action.yml

name: 'CodeChecker Static Analysis'
author: 'Whisperity'
description: 'Execute C/C++ static analysis of LLVM/Clang (Clang Static Analyzer and Clang-Tidy) driven via CodeChecker.'
branding:
  icon: 'tool'
  color: 'blue'

inputs:
  install-custom:
    description: 'Whether to download, check out, and build a CodeChecker package manually in the CI.'
    required: true
    default: 'false'
  repository:
    description: 'The CodeChecker repository to check out and build from.'
    required: true
    default: 'Ericsson/CodeChecker'
  version:
    description: 'The version of the CodeChecker suite to obtain and execute. Might be a Git commit SHA, a branch name, or a tag if building a custom package, or a release version if downloading from PyPI. If "master" and downloading from PyPI, fetch the latest release.'
    required: true
    default: 'master'
  llvm-version:
    description: 'The major version of LLVM to install and use. LLVM is installed from PPA. If "latest", automatically gather the latest version. If "ignore", do not install anything. (Not recommended)'
    required: true
    default: 'latest'

  config:
    description: 'The CodeChecker configuration JSON that contains for each CodeChecker action (analyze, parse, ...) the list of flags that should be appended to the invocation of the command.'
    required: false

  logfile:
    description: 'The location of the JSON Compilation Database for the project. This file describes how the project is compiled, and thus how it should be analysed. Mutually exclusive with "build-command".'
    required: false
  build-command:
    description: 'The build command to execute and log for the creation of a JSON Compilation Database. Mutually exclusive with "logfile".'
    required: false

  analyze-output:
    description: 'The output directory where the raw analysis output should be stored. If left the default empty, the path will be generated automatically.'
    required: false
    default: ''
  ctu:
    description: 'Whether to enable Cross Translation Unit (CTU) analysis in the Clang Static Analyzer.'
    required: true
    default: 'false'

  fail-build-if-reports:
    description: 'Whether to fail the build if static analysis warnings are emitted.'
    required: true
    default: 'false'

  store:
    description: 'Whether to enable storing the results to a CodeChecker server. If enabled, other flags, such as "store-url" must also be set.'
    required: true
    default: 'false'
  store-url:
    description: 'The CodeChecker product URL (usually in the format of http://example.com/ProductName) where the store should connect to. Mandatory if "store" is true.'
    required: false
  store-username:
    description: 'If the server requires authentication, the username to authenticate with.'
    required: false
  store-password:
    description: 'The password (or generated private access token) corresponding to the user.'
    required: false
  store-run-name:
    description: 'An identifying name of the analysis run. A run usually correlates to a set of configuration, e.g. analysis mode, branch, etc. If left default, the name is automatically generated from the current repository and branch name.'
    required: true
    default: '__DEFAULT__'

outputs:
  logfile:
    description: 'The location of the JSON Compilation Database that was used for the analysis.'
    value: ${{ steps.log.outputs.COMPILATION_DATABASE }}

  analyze-output:
    description: 'The output directory where the raw analysis output was stored to.'
    value: ${{ steps.analyze.outputs.OUTPUT_DIR }}

  warnings:
    description: 'Whether the static analyser(s) reported any findings.'
    value: ${{ steps.parse.outputs.HAS_FINDINGS }}
  result-log:
    description: 'The file where the output of CodeChecker parse is written to verbatim.'
    value: ${{ steps.parse.outputs.OUTPUT_LOG }}
  result-html-dir:
    description: 'The output directory where the user-friendly HTML reports were stored to.'
    value: ${{ steps.parse.outputs.HTML_DIR }}

  store-run-name:
    description: 'The name of the analysis run that the results were uploaded to.'
    value: ${{ steps.store-pre.outputs.RUN_NAME }}

runs:
  using: "composite"
  steps:
    - name: "Check out repository ${{ inputs.repository }}"
      uses: actions/checkout@v2
      if: ${{ inputs.install-custom == 'true' }}
      with:
        path: CodeChecker
        repository: ${{ inputs.repository }}
        ref: ${{ inputs.version }}

