46e464a26b
It turns out LLVM does not include a build for every platform in the assets for every release, just some of them. As such, I've pinned us to the latest release version with a corresponding build.
69 lines
2.6 KiB
YAML
69 lines
2.6 KiB
YAML
name: 'Static Analysis'
|
|
on: [pull_request]
|
|
jobs:
|
|
static-analysis:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
# We build libunwind ourselves because sadly the version
|
|
# provided by Ubuntu via apt-get is much too old.
|
|
- name: Check out libunwind
|
|
uses: actions/checkout@v3
|
|
with:
|
|
repository: libunwind/libunwind
|
|
path: libunwind
|
|
ref: 'v1.6.2'
|
|
github-server-url: 'https://github.com'
|
|
- name: Install libunwind
|
|
run: |
|
|
cd libunwind
|
|
autoreconf -i
|
|
./configure --prefix=/usr
|
|
make -s -j $(nproc) V=0
|
|
sudo make -s install V=0
|
|
cd ..
|
|
rm -rf libunwind
|
|
- name: Check out repository
|
|
uses: actions/checkout@v3
|
|
# We download LLVM directly from the latest stable release
|
|
# on GitHub, because this tends to be much newer than the
|
|
# version available via apt-get in Ubuntu.
|
|
- name: Download LLVM
|
|
uses: dsaltares/fetch-gh-release-asset@master
|
|
with:
|
|
repo: 'llvm/llvm-project'
|
|
version: 'tags/llvmorg-16.0.4'
|
|
file: 'clang[+]llvm-.*x86_64-linux-gnu.*'
|
|
regex: true
|
|
target: 'llvm_assets/'
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: Install prerequisites
|
|
id: install_prerequisites
|
|
run: |
|
|
tar -C llvm_assets -xaf llvm_assets/*.tar* &
|
|
sudo apt-get update
|
|
sudo apt-get install -y jq bear python3-pip
|
|
pip install codechecker
|
|
echo "Extracting LLVM from tar" 1>&2
|
|
wait
|
|
echo "LLVM_BIN_DIR=$(echo llvm_assets/clang*/bin)" >> "$GITHUB_OUTPUT"
|
|
- name: Run static analysis
|
|
id: run_static_analysis
|
|
run: >
|
|
PATH="${{ steps.install_prerequisites.outputs.LLVM_BIN_DIR }}:$PATH"
|
|
LDFLAGS='-L/usr/lib'
|
|
scripts/run_static_analysis.sh static_analysis_results "$GITHUB_OUTPUT"
|
|
- name: Upload static analysis results
|
|
if: ${{ steps.run_static_analysis.outputs.HAS_STATIC_ANALYSIS_RESULTS }} == '1'
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: static_analysis_results
|
|
path: static_analysis_results
|
|
- name: Check static analysis results
|
|
run: |
|
|
if [[ "${{ steps.run_static_analysis.outputs.HAS_STATIC_ANALYSIS_RESULTS }}" == '1' ]]
|
|
then
|
|
echo "::error::Static analysis found issues with your code. Download the 'static_analysis_results' artifact from this workflow and view the 'index.html' file contained within it in a web browser locally for detailed results."
|
|
exit 1
|
|
fi
|
|
|