From ef77d6c28d9b31f31c3217892381dd5bdd68add2 Mon Sep 17 00:00:00 2001
From: Vivek Kumar Dutta <vivek.dutta@iopsys.eu>
Date: Tue, 25 Apr 2023 19:36:23 +0530
Subject: [PATCH] Added more optional tests in static analysis stage
Below are the configuration variables used in static analysis tests
- COMMON_IMAGE: <Docker image to use for test>
- SOURCE_FOLDER: <Source directory path, default src>
- SHELL_SRC: <Shell script path for shellcheck, default disabled>
- FLAWFINDER_OPTIONS: <Options used with flawfinder,
default "-m 4 --error-level=4">
- CPPCHECK_OPTIONS: <Options to use with cppcheck,
default "--suppress=unusedFunction --suppress=unreadVariable">
- CPD_OPTIONS: <Options to use with CPD check,
default "--minimum-tokens 200 --language c --exclude ./test/cmocka --files">
- SHELLCHECK_OPTIONS: <ShellCheck options,
default "-s dash -e SC2034,SC1091 -S info">
- COMPILE: <Option to define how to compile,
if defined compilation test also triggered as a pipeline job>
Variables can be Overridden by module tests
Optional test includes
- ShellCheck if SHELL_SRC defined
- CppCheck with threadsafety addon
- CppCheck with cert addon
---
docker/code-analysis/Dockerfile | 4 ++-
static-code-analysis.yml | 49 +++++++++++++++++++++++++--------
2 files changed, 40 insertions(+), 13 deletions(-)
diff --git a/docker/code-analysis/Dockerfile b/docker/code-analysis/Dockerfile
index 4896a75..f73cc27 100644
--- a/docker/code-analysis/Dockerfile
+++ b/docker/code-analysis/Dockerfile
@@ -64,7 +64,9 @@ RUN \
libz-dev \
sqlite3 \
# Dependencies for ieee1905
- libpcap-dev
+ libpcap-dev \
+ clang \
+ shellcheck
RUN mkdir /opt/dev && \
mkdir /etc/config
diff --git a/static-code-analysis.yml b/static-code-analysis.yml
index 65ffc0a..17e4f0a 100644
--- a/static-code-analysis.yml
+++ b/static-code-analysis.yml
@@ -1,9 +1,11 @@
variables:
- RUN_FLAWFINDER: "flawfinder --falsepositive -m 4"
- RUN_CPPCHECK: "cppcheck --enable=all --error-exitcode=1 --suppress=unusedFunction --suppress=unreadVariable --suppress=unmatchedSuppression ."
- RUN_CPD: "/home/user/pmd-bin-6.19.0/bin/run.sh cpd --minimum-tokens 200 --language c --exclude ./test/cmocka --files"
+ COMMON_IMAGE: "dev.iopsys.eu:5050/iopsys/gitlab-ci-pipeline/code-analysis:0.28"
SOURCE_FOLDER: "src"
- COMMON_IMAGE: "dev.iopsys.eu:5050/iopsys/gitlab-ci-pipeline/code-analysis:0.27"
+ SHELL_SRC: ""
+ FLAWFINDER_OPTIONS: "-m 4 --error-level=4"
+ CPPCHECK_OPTIONS: " --enable=all --inline-suppr --suppress=unusedFunction --suppress=unreadVariable"
+ CPD_OPTIONS: "--minimum-tokens 200 --language c --exclude ./test/cmocka --files"
+ SHELLCHECK_OPTIONS: "-s dash -e SC2034,SC1091 -S info"
DEBUG: "FALSE"
run_static_code_analysis:
@@ -11,11 +13,34 @@ run_static_code_analysis:
stage: static_code_analysis
allow_failure: false
script:
- - echo ${RUN_FLAWFINDER}
- - flawfinder --version
- - "${RUN_FLAWFINDER} ${SOURCE_FOLDER}"
- - echo ${RUN_CPPCHECK}
- - cppcheck --version
- - "${RUN_CPPCHECK} ${SOURCE_FOLDER}"
- - echo ${RUN_CPD}
- - "${RUN_CPD} ${SOURCE_FOLDER}"
+ - echo "flawfinder ${FLAWFINDER_OPTIONS} ${SOURCE_FOLDER}"
+ - "flawfinder ${FLAWFINDER_OPTIONS} ${SOURCE_FOLDER}"
+ - echo "cppcheck --error-exitcode=1 ${CPPCHECK_OPTIONS} ${SOURCE_FOLDER}"
+ - "cppcheck --error-exitcode=1 --inline-suppr ${CPPCHECK_OPTIONS} ${SOURCE_FOLDER}"
+ - echo "/usr/local/pmd/bin/run.sh cpd ${CPD_OPTIONS}"
+ - "/usr/local/pmd/bin/run.sh cpd ${CPD_OPTIONS} ${SOURCE_FOLDER}"
+
+run_compilation_test:
+ image: ${COMMON_IMAGE}
+ stage: static_code_analysis
+ allow_failure: false
+ script:
+ - "${COMPILE}"
+ rules:
+ - if: $COMPILE
+ when: always
+
+run_optional_checks:
+ image: ${COMMON_IMAGE}
+ stage: static_code_analysis
+ allow_failure: true
+ script:
+ - echo "Running optional tests"
+ - echo "Running shellcheck ${SHELLCHECK_OPTIONS} ${SHELL_SRC}"
+ - if [ -n "${SHELL_SRC}" ]; then shellcheck ${SHELLCHECK_OPTIONS} ${SHELL_SRC}; fi
+ - echo "Running CPPCHECK with threadsafety addon"
+ - "cppcheck --error-exitcode=0 --addon=threadsafety ${SOURCE_FOLDER}"
+ - echo "Running CPPCHECK with cert addon"
+ - "cppcheck --error-exitcode=0 --addon=cert ${SOURCE_FOLDER}"
+ - echo "Running FlawFinder with depth 3"
+ - "flawfinder -m 3 --error-level=5 ${SOURCE_FOLDER}"
--
GitLab