    - name: "Install LLVM (${{ inputs.llvm-version }})"
      id: llvm
      if: ${{ inputs.llvm-version != 'ignore' }}
      env:
        IN_LLVM_VERSION: ${{ inputs.llvm-version }}
      shell: bash
      run: ${{ github.action_path }}/src/get-llvm.sh

    - name: "Build and Package CodeChecker"
      id: codechecker
      env:
        CODECHECKER_WILL_USE_WEB_API: ${{ inputs.store == 'true' }}

        IN_INSTALL_CUSTOM: ${{ inputs.install-custom }}
        IN_VERSION: ${{ inputs.version }}
      shell: bash
      run: |
        set -x
        if [[ "$IN_INSTALL_CUSTOM" == "true" ]]; then
          ${{ github.action_path }}/src/build-codechecker.sh
        else
          ${{ github.action_path }}/src/pip-codechecker.sh
        fi

    - name: "Prepare JSON Compilation Database"
      id: log
      env:
        ACTION_NAME: ${{ github.action }}
        CODECHECKER_PATH: ${{ steps.codechecker.outputs.PATH }}

        IN_LOGFILE: ${{ inputs.logfile }}
        IN_COMMAND: ${{ inputs.build-command }}

        OUT_FILE: ${{ github.workspace }}/${{ github.action }}_codechecker_compilation_database.json
      shell: bash
      run: ${{ github.action_path }}/src/get-or-create-build-json.sh

    - name: "Execute static analysis"
      id: analyze
      env:
        ACTION_NAME: ${{ github.action }}
        CODECHECKER_PATH: ${{ steps.codechecker.outputs.PATH }}
        COMPILATION_DATABASE: ${{ steps.log.outputs.COMPILATION_DATABASE }}

        IN_CONFIGFILE: ${{ inputs.config }}
        IN_CTU: ${{ inputs.ctu }}
        IN_FLAGS: ${{ inputs.analyze-options }}
        IN_OUTPUT_DIR: ${{ inputs.analyze-output }}
      shell: bash
      run: ${{ github.action_path }}/src/execute-analysis.sh

    - name: "Parse and convert results"
      id: parse
      env:
        PROJECT_PATH: ${{ github.workspace }}
        CODECHECKER_PATH: ${{ steps.codechecker.outputs.PATH }}
        RAW_RESULT_DIR: ${{ steps.analyze.outputs.OUTPUT_DIR }}

        IN_CONFIGFILE: ${{ inputs.config }}
        IN_FAIL_IF_REPORTS: ${{ inputs.fail-build-if-reports }}
        IN_OUTPUT_DIR: ${{ inputs.analyze-output }}
      shell: bash
      run: ${{ github.action_path }}/src/parse-results.sh

    - name: "Fail the build if requested and warnings detected"
      if: ${{ steps.parse.outputs.HAS_FINDINGS == 'true' && inputs.fail-build-if-reports == 'true' }}
      shell: bash
      run: |
        echo "Static analysis reported warnings, and user requested build breaking."
        exit 1

    - name: "Generate the configuration for uploading results"
      id: store-pre
      if: ${{ inputs.store == 'true' }}
      env:
        IN_STORE_URL: ${{ inputs.store-url }}
        IN_STORE_USERNAME: ${{ inputs.store-username }}
        IN_STORE_PASSWORD: ${{ inputs.store-password }}
        IN_STORE_RUN_NAME: ${{ inputs.store-run-name }}

        GITHUB_REPOSITORY: ${{ github.repository }}
        GITHUB_REF_NAME: ${{ github.ref_name }}
        GITHUB_REF_TYPE: ${{ github.ref_type }}
        GITHUB_SHA: ${{ github.sha }}
      shell: bash
      run: ${{ github.action_path }}/src/store-pre.sh

