GitHub Actions for clang-tidy #40
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Static analysis | |
run-name: GitHub Actions for clang-tidy | |
on: pull_request | |
env: | |
UBUNTU_CODE_NAME: "jammy" | |
COMPILER_VERSION: "17" | |
BOOST_VERSION: "1_77_0" | |
BOOST_DIR: "/home/runner/my_boost" | |
jobs: | |
clang-tidy: | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
fetch-depth: 0 | |
submodules: 'recursive' | |
- name: Fetch base branch | |
run: | | |
git fetch --no-tags --no-recurse-submodules origin "${{ github.event.pull_request.base.ref }}" | |
- name: Install dependencies and clang-tidy | |
run: | | |
curl -sSL "http://apt.llvm.org/llvm-snapshot.gpg.key" | sudo -E apt-key add - | |
echo "deb http://apt.llvm.org/${UBUNTU_CODE_NAME}/ llvm-toolchain-${UBUNTU_CODE_NAME}-${COMPILER_VERSION} main" | sudo tee -a /etc/apt/sources.list > /dev/null | |
sudo apt-get update | |
sudo apt-get install -y --allow-unauthenticated clang-${COMPILER_VERSION} clang-tidy-${COMPILER_VERSION} libldap2-dev curl libcurl4-openssl-dev bison libudev-dev libkrb5-dev libreadline-dev zlib1g-dev liblz4-dev \ | |
libedit-dev libevent-dev protobuf-compiler libprotobuf-dev libprotoc-dev libfido2-dev libldap2-dev libsasl2-dev libsasl2-modules | |
- name: Cache boost | |
id: cache-boost | |
uses: actions/cache@v3 | |
with: | |
path: ${{ env.BOOST_DIR }} | |
key: ${{ runner.os }}-boost-${{ env.BOOST_VERSION }} | |
- name: Download boost | |
if: steps.cache-boost.outputs.cache-hit != 'true' | |
run: | | |
wget --progress=dot:giga -P ${BOOST_DIR} "http://downloads.sourceforge.net/boost/boost/${BOOST_VERSION//_/.}/boost_${BOOST_VERSION}.tar.gz" | |
tar -xzf "${BOOST_DIR}/boost_${BOOST_VERSION}.tar.gz" -C "${BOOST_DIR}" | |
- name: Prepare compile_commands.json | |
run: | | |
ls -l ${BOOST_DIR} | |
cmake -B ../debug-build -DCMAKE_INSTALL_PREFIX=../install -DCMAKE_BUILD_TYPE=Debug -DWITH_BOOST=${BOOST_DIR} -DWITH_SSL=system \ | |
-DWITH_AUTHENTICATION_LDAP=ON -DWITH_KEYRING_VAULT=ON -DWITH_ROCKSDB=ON -DCMAKE_C_COMPILER=clang-${COMPILER_VERSION} -DCMAKE_CXX_COMPILER=clang++-${COMPILER_VERSION} \ | |
-DCMAKE_EXPORT_COMPILE_COMMANDS=ON -DWITH_SYSTEM_LIBS=ON ${{ github.workspace }} | |
- name: Create results directory | |
run: | | |
mkdir clang-tidy-result | |
- name: Analyze | |
# Don't disable push/merge option in the PR even if there are unfixed warnings. | |
continue-on-error: true | |
run: | | |
git diff -U0 "$(git merge-base HEAD "origin/${{ github.event.pull_request.base.ref }}")" | clang-tidy-diff-${COMPILER_VERSION}.py -p1 -path ../debug-build -export-fixes clang-tidy-result/fixes.yml | |
- name: Run clang-tidy-pr-comments action | |
uses: platisd/clang-tidy-pr-comments@v1 | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
clang_tidy_fixes: clang-tidy-result/fixes.yml | |
request_changes: true | |
suggestions_per_comment: 10 |