ladybird/.github/workflows/sonar-cloud-static-analysis.yml
Massimo Paladin 1d7bad5347 Meta: Remove SonarCloud cache and threads setup as it is now default
No need to configure the cache and threads anymore,
SonarCloud now has an automatic analysis caching and
threads detection. See:
https://docs.sonarcloud.io/advanced-setup/languages/c-c-objective-c/#analysis-cache
2023-03-28 04:05:01 -06:00

149 lines
7.7 KiB
YAML

name: Sonar Cloud Static Analysis
on:
# Automatically run at the end of every day.
schedule:
- cron: '0 0 * * *'
jobs:
build:
name: Static Analysis
runs-on: ubuntu-22.04
if: always() && github.repository == 'SerenityOS/serenity' && github.ref == 'refs/heads/master'
env:
# Latest scanner version is tracked on: https://docs.sonarcloud.io/advanced-setup/ci-based-analysis/sonarscanner-cli/
SONAR_SCANNER_VERSION: 4.7.0.2747
SONAR_SERVER_URL: "https://sonarcloud.io"
SONAR_ANALYSIS_ARCH: x86_64
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
# Install JDK for sonar-scanner
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: 11
- name: Download and set up sonar-scanner
env:
SONAR_SCANNER_DOWNLOAD_URL: https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${{ env.SONAR_SCANNER_VERSION }}-linux.zip
if: steps.sonarcloud-cache.outputs.cache-hit != 'true'
run: |
mkdir -p $HOME/.sonar
curl -sSLo $HOME/.sonar/sonar-scanner.zip ${{ env.SONAR_SCANNER_DOWNLOAD_URL }}
unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
rm $HOME/.sonar/sonar-scanner.zip
- name: Configure sonar-scanner
run: |
echo "$HOME/.sonar/sonar-scanner-${{ env.SONAR_SCANNER_VERSION }}-linux/bin" >> $GITHUB_PATH
echo "sonar.projectKey=SerenityOS_serenity" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.projectVersion=${{ github.sha }}" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.organization=serenityos" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.cfamily.compile-commands=${{ github.workspace }}/Build/${{ env.SONAR_ANALYSIS_ARCH }}/compile_commands.json" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.exclusions=Userland/Libraries/LibWasm/Parser/Parser.cpp" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.host.url=${{ env.SONAR_SERVER_URL }}" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.sources=AK,Build,Userland,Kernel,Meta" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.tests=Tests" >> ${{ github.workspace }}/sonar-project.properties
echo "sonar.python.version=3.7, 3.8, 3.9" >> ${{ github.workspace }}/sonar-project.properties
# === OS SETUP ===
# TODO: Is there someway to share these steps with the cmake.yml?
- name: "Install Ubuntu dependencies"
# These packages are already part of the ubuntu-22.04 image:
# cmake libgmp-dev npm shellcheck
# Packages below aren't.
run: |
wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add -
sudo add-apt-repository 'deb http://apt.llvm.org/jammy/ llvm-toolchain-jammy-15 main'
sudo apt-get update
sudo apt-get install -y clang-format-15 gcc-12 g++-12 libstdc++-12-dev libmpfr-dev libmpc-dev ninja-build unzip
- name: Check versions
run: set +e; g++ --version; g++-12 --version; ninja --version;
- name: Prepare useful stamps
id: stamps
shell: cmake -P {0}
run: |
string(TIMESTAMP current_date "%Y_%m_%d_%H_%M_%S" UTC)
# Output everything twice to make it visible both in the logs
# *and* as actual output variable, in this order.
message(" set-output name=time::${current_date}")
message("::set-output name=time::${current_date}")
message(" set-output name=libc_headers::${{ hashFiles('Userland/Libraries/LibC/**/*.h', 'Userland/Libraries/LibPthread/**/*.h', 'Toolchain/Patches/*.patch', 'Toolchain/Patches/gcc/*.patch', 'Toolchain/BuildIt.sh') }}")
message("::set-output name=libc_headers::${{ hashFiles('Userland/Libraries/LibC/**/*.h', 'Userland/Libraries/LibPthread/**/*.h', 'Toolchain/Patches/*.patch', 'Toolchain/Patches/gcc/*.patch', 'Toolchain/BuildIt.sh') }}")
- name: Toolchain cache
# TODO: Change the version to the released version when https://github.com/actions/cache/pull/489 (or 571) is merged.
uses: actions/cache@03e00da99d75a2204924908e1cca7902cafce66b
env:
# This job should always read the cache, never populate it.
CACHE_SKIP_SAVE: true
with:
path: ${{ github.workspace }}/Toolchain/Cache/
# This assumes that *ALL* LibC and LibPthread headers have an impact on the Toolchain.
# This is wrong, and causes more Toolchain rebuilds than necessary.
# However, we want to avoid false cache hits at all costs.
key: ${{ runner.os }}-toolchain-${{ env.SONAR_ANALYSIS_ARCH }}-${{ steps.stamps.outputs.libc_headers }}
- name: Restore or regenerate Toolchain
run: TRY_USE_LOCAL_TOOLCHAIN=y ARCH="${{ env.SONAR_ANALYSIS_ARCH }}" ${{ github.workspace }}/Toolchain/BuildIt.sh
- name: Create build directory
run: |
mkdir -p ${{ github.workspace }}/Build/${{ env.SONAR_ANALYSIS_ARCH }}
mkdir -p ${{ github.workspace }}/Build/caches/TZDB
mkdir -p ${{ github.workspace }}/Build/caches/UCD
mkdir -p ${{ github.workspace }}/Build/caches/CLDR
- name: TimeZoneData cache
# TODO: Change the version to the released version when https://github.com/actions/cache/pull/489 (or 571) is merged.
uses: actions/cache@03e00da99d75a2204924908e1cca7902cafce66b
with:
path: ${{ github.workspace }}/Build/caches/TZDB
key: TimeZoneData-${{ hashFiles('Meta/CMake/time_zone_data.cmake') }}
- name: UnicodeData cache
# TODO: Change the version to the released version when https://github.com/actions/cache/pull/489 (or 571) is merged.
uses: actions/cache@03e00da99d75a2204924908e1cca7902cafce66b
with:
path: ${{ github.workspace }}/Build/caches/UCD
key: UnicodeData-${{ hashFiles('Meta/CMake/unicode_data.cmake') }}
- name: UnicodeLocale Cache
# TODO: Change the version to the released version when https://github.com/actions/cache/pull/489 (or 571) is merged.
uses: actions/cache@03e00da99d75a2204924908e1cca7902cafce66b
with:
path: ${{ github.workspace }}/Build/caches/CLDR
key: UnicodeLocale-${{ hashFiles('Meta/CMake/locale_data.cmake') }}
- name: Create build environment
working-directory: ${{ github.workspace }}
run: |
cmake -S Meta/CMake/Superbuild -B Build/superbuild -GNinja \
-DSERENITY_ARCH=${{ env.SONAR_ANALYSIS_ARCH }} \
-DSERENITY_TOOLCHAIN=GNU \
-DCMAKE_C_COMPILER=gcc-12 \
-DCMAKE_CXX_COMPILER=g++-12 \
-DENABLE_PCI_IDS_DOWNLOAD=OFF \
-DENABLE_USB_IDS_DOWNLOAD=OFF
- name: Build generated sources so they are available for analysis.
working-directory: ${{ github.workspace }}
# Note: The superbuild will create the Build/arch directory when doing the
# configure step for the serenity ExternalProject, as that's the configured
# binary directory for that project.
run: |
ninja -C Build/superbuild serenity-configure
cmake -B Build/${{ env.SONAR_ANALYSIS_ARCH }} -DCMAKE_EXPORT_COMPILE_COMMANDS=ON
ninja -C Build/${{ env.SONAR_ANALYSIS_ARCH }} all_generated
- name: Run sonar-scanner, upload results
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
sonar-scanner