beenull/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-11-21 23:20:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

CI: Remove the Sonar Cloud and PVS Studio workflow

Browse source 
Static analysis is great, but these workflows have not worked in a long
time, and no one was looking at the results. Our PVS Studio license and
our Sonar Cloud token have expired. Remove the workflows (at least for
now) so we don't waste CI runners and cache space. If someone is
motivated to revive these, they can revert this commit.
This commit is contained in:
Timothy Flynn 2024-05-11 08:06:08 -04:00 committed by Tim Flynn
parent 1c20865d79
commit 0d7ea1bd2f
Notes: sideshowbarker 2024-07-17 09:49:33 +09:00 
Author: https://github.com/trflynn89
Commit: https://github.com/SerenityOS/serenity/commit/0d7ea1bd2f
Pull-request: https://github.com/SerenityOS/serenity/pull/24285
4 changed files with 1 additions and 279 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

150
.github/workflows/pvs-studio-static-analysis.yml vendored
View file

@ -1,150 +0,0 @@
name: PVS-Studio Static Analysis
on:
# Automatically run at the end of every day.
schedule:
- cron: '0 0 * * *'
env:
SERENITY_CCACHE_DIR: ${{ github.workspace }}/.ccache
TOOLCHAIN_CCACHE_DIR: ${{ github.workspace }}/Toolchain/.ccache
jobs:
build:
name: Static Analysis
runs-on: ubuntu-22.04
env:
PVS_STUDIO_ANALYSIS_ARCH: x86_64
if: always() && github.repository == 'SerenityOS/serenity' && github.ref == 'refs/heads/master'
steps:
- uses: actions/checkout@v4
- name: "Configure PVS-Studio Repository"
run: |
wget -q -O - https://files.pvs-studio.com/beta/etc/pubkey.txt | sudo apt-key add -
sudo wget -O /etc/apt/sources.list.d/viva64.list https://files.pvs-studio.com/beta/etc/viva64.list
- name: "Set up environment"
uses: ./.github/actions/setup
with:
os: 'Serenity'
arch: ${{ env.PVS_STUDIO_ANALYSIS_ARCH }}
- name: "Install PVS Studio"
run: |
sudo apt-get update
sudo apt-get install -y pvs-studio
- name: Check versions
run: set +e; g++ --version; g++-13 --version; ninja --version;
- name: Restore Caches
uses: ./.github/actions/cache-restore
id: 'cache-restore'
with:
os: 'Serenity'
arch: ${{ env.PVS_STUDIO_ANALYSIS_ARCH }}
toolchain: 'GNU'
cache_key_extra: 'Static Analysis'
serenity_ccache_path: ${{ env.SERENITY_CCACHE_DIR }}
toolchain_ccache_path: ${{ env.TOOLCHAIN_CCACHE_DIR }}
download_cache_path: ${{ github.workspace }}/Build/caches
- name: Build toolchain
if: ${{ !steps.cache-restore.outputs.toolchain_prebuilt_hit }}
run: ${{ github.workspace }}/Toolchain/BuildGNU.sh
env:
ARCH: ${{ env.PVS_STUDIO_ANALYSIS_ARCH }}
CCACHE_DIR: ${{ env.TOOLCHAIN_CCACHE_DIR }}
- name: Create build environment
working-directory: ${{ github.workspace }}
run: |
cmake -S Meta/CMake/Superbuild -B Build/superbuild -GNinja \
-DSERENITY_ARCH=${{ env.PVS_STUDIO_ANALYSIS_ARCH }} \
-DSERENITY_TOOLCHAIN=GNU \
-DCMAKE_C_COMPILER=gcc-13 \
-DCMAKE_CXX_COMPILER=g++-13 \
-DENABLE_PCI_IDS_DOWNLOAD=OFF \
-DENABLE_USB_IDS_DOWNLOAD=OFF \
-DSERENITY_CACHE_DIR=${{ github.workspace }}/Build/caches
env:
CCACHE_DIR: ${{ env.SERENITY_CCACHE_DIR }}
- name: Build generated sources so they are available for analysis.
working-directory: ${{ github.workspace }}
# Note: The superbuild will create the Build/arch directory when doing the
# configure step for the serenity ExternalProject, as that's the configured
# binary directory for that project.
run: |
ninja -C Build/superbuild serenity-configure
cmake -B Build/${{ env.PVS_STUDIO_ANALYSIS_ARCH }} -DCMAKE_EXPORT_COMPILE_COMMANDS=ON
ninja -C Build/${{ env.PVS_STUDIO_ANALYSIS_ARCH }} all_generated
env:
CCACHE_DIR: ${{ env.SERENITY_CCACHE_DIR }}
- name: Save Caches
uses: ./.github/actions/cache-save
with:
arch: ${{ matrix.arch }}
serenity_ccache_path: ${{ env.SERENITY_CCACHE_DIR }}
serenity_ccache_primary_key: ${{ steps.cache-restore.outputs.serenity_ccache_primary_key }}
toolchain_ccache_path: ${{ env.TOOLCHAIN_CCACHE_DIR }}
toolchain_ccache_primary_key: ${{ steps.cache-restore.outputs.toolchain_ccache_primary_key }}
toolchain_prebuilt_path: ${{ steps.cache-restore.outputs.toolchain_prebuilt_path }}
toolchain_prebuilt_primary_key: ${{ steps.cache-restore.outputs.toolchain_prebuilt_primary_key }}
toolchain_prebuilt_hit: ${{ steps.cache-restore.outputs.toolchain_prebuilt_hit }}
- name: Configure PVS-Studio License
env:
MAIL: ${{ secrets.PVS_STUDIO_MAIL }}
KEY: ${{ secrets.PVS_STUDIO_KEY }}
run: pvs-studio-analyzer credentials $MAIL $KEY
- name: Run PVS-Studio Analyzer
working-directory: ${{ github.workspace }}/Build/${{ env.PVS_STUDIO_ANALYSIS_ARCH }}
run: pvs-studio-analyzer analyze -o project.plog --compiler ${{ env.PVS_STUDIO_ANALYSIS_ARCH }}-pc-serenity-g++ --compiler ${{ env.PVS_STUDIO_ANALYSIS_ARCH }}-pc-serenity-gcc -j2
# Suppress Rules:
# - v530: The return value of function 'release_value' is required to be utilized.
# Our TRY(..) macro seems to breaks this rule and trigger weird behavior in PVS Studio.
#
# - v677: Custom declaration of a standard '<example>' type. The declaration from system header files should be used instead.
# This rule doesn't make sense for Serenity, as we are the system headers.
#
# - v1061: Extending the 'std' namespace may result in undefined behavior.
# We have no choice, some features of C++ require us to.
#
# - V1052: Declaring virtual methods in a class marked as 'final' is pointless.
# This rule contradicts the serenity style rules.
#
# - False Positives:
# v591: Non-void function should return a value.
# v603: Object was created but is not being used.
# v1047: Lifetime of the lambda is greater than lifetime of the local variable captured by reference.
# v1076: Code contains invisible characters that may alter its logic.
#
- name: Filter PVS Log
working-directory: ${{ github.workspace }}/Build/${{ env.PVS_STUDIO_ANALYSIS_ARCH }}
run: |
pvs-studio-analyzer suppress -v530 -v591 -v603 -v677 -v1047 -v1052 -v1061 -v1076 project.plog
pvs-studio-analyzer filter-suppressed project.plog
- name: Print PVS Log
run: plog-converter -a 'GA:1,2;64:1;OP:1,2,3' -t errorfile ${{ github.workspace }}/Build/${{ env.PVS_STUDIO_ANALYSIS_ARCH }}/project.plog | GREP_COLOR='01;31' grep -E --color=always 'error:|$' | GREP_COLOR='01;33' grep -E --color=always 'warning:|$'
- name: Convert PVS Log to SARIF
run: plog-converter -a 'GA:1,2;64:1;OP:1,2,3' -o project.sarif -t sarif ${{ github.workspace }}/Build/${{ env.PVS_STUDIO_ANALYSIS_ARCH }}/project.plog
- uses: actions/upload-artifact@v4
with:
path: ${{ github.workspace }}/Build/${{ env.PVS_STUDIO_ANALYSIS_ARCH }}/project.plog
- uses: actions/upload-artifact@v4
with:
path: ${{ github.workspace }}/project.sarif
- name: Upload SARIF results file
uses: github/codeql-action/upload-sarif@v3
with:
# Path to SARIF file relative to the root of the repository
sarif_file: project.sarif