    - name: "Store analysis results to server"
      id: store
      if: ${{ steps.store-pre.outputs.STORE_CONFIGURED == 'true' }}
      env:
        PROJECT_PATH: ${{ github.workspace }}
        CODECHECKER_PATH: ${{ steps.codechecker.outputs.PATH }}
        CODECHECKER_STORE_RUN_NAME: ${{ steps.store-pre.outputs.RUN_NAME }}
        CODECHECKER_STORE_RUN_TAG: ${{ steps.store-pre.outputs.RUN_TAG }}
        RAW_RESULT_DIR: ${{ steps.analyze.outputs.OUTPUT_DIR }}

        IN_CONFIGFILE: ${{ inputs.config }}
        IN_STORE_URL: ${{ inputs.store-url }}
      shell: bash
      run: ${{ github.action_path }}/src/store.sh
Initial commit: My first action! 2021-11-27 11:18:56 +01:00			`name: 'CodeChecker Static Analysis'`
			`author: 'Whisperity'`
			`description: 'Execute C/C++ static analysis of LLVM/Clang (Clang Static Analyzer and Clang-Tidy) driven via CodeChecker.'`
Wire in downloading and installing LLVM from PPA 2021-11-27 12:34:26 +01:00			`branding:`
			`icon: 'tool'`
			`color: 'blue'`

Initial commit: My first action! 2021-11-27 11:18:56 +01:00			`inputs:`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`install-custom:`
			`description: 'Whether to download, check out, and build a CodeChecker package manually in the CI.'`
			`required: true`
			`default: 'false'`
Add framework code for downloading and packaging CodeChecker 2021-11-27 11:23:14 +01:00			`repository:`
			`description: 'The CodeChecker repository to check out and build from.'`
			`required: true`
			`default: 'Ericsson/CodeChecker'`
Initial commit: My first action! 2021-11-27 11:18:56 +01:00			`version:`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`description: 'The version of the CodeChecker suite to obtain and execute. Might be a Git commit SHA, a branch name, or a tag if building a custom package, or a release version if downloading from PyPI. If "master" and downloading from PyPI, fetch the latest release.'`
Initial commit: My first action! 2021-11-27 11:18:56 +01:00			`required: true`
			`default: 'master'`
Wire in downloading and installing LLVM from PPA 2021-11-27 12:34:26 +01:00			`llvm-version:`
			`description: 'The major version of LLVM to install and use. LLVM is installed from PPA. If "latest", automatically gather the latest version. If "ignore", do not install anything. (Not recommended)'`
			`required: true`
			`default: 'latest'`

Add script for handling `CodeChecker log` 2021-11-28 10:34:05 +01:00			`config:`
			`description: 'The CodeChecker configuration JSON that contains for each CodeChecker action (analyze, parse, ...) the list of flags that should be appended to the invocation of the command.'`
			`required: false`

			`logfile:`
			`description: 'The location of the JSON Compilation Database for the project. This file describes how the project is compiled, and thus how it should be analysed. Mutually exclusive with "build-command".'`
			`required: false`
			`build-command:`
			`description: 'The build command to execute and log for the creation of a JSON Compilation Database. Mutually exclusive with "logfile".'`
			`required: false`

Wire in the `analyze` command 2021-11-28 14:31:07 +01:00			`analyze-output:`
			`description: 'The output directory where the raw analysis output should be stored. If left the default empty, the path will be generated automatically.'`
			`required: false`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`default: ''`
Wire in the `analyze` command 2021-11-28 14:31:07 +01:00			`ctu:`
			`description: 'Whether to enable Cross Translation Unit (CTU) analysis in the Clang Static Analyzer.'`
			`required: true`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`default: 'false'`
Wire in the `analyze` command 2021-11-28 14:31:07 +01:00
Add the `parse` step that converts and shows analysis results 2021-11-28 15:50:11 +01:00			`fail-build-if-reports:`
			`description: 'Whether to fail the build if static analysis warnings are emitted.'`
			`required: true`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`default: 'false'`
Add the `parse` step that converts and shows analysis results 2021-11-28 15:50:11 +01:00
feat: Expose and wire in the `store` command 2021-11-29 16:22:28 +01:00			`store:`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`description: 'Whether to enable storing the results to a CodeChecker server. If enabled, other flags, such as "store-url" must also be set.'`
feat: Expose and wire in the `store` command 2021-11-29 16:22:28 +01:00			`required: true`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`default: 'false'`
feat: Expose and wire in the `store` command 2021-11-29 16:22:28 +01:00			`store-url:`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`description: 'The CodeChecker product URL (usually in the format of http://example.com/ProductName) where the store should connect to. Mandatory if "store" is true.'`
feat: Expose and wire in the `store` command 2021-11-29 16:22:28 +01:00			`required: false`
			`store-username:`
			`description: 'If the server requires authentication, the username to authenticate with.'`
			`required: false`
			`store-password:`
			`description: 'The password (or generated private access token) corresponding to the user.'`
			`required: false`
			`store-run-name:`
			`description: 'An identifying name of the analysis run. A run usually correlates to a set of configuration, e.g. analysis mode, branch, etc. If left default, the name is automatically generated from the current repository and branch name.'`
			`required: true`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`default: '__DEFAULT__'`
feat: Expose and wire in the `store` command 2021-11-29 16:22:28 +01:00
Wire in the `analyze` command 2021-11-28 14:31:07 +01:00			`outputs:`
			`logfile:`
			`description: 'The location of the JSON Compilation Database that was used for the analysis.'`
			`value: ${{ steps.log.outputs.COMPILATION_DATABASE }}`

			`analyze-output:`
			`description: 'The output directory where the raw analysis output was stored to.'`
			`value: ${{ steps.analyze.outputs.OUTPUT_DIR }}`

Add the `parse` step that converts and shows analysis results 2021-11-28 15:50:11 +01:00			`warnings:`
			`description: 'Whether the static analyser(s) reported any findings.'`
			`value: ${{ steps.parse.outputs.HAS_FINDINGS }}`
nit: Make the CTU test have a valid finding with defualt configuration 2021-11-28 15:59:18 +01:00			`result-log:`
			`description: 'The file where the output of CodeChecker parse is written to verbatim.'`
			`value: ${{ steps.parse.outputs.OUTPUT_LOG }}`
Add the `parse` step that converts and shows analysis results 2021-11-28 15:50:11 +01:00			`result-html-dir:`
			`description: 'The output directory where the user-friendly HTML reports were stored to.'`
			`value: ${{ steps.parse.outputs.HTML_DIR }}`

feat: Expose and wire in the `store` command 2021-11-29 16:22:28 +01:00			`store-run-name:`
			`description: 'The name of the analysis run that the results were uploaded to.'`
			`value: ${{ steps.store-pre.outputs.RUN_NAME }}`

Initial commit: My first action! 2021-11-27 11:18:56 +01:00			`runs:`
			`using: "composite"`
			`steps:`
Add framework code for downloading and packaging CodeChecker 2021-11-27 11:23:14 +01:00			`- name: "Check out repository ${{ inputs.repository }}"`
			`uses: actions/checkout@v2`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`if: ${{ inputs.install-custom == 'true' }}`
Add framework code for downloading and packaging CodeChecker 2021-11-27 11:23:14 +01:00			`with:`
			`path: CodeChecker`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`repository: ${{ inputs.repository }}`
Add framework code for downloading and packaging CodeChecker 2021-11-27 11:23:14 +01:00			`ref: ${{ inputs.version }}`

feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`- name: "Install LLVM (${{ inputs.llvm-version }})"`
Wire in downloading and installing LLVM from PPA 2021-11-27 12:34:26 +01:00			`id: llvm`
			`if: ${{ inputs.llvm-version != 'ignore' }}`
			`env:`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`IN_LLVM_VERSION: ${{ inputs.llvm-version }}`
Wire in downloading and installing LLVM from PPA 2021-11-27 12:34:26 +01:00			`shell: bash`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`run: ${{ github.action_path }}/src/get-llvm.sh`
Wire in downloading and installing LLVM from PPA 2021-11-27 12:34:26 +01:00
Add framework code for downloading and packaging CodeChecker 2021-11-27 11:23:14 +01:00			`- name: "Build and Package CodeChecker"`
Wire in downloading and installing LLVM from PPA 2021-11-27 12:34:26 +01:00			`id: codechecker`
Add framework code for downloading and packaging CodeChecker 2021-11-27 11:23:14 +01:00			`env:`
feat: Expose and wire in the `store` command 2021-11-29 16:22:28 +01:00			`CODECHECKER_WILL_USE_WEB_API: ${{ inputs.store == 'true' }}`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00
			`IN_INSTALL_CUSTOM: ${{ inputs.install-custom }}`
			`IN_VERSION: ${{ inputs.version }}`
Add framework code for downloading and packaging CodeChecker 2021-11-27 11:23:14 +01:00			`shell: bash`
Initial commit: My first action! 2021-11-27 11:18:56 +01:00			`run: \|`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`set -x`
			`if [[ "$IN_INSTALL_CUSTOM" == "true" ]]; then`
			`${{ github.action_path }}/src/build-codechecker.sh`
Add framework code for downloading and packaging CodeChecker 2021-11-27 11:23:14 +01:00			`else`
feat: Grab CodeChecker release from PyPI by default 2021-11-29 17:42:43 +01:00			`${{ github.action_path }}/src/pip-codechecker.sh`
Add framework code for downloading and packaging CodeChecker 2021-11-27 11:23:14 +01:00			`fi`

Add script for handling `CodeChecker log` 2021-11-28 10:34:05 +01:00			`- name: "Prepare JSON Compilation Database"`
Wire in the `analyze` command 2021-11-28 14:31:07 +01:00			`id: log`
Add script for handling `CodeChecker log` 2021-11-28 10:34:05 +01:00			`env:`
Wire in the `analyze` command 2021-11-28 14:31:07 +01:00			`ACTION_NAME: ${{ github.action }}`
Add script for handling `CodeChecker log` 2021-11-28 10:34:05 +01:00			`CODECHECKER_PATH: ${{ steps.codechecker.outputs.PATH }}`

			`IN_LOGFILE: ${{ inputs.logfile }}`
			`IN_COMMAND: ${{ inputs.build-command }}`

Wire in the `analyze` command 2021-11-28 14:31:07 +01:00			`OUT_FILE: ${{ github.workspace }}/${{ github.action }}_codechecker_compilation_database.json`
Add script for handling `CodeChecker log` 2021-11-28 10:34:05 +01:00			`shell: bash`
			`run: ${{ github.action_path }}/src/get-or-create-build-json.sh`
Wire in the `analyze` command 2021-11-28 14:31:07 +01:00
			`- name: "Execute static analysis"`
			`id: analyze`
			`env:`
			`ACTION_NAME: ${{ github.action }}`
			`CODECHECKER_PATH: ${{ steps.codechecker.outputs.PATH }}`
			`COMPILATION_DATABASE: ${{ steps.log.outputs.COMPILATION_DATABASE }}`

			`IN_CONFIGFILE: ${{ inputs.config }}`
			`IN_CTU: ${{ inputs.ctu }}`
			`IN_FLAGS: ${{ inputs.analyze-options }}`
			`IN_OUTPUT_DIR: ${{ inputs.analyze-output }}`
			`shell: bash`
			`run: ${{ github.action_path }}/src/execute-analysis.sh`
Add the `parse` step that converts and shows analysis results 2021-11-28 15:50:11 +01:00
			`- name: "Parse and convert results"`
			`id: parse`
			`env:`
			`PROJECT_PATH: ${{ github.workspace }}`
			`CODECHECKER_PATH: ${{ steