source: mod_gnutls/.github/workflows/analysis.yaml @ bc8970b

Last change on this file since bc8970b was bc8970b, checked in by Fiona Klute <fiona.klute@…>, 10 months ago

Switch Clang analyzer from 10 to the Debian Sid default

Clang 10 is no longer available in Debian and 11 is now the default
for Sid, so the reason for locking the version does not apply any more
(see bf8cfb50cbf2b0a11201eb293180c05aaa570fed). :-)

  • Property mode set to 100644
File size: 3.9 KB
Line 
1name: Analysis
2on:
3  pull_request:
4  push:
5    # don't run on packaging branches
6    branches-ignore:
7      - 'for-debian'
8      - 'debian/**'
9      - 'pristine-tar'
10    paths:
11      - '**'
12      - '!doc/**'
13      - '!**.md'
14
15jobs:
16
17  clang:
18    runs-on: ubuntu-20.04
19    container: debian:sid
20    name: clang-analyzer
21    steps:
22      - name: install dependencies
23        run: |
24          export DEBIAN_FRONTEND=noninteractive
25          apt-get update
26          apt-get -y install git python3-yaml apache2-bin apache2-dev gnutls-bin libapr1-dev libgnutls28-dev pkg-config procps clang clang-tools libmsv-dev
27      - uses: actions/checkout@v2
28        with:
29          fetch-depth: 2
30      # For pull requests get the head of the branch, instead of a
31      # temporary merge
32      - run: git checkout HEAD^2
33        if: ${{ github.event_name == 'pull_request' }}
34      - name: find usable IPs for tests
35        run: |
36          echo "test_ips=$(python3 test/check_test_ips.py -H localhost)" >> ${GITHUB_ENV}
37      - name: autoreconf
38        run: autoreconf -fiv
39      - name: configure
40        run: scan-build --use-cc=clang ./configure --enable-msva TEST_IP="${test_ips}" APACHE_MUTEX=pthread
41      - name: store config.log
42        uses: actions/upload-artifact@v2
43        if: failure()
44        with:
45          name: scan-build-config-log
46          path: config.log
47      - name: make
48        run: scan-build -sarif -o sarif-output --use-cc=clang make
49      - name: find output directory
50        run: |
51          echo "SARIF_DIR=$(ls -d sarif-output/*)" >> ${GITHUB_ENV}
52      - name: define CONTAINER_WORKSPACE
53        run: |
54          echo "CONTAINER_WORKSPACE=${PWD}" >> ${GITHUB_ENV}
55      - name: upload SARIF results
56        uses: github/codeql-action/upload-sarif@v1
57        with:
58          sarif_file: ${{ env.SARIF_DIR }}
59          checkout_path: ${{ env.CONTAINER_WORKSPACE }}
60
61  cppcheck:
62    runs-on: ubuntu-20.04
63    container: debian:sid
64    name: cppcheck
65    steps:
66      - name: install dependencies
67        run: |
68          export DEBIAN_FRONTEND=noninteractive
69          apt-get update
70          apt-get -y install git python3-yaml apache2-bin apache2-dev gnutls-bin libapr1-dev libgnutls28-dev libmsv-dev pkg-config procps bear cppcheck
71      - uses: actions/checkout@v2
72        with:
73          fetch-depth: 2
74      - run: git checkout HEAD^2
75        if: ${{ github.event_name == 'pull_request' }}
76      - name: autoreconf
77        run: autoreconf -fiv
78      - name: configure
79        run: ./configure APACHE_MUTEX=pthread
80      - name: make and create compile_commands.json
81        run: bear -- make -j4
82      - name: cppcheck
83        run: |
84          cppcheck --project=compile_commands.json -DAF_UNIX=1 --enable=warning,style,unusedFunction --xml 2>cppcheck.xml
85      - uses: airtower-luna/convert-to-sarif@v0.2.0
86        with:
87          tool: 'CppCheck'
88          input_file: 'cppcheck.xml'
89          sarif_file: 'cppcheck.sarif'
90      - name: define CONTAINER_WORKSPACE
91        run: |
92          echo "CONTAINER_WORKSPACE=${PWD}" >> ${GITHUB_ENV}
93      - name: upload SARIF results
94        uses: github/codeql-action/upload-sarif@v1
95        with:
96          sarif_file: 'cppcheck.sarif'
97          checkout_path: ${{ env.CONTAINER_WORKSPACE }}
98
99  codeql:
100    runs-on: ubuntu-20.04
101    name: CodeQL
102    steps:
103      - uses: actions/checkout@v2
104        with:
105          fetch-depth: 2
106      - run: git checkout HEAD^2
107        if: ${{ github.event_name == 'pull_request' }}
108      - name: install dependencies
109        run: |
110          sudo apt-get update
111          sudo apt-get -y install python3-yaml apache2-bin apache2-dev gnutls-bin libapr1-dev libgnutls28-dev libmsv-dev pkg-config procps
112      - name: Initialize CodeQL
113        uses: github/codeql-action/init@v1
114        with:
115          languages: cpp
116      - name: Autobuild
117        uses: github/codeql-action/autobuild@v1
118      - name: Perform CodeQL Analysis
119        uses: github/codeql-action/analyze@v1
Note: See TracBrowser for help on using the repository browser.