Add some static analysis to the code base. #29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Run static analysis tools | |
| on: | |
| push: | |
| branches: | |
| - master | |
| pull_request: | |
| jobs: | |
| # each one of the tools are used in different ways | |
| static-analysis: | |
| runs-on: ubuntu-latest | |
| container: | |
| image: debian:testing | |
| env: | |
| CC: clang | |
| CXX: clang++ | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| tool: | |
| # clang-tidy is more extensive and the list of checks isn't final, so fixing all of them at once isn't tractable; | |
| # therefore, the job doesn't fail due to clang-tidy, it's simply informative | |
| - { packages: "clang-tidy", command: "clang-tidy -p build/ $(git ls-files | grep '\\.c\\+$')" } | |
| # however, we should check that the changed lines of code don't have any tidy warnings | |
| - { packages: "clang-tidy", command: "if [ -n \"$GITHUB_BASE_REF\" ]; then git diff -U0 origin/$GITHUB_BASE_REF | clang-tidy-diff -p1 -config-file .clang-tidy -path build/; fi" } | |
| # cppcheck doesn't check as much, so we can make the job fail because of it; | |
| # tests are skipped due to issues with Catch2 headers | |
| - { packages: "cppcheck", command: "cppcheck --error-exitcode=1 --std=c++20 --check-level=exhaustive --addon=threadsafety -D__unix__ -D__GNUC__ --project=build/compile_commands.json -i subprojects/ -i util/tests/" } | |
| steps: | |
| - name: Install dependencies | |
| run: apt update && apt install -y git meson clang ${{ matrix.tool.packages }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| fetch-depth: 0 | |
| - run: git config --system --add safe.directory $(pwd) | |
| - name: Generate compile_commands.json | |
| run: meson setup --buildtype release --werror -Dpcie_opt=true build || cat build/meson-logs/meson-log.txt /nonexistent | |
| - name: Run static analysis tool | |
| run: ${{ matrix.tool.command }} |