126
.github/workflows/sonar-cloud-static-analysis.yml vendored
View file

@ -1,126 +0,0 @@
name: Sonar Cloud Static Analysis
on:
# Automatically run at the end of every day.
schedule:
- cron: '0 0 * * *'
env:
SERENITY_CCACHE_DIR: ${{ github.workspace }}/.ccache
TOOLCHAIN_CCACHE_DIR: ${{ github.workspace }}/Toolchain/.ccache
jobs:
build:
name: Static Analysis
runs-on: ubuntu-22.04
if: always() && github.repository == 'SerenityOS/serenity' && github.ref == 'refs/heads/master'
env:
# Latest scanner version is tracked on: https://docs.sonarcloud.io/advanced-setup/ci-based-analysis/sonarscanner-cli/
SONAR_SCANNER_VERSION: 5.0.1.3006
SONAR_SERVER_URL: "https://sonarcloud.io"
SONAR_ANALYSIS_ARCH: x86_64
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
# Install JDK for sonar-scanner
- name: Set Up Java
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: 17
- name: Download and set up sonar-scanner
env:
SONAR_SCANNER_DOWNLOAD_URL: https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${{ env.SONAR_SCANNER_VERSION }}-linux.zip
if: steps.sonarcloud-cache.outputs.cache-hit != 'true'
run: |
mkdir -p $HOME/.sonar
curl -sSLo $HOME/.sonar/sonar-scanner.zip ${{ env.SONAR_SCANNER_DOWNLOAD_URL }}
unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
rm $HOME/.sonar/sonar-scanner.zip
- name: Configure sonar-scanner
run: |
echo "$HOME/.sonar/sonar-scanner-${{ env.SONAR_SCANNER_VERSION }}-linux/bin" >> $GITHUB_PATH
echo "sonar.projectKey=SerenityOS_serenity" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.projectVersion=${{ github.sha }}" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.organization=serenityos" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.cfamily.compile-commands=${{ github.workspace }}/Build/${{ env.SONAR_ANALYSIS_ARCH }}/compile_commands.json" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.exclusions=Userland/Libraries/LibWasm/Parser/Parser.cpp,Userland/Libraries/LibJS/Tests/**/*" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.host.url=${{ env.SONAR_SERVER_URL }}" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.sources=AK,Build,Userland,Kernel,Meta" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.tests=Tests" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.python.version=3.7, 3.8, 3.9" >> ${{ github.workspace }}/sonar-project.properties
# === OS SETUP ===
- name: "Set up environment"
uses: ./.github/actions/setup
with:
os: 'Serenity'
arch: ${{ env.SONAR_ANALYSIS_ARCH }}
- name: Restore Caches
uses: ./.github/actions/cache-restore
id: 'cache-restore'
with:
os: 'Serenity'
arch: ${{ env.SONAR_ANALYSIS_ARCH }}
toolchain: 'GNU'
cache_key_extra: 'Static Analysis'
serenity_ccache_path: ${{ env.SERENITY_CCACHE_DIR }}
toolchain_ccache_path: ${{ env.TOOLCHAIN_CCACHE_DIR }}
download_cache_path: ${{ github.workspace }}/Build/caches
- name: Build toolchain
if: ${{ !steps.cache-restore.outputs.toolchain_prebuilt_hit }}
run: ${{ github.workspace }}/Toolchain/BuildGNU.sh
env:
ARCH: ${{ env.SONAR_ANALYSIS_ARCH }}
CCACHE_DIR: ${{ env.TOOLCHAIN_CCACHE_DIR }}
- name: Create build environment
working-directory: ${{ github.workspace }}
run: |
cmake -S Meta/CMake/Superbuild -B Build/superbuild -GNinja \
-DSERENITY_ARCH=${{ env.SONAR_ANALYSIS_ARCH }} \
-DSERENITY_TOOLCHAIN=GNU \
-DCMAKE_C_COMPILER=gcc-13 \
-DCMAKE_CXX_COMPILER=g++-13 \
-DENABLE_PCI_IDS_DOWNLOAD=OFF \
-DENABLE_USB_IDS_DOWNLOAD=OFF \
-DSERENITY_CACHE_DIR=${{ github.workspace }}/Build/caches
env:
CCACHE_DIR: ${{ env.SERENITY_CCACHE_DIR }}
- name: Build generated sources so they are available for analysis.
working-directory: ${{ github.workspace }}
# Note: The superbuild will create the Build/arch directory when doing the
# configure step for the serenity ExternalProject, as that's the configured
# binary directory for that project.
run: |
ninja -C Build/superbuild serenity-configure
cmake -B Build/${{ env.SONAR_ANALYSIS_ARCH }} -DCMAKE_EXPORT_COMPILE_COMMANDS=ON
ninja -C Build/${{ env.SONAR_ANALYSIS_ARCH }} all_generated
env:
CCACHE_DIR: ${{ env.SERENITY_CCACHE_DIR }}
- name: Save Caches
uses: ./.github/actions/cache-save
with:
arch: ${{ matrix.arch }}
serenity_ccache_path: ${{ env.SERENITY_CCACHE_DIR }}
serenity_ccache_primary_key: ${{ steps.cache-restore.outputs.serenity_ccache_primary_key }}
toolchain_ccache_path: ${{ env.TOOLCHAIN_CCACHE_DIR }}
toolchain_ccache_primary_key: ${{ steps.cache-restore.outputs.toolchain_ccache_primary_key }}
toolchain_prebuilt_path: ${{ steps.cache-restore.outputs.toolchain_prebuilt_path }}
toolchain_prebuilt_primary_key: ${{ steps.cache-restore.outputs.toolchain_prebuilt_primary_key }}
toolchain_prebuilt_hit: ${{ steps.cache-restore.outputs.toolchain_prebuilt_hit }}
- name: Run sonar-scanner, upload results
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
sonar-scanner

