From 58fabd4d8f30d1503223000368230a13455c609c Mon Sep 17 00:00:00 2001 From: Enrico Seiler Date: Mon, 25 Nov 2024 18:21:34 +0100 Subject: [PATCH 1/2] [INFRA] Add CodeChecker --- .github/config/codechecker.skip.analyze | 8 +++++ .github/config/codechecker.skip.parse | 7 +++++ .github/config/codechecker.yml | 21 +++++++++++++ .github/workflows/ci_codechecker.yml | 41 +++++++++++++++++++++++++ 4 files changed, 77 insertions(+) create mode 100644 .github/config/codechecker.skip.analyze create mode 100644 .github/config/codechecker.skip.parse create mode 100644 .github/config/codechecker.yml create mode 100644 .github/workflows/ci_codechecker.yml diff --git a/.github/config/codechecker.skip.analyze b/.github/config/codechecker.skip.analyze new file mode 100644 index 0000000000..1214eff710 --- /dev/null +++ b/.github/config/codechecker.skip.analyze @@ -0,0 +1,8 @@ +# SPDX-FileCopyrightText: 2006-2024, Knut Reinert & Freie Universität Berlin +# SPDX-FileCopyrightText: 2016-2024, Knut Reinert & MPI für molekulare Genetik +# SPDX-License-Identifier: CC0-1.0 + +-${GITHUB_WORKSPACE}/include/seqan3/contrib/* ++${GITHUB_WORKSPACE}/include/seqan3/* ++${GITHUB_WORKSPACE}/test/* +-* diff --git a/.github/config/codechecker.skip.parse b/.github/config/codechecker.skip.parse new file mode 100644 index 0000000000..eedd965a43 --- /dev/null +++ b/.github/config/codechecker.skip.parse @@ -0,0 +1,7 @@ +# SPDX-FileCopyrightText: 2006-2024, Knut Reinert & Freie Universität Berlin +# SPDX-FileCopyrightText: 2016-2024, Knut Reinert & MPI für molekulare Genetik +# SPDX-License-Identifier: CC0-1.0 + +-${GITHUB_WORKSPACE}/include/seqan3/contrib/* ++${GITHUB_WORKSPACE}/include/seqan3/* +-* diff --git a/.github/config/codechecker.yml b/.github/config/codechecker.yml new file mode 100644 index 0000000000..10cc08eed7 --- /dev/null +++ b/.github/config/codechecker.yml @@ -0,0 +1,21 @@ +# SPDX-FileCopyrightText: 2006-2024, Knut Reinert & Freie Universität Berlin +# SPDX-FileCopyrightText: 2016-2024, Knut Reinert & MPI für molekulare Genetik +# SPDX-License-Identifier: CC0-1.0 + +analyze: + - --enable=bugprone + - --enable=performance + - --disable=bugprone-easily-swappable-parameters + - --disable=cert-dcl58-cpp + - --disable=clang-diagnostic-float-conversion + - --disable=clang-diagnostic-implicit-int-conversion + - --disable=clang-diagnostic-implicit-int-float-conversion + - --disable=google-build-namespaces + - --skip=${GITHUB_WORKSPACE}/.github/config/codechecker.skip.analyze + - --clean + +parse: + - --export=html + - --output=./html + - --skip=${GITHUB_WORKSPACE}/.github/config/codechecker.skip.parse + - --trim-path-prefix=${GITHUB_WORKSPACE}/ diff --git a/.github/workflows/ci_codechecker.yml b/.github/workflows/ci_codechecker.yml new file mode 100644 index 0000000000..7e76ad6637 --- /dev/null +++ b/.github/workflows/ci_codechecker.yml @@ -0,0 +1,41 @@ +# SPDX-FileCopyrightText: 2006-2024, Knut Reinert & Freie Universität Berlin +# SPDX-FileCopyrightText: 2016-2024, Knut Reinert & MPI für molekulare Genetik +# SPDX-License-Identifier: CC0-1.0 + +name: CodeChecker + +on: + schedule: + - cron: "0 2 * * WED" + workflow_dispatch: + +concurrency: + group: codechecker-${{ github.ref }} + cancel-in-progress: true + +env: + SEQAN3_NO_VERSION_CHECK: 1 + TZ: Europe/Berlin + +defaults: + run: + shell: bash -Eexuo pipefail {0} + +jobs: + build: + name: CodeChecker + runs-on: ubuntu-latest + if: github.repository_owner == 'seqan' || github.event_name == 'workflow_dispatch' + container: + image: ghcr.io/seqan/clang-19 + volumes: + - /home/runner:/home/runner + steps: + - name: Run CodeChecker + uses: seqan/actions/codechecker@main + with: + configure_path: ../test/unit + deploy_host: ${{ secrets.DEPLOY_HOST }} + deploy_user: ${{ secrets.DEPLOY_USER }} + deploy_ssh_key: ${{ secrets.DEPLOY_SSH_KEY }} + deploy_path: ${{ secrets.DEPLOY_CODECHECKER_PATH }} From 913889a546f839a2572cdfc280443b81e31510cb Mon Sep 17 00:00:00 2001 From: Enrico Seiler Date: Tue, 26 Nov 2024 16:16:26 +0100 Subject: [PATCH 2/2] [INFRA] Only run CodeQL on main repo --- .github/workflows/ci_codeql.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci_codeql.yml b/.github/workflows/ci_codeql.yml index 379d1c4cfa..b1dd8a6961 100644 --- a/.github/workflows/ci_codeql.yml +++ b/.github/workflows/ci_codeql.yml @@ -25,6 +25,7 @@ jobs: codeql: name: CodeQL runs-on: ubuntu-latest + if: github.repository_owner == 'seqan' || github.event_name == 'workflow_dispatch' permissions: security-events: write container: