONS} ${SOURCE_FOLDER}
fi fi
} }
run_cppcheck_clang_validation() run_cppcheck_clang_validation()
{ {
mkdir -p /tmp/cppcheck
if [ -f "compile_commands.json" ]; then if [ -f "compile_commands.json" ]; then
if [ -n "${CI}" ]; then if [ -n "${CI}" ]; then
cppcheck --error-exitcode=1 --clang -i ./test --inline-suppr ${CPPCHECK_OPTIONS} --project=compile_commands.json cppcheck --error-exitcode=1 --clang -i ./test --inline-suppr ${CPPCHECK_OPTIONS} --project=compile_commands.json --cppcheck-build-dir=/tmp/cppcheck
else else
exec_cmd cppcheck --error-exitcode=1 --clang -i ./test --inline-suppr ${CPPCHECK_OPTIONS} --project=compile_commands.json exec_cmd cppcheck --error-exitcode=1 --clang -i ./test --inline-suppr ${CPPCHECK_OPTIONS} --project=compile_commands.json --cppcheck-build-dir=/tmp/cppcheck
fi fi
fi fi
} }
run_infer_analysis() run_infer_analysis()
{ {
exec_cmd infer --fail-on-issue --compilation-database compile_commands.json cmd="infer --fail-on-issue --compilation-database compile_commands.json -o /tmp/infer ${INFER_OPTIONS}"
if ! ${cmd}; then
log_err "Failed to execute [$cmd]"
cp /tmp/infer/report.txt .
fi
} }
run_flawfinder_checks() run_flawfinder_checks()
...@@ -97,6 +132,9 @@ main() ...@@ -97,6 +132,9 @@ main()
exec_cmd ./gitlab-ci/install-dependencies.sh exec_cmd ./gitlab-ci/install-dependencies.sh
fi fi
# Run CPD checks
run_cpd_check
# Run flawfinder # Run flawfinder
run_flawfinder_checks run_flawfinder_checks
...@@ -113,9 +151,6 @@ main() ...@@ -113,9 +151,6 @@ main()
# Run infer analysis # Run infer analysis
run_infer_analysis run_infer_analysis
# Run CPD checks
run_cpd_check
} }
main "$@" main "$@"
static-code-analysis.yml
+ 3
2
View file @ 979f787c
variables: variables:
COMMON_IMAGE: "dev.iopsys.eu:5050/iopsys/gitlab-ci-pipeline/code-analysis:1.1" COMMON_IMAGE: "dev.iopsys.eu:5050/iopsys/gitlab-ci-pipeline/code-analysis:1.2"
FLAWFINDER_OPTIONS: "" FLAWFINDER_OPTIONS: ""
CPD_OPTIONS: "--minimum-tokens 200" CPD_OPTIONS: "--minimum-tokens 200"
CPPCHECK_OPTIONS: "" CPPCHECK_OPTIONS: ""
INFER_OPTIONS: ""
COMPILATION_FIXUP: "" COMPILATION_FIXUP: ""
SHELL_SRC: "" SHELL_SRC: ""
SHELLCHECK_OPTIONS: "-e SC2039,SC2034,SC1091 -S info" SHELLCHECK_OPTIONS: "-e SC2039,SC2034,SC1091 -S info"
...@@ -20,7 +21,7 @@ run_static_code_analysis: ...@@ -20,7 +21,7 @@ run_static_code_analysis:
artifacts: artifacts:
when: on_failure when: on_failure
paths: paths:
- infer-out/report.txt - report.txt
run_shell_checks: run_shell_checks:
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment