Skip to content

GitHub Actions for clang-tidy #23

GitHub Actions for clang-tidy

GitHub Actions for clang-tidy #23

Workflow file for this run

name: Static analysis
run-name: GitHub Actions for clang-tidy
on: pull_request
env:
UBUNTU_CODE_NAME: jammy
COMPILER_VERSION: 17
BOOST_VERSION: 1_77_0
jobs:
clang-tidy:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
- name: Fetch base branch
run: |
git remote add upstream "https://github.com/${{ github.event.pull_request.base.repo.full_name }}"
git fetch --no-tags --no-recurse-submodules upstream "${{ github.event.pull_request.base.ref }}"
git submodule update --init --recursive
- name: Install dependencies and clang-tidy
run: |
curl -sSL "http://apt.llvm.org/llvm-snapshot.gpg.key" | sudo -E apt-key add -
echo "deb http://apt.llvm.org/$UBUNTU_CODE_NAME/ llvm-toolchain-$UBUNTU_CODE_NAME-$COMPILER_VERSION main" | sudo tee -a /etc/apt/sources.list > /dev/null
sudo apt-get update
sudo apt-get install -y clang-17 clang-tidy libldap2-dev curl libcurl4-openssl-dev bison libudev-dev libkrb5-dev libreadline-dev zlib1g-dev liblz4-dev \
libedit-dev libevent-dev protobuf-compiler libprotobuf-dev libprotoc-dev libfido2-dev
- name: Cache boost
id: cache-boost
uses: actions/cache@v3
with:
path: ~/my_boost
key: ${{ runner.os }}-boost
- name: Download boost library
if: steps.cache-boost.outputs.cache-hit != 'true'
run: wget --progress=dot:giga -P ~/my_boost/ "http://downloads.sourceforge.net/boost/boost/${BOOST_VERSION//_/.}/boost_${BOOST_VERSION}.tar.gz"
- name: Prepare compile_commands.json
run: |
cmake -B ../debug-build -DCMAKE_INSTALL_PREFIX=../install -DCMAKE_BUILD_TYPE=Debug -DWITH_BOOST=~/my_boost \
-DWITH_SSL=system -DWITH_AUTHENTICATION_LDAP=0 -WITH_KEYRING_VAULT=ON -DWITH_ROCKSDB=0 -DCMAKE_C_COMPILER=clang-17 -DCMAKE_CXX_COMPILER=clang++-17 \
-DCMAKE_EXPORT_COMPILE_COMMANDS=ON -DWITH_SYSTEM_LIBS=ON ${{ github.workspace }}
- name: Create results directory
run: |
mkdir clang-tidy-result
- name: Analyze
# Don't disable push/merge option in the PR even if there are unfixed warnings.
continue-on-error: true
run: |
git diff --name-only --diff-filter=ACRM "$(git merge-base HEAD "upstream/${{ github.event.pull_request.base.ref }}")" | \
grep -Ee "\.([ch](pp)|(cc|hh)|[i](c|h)|(cxx)|[chi])$" | xargs clang-tidy -p ../debug-build --checks=-readability-* -export-fixes clang-tidy-result/fixes.yml
- name: Run clang-tidy-pr-comments action
uses: platisd/clang-tidy-pr-comments@v1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
clang_tidy_fixes: clang-tidy-result/fixes.yml
request_changes: true
suggestions_per_comment: 10