Add cppcheck github workflow

[bhundven]

This workflow will require a project token added to GITHUB_TOKEN name in the project settings:

https://docs.github.com/en/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-github-codespaces#adding-secrets-for-a-repository

This will allow the cppcheck report to be attached to the run of the action.

Signed-off-by: Bryan Hundven [email protected]

[vmatare]

I'm dying to see the results, but what token and where do I get it? The job isn't giving me an error message either...

[bhundven]

https://docs.github.com/en/actions/security-guides/automatic-token-authentication

[bhundven]

As the documentation says, I think you just have to setup permissions to allow actions to use the secrets.GITHUB_TOKEN. I've never set this up myself, so I'm not really sure.

I made a minor update to fix a small spacing issue and to remove a default comment. I also update the branch with latest origin/master.

[vmatare]

From https://docs.github.com/en/actions/security-guides/automatic-token-authentication#about-the-github_token-secret:

At the start of each workflow run, GitHub automatically creates a unique GITHUB_TOKEN secret to use in your workflow. You can use the GITHUB_TOKEN to authenticate in a workflow run.

So the token should already be there. Under Settings->Actions->General the Workflow Permissions are set to Read and Write. I'm thinking I should even knock that down to readonly, because my actions don't need to write to the repo. No idea what other permissions I could give.

Anyways, the cppcheck action seems to fail, but without an error message I consider it kinda bugged :-P

[bhundven]

Again, I have never used the token, so I'm not sure. But this seems to be a bit more detailed:
https://dev.to/github/the-githubtoken-in-github-actions-how-it-works-change-permissions-customizations-3cgp

[bhundven]

Been working with GHA for a bit, and secrets.GITHUB_TOKEN is a "built-in" secret for the repository/organization.

[bhundven]

To be honest, I really wanted this to work, but I've seen other people having issues with this specific action, so I'm going to give up for now. I'll see if I can find another action that does the right thing.