Skip to content

Graal CI test workflow fix #497

Graal CI test workflow fix

Graal CI test workflow fix #497

Workflow file for this run

name: Code Quality Checks
concurrency:
group: pr-code_quality_${{ github.event.pull_request.number }}
cancel-in-progress: true
on:
pull_request:
permissions:
contents: read
pull-requests: write
actions: read
jobs:
scan-build:
if: needs.check-for-pr.outputs.skip != 'true'
runs-on: ubuntu-latest
env:
HEAD_REF: ${{ github.head_ref }}
steps:
- uses: actions/checkout@v3
- name: System setup
run: |
sudo apt-get update
sudo apt install -y clang clang-tools openjdk-11-jdk
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.9
- name: Install Python dependencies
run: |
python -m pip install --upgrade pip
pip install beautifulsoup4
- name: Scan Build
run: |
./gradlew scanBuild --no-daemon
- name: Upload logs
uses: actions/upload-artifact@v4
if: always()
with:
name: scan-build-reports
path: |
ddprof-lib/build/reports/scan-build
- name: Read Report
id: read-report
run: |
find ddprof-lib/build/reports/scan-build -name 'index.html' | xargs -I {} python .github/scripts/python_utils.py scanbuild_cleanup {} ${HEAD_REF} > comment.html
- name: Post or update PR comment
uses: ./.github/actions/pr_comment
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
comment-id: "scan-build"
commenter: "pr-comment-scanbuild"
comment-file: 'comment.html'
cppcheck:
if: needs.check-for-pr.outputs.skip != 'true'
runs-on: ubuntu-latest
env:
HEAD_REF: ${{ github.head_ref }}
steps:
- uses: actions/checkout@v3
- name: System setup
run: |
sudo apt-get update
sudo apt install -y cppcheck xsltproc
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.9
- name: Install Python dependencies
run: |
python -m pip install --upgrade pip
pip install beautifulsoup4
- name: Run Cppcheck
id: run-cppcheck
run: |
cppcheck --quiet --force --enable=all --std=c++11 --language=c++ --inline-suppr --suppressions-list=.github/scripts/cppcheck-suppressions.txt --xml --output-file=report.xml ddprof-lib/src/main/cpp/*
xsltproc --output report.html .github/scripts/cppcheck-html.xslt report.xml
xsltproc --output report-gh.html .github/scripts/cppcheck-gh.xslt report.xml
sed -i "s#target_branch#${HEAD_REF}#g" report.html
sed -i "s#target_branch#${HEAD_REF}#g" report-gh.html
python .github/scripts/python_utils.py cppcheck_cleanup report-gh.html >> comment.html
- name: Upload logs
uses: actions/upload-artifact@v4
if: always()
with:
name: cppcheck-report
path: |
report.html
report.xml
- name: Post or update PR comment
uses: ./.github/actions/pr_comment
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
comment-id: "cppcheck"
commenter: "pr-comment-cppcheck"
comment-file: 'comment.html'
codeql:
if: needs.check-for-pr.outputs.skip != 'true'
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'cpp', 'java' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
# Learn more about CodeQL language support at https://git.io/codeql-language-support
steps:
- name: Checkout repository
uses: actions/checkout@v2
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
- run: ./gradlew -x test assembleReleaseJar
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2