1
Documentation/Links.md
View file

@ -20,7 +20,6 @@ This is a roughly categorized list of pages relating to SerenityOS and its subpr
- [GitHub Organization](https://github.com/SerenityOS) and [GitHub Repositories](https://github.com/orgs/SerenityOS/repositories)
- [Changelog](https://changelog.serenityos.org/)
- [Issues Found by OSS-Fuzz Continuous Fuzzing](https://bugs.chromium.org/p/oss-fuzz/issues/list?q=label:Proj-serenity)
- [SonarCloud Static Analysis](https://sonarcloud.io/project/overview?id=SerenityOS_serenity)
- [LibJS website](https://serenityos.github.io/libjs-website/)
- [Try LibJS Online!](https://serenityos.github.io/libjs-website/repl/)
- [Compiler Explorer](https://serenity.godbolt.org/): Select "Lagom trunk" under "Libraries" and add the compiler option `-std=c++23`

1
README.md
View file

@ -6,7 +6,6 @@ Ladybird is a cross-platform independent web browser built from SerenityOS compo
[![GitHub Actions Status](https://github.com/SerenityOS/serenity/workflows/Build,%20lint,%20and%20test/badge.svg)](https://github.com/SerenityOS/serenity/actions?query=workflow%3A"Build%2C%20lint%2C%20and%20test")
[![Fuzzing Status](https://oss-fuzz-build-logs.storage.googleapis.com/badges/serenity.svg)](https://bugs.chromium.org/p/oss-fuzz/issues/list?sort=-opened&can=1&q=proj:serenity)
[![Sonar Cube Static Analysis](https://sonarcloud.io/api/project_badges/measure?project=SerenityOS_serenity&metric=ncloc)](https://sonarcloud.io/dashboard?id=SerenityOS_serenity)
[![Discord](https://img.shields.io/discord/830522505605283862.svg?logo=discord&logoColor=white&logoWidth=20&labelColor=7289DA&label=Discord&color=17cf48)](https://discord.gg/serenityos)
[FAQ](Documentation/FAQ.md) | [Documentation](#how-do-i-read-the-documentation) | [Build Instructions](#how-do-i-build-and-run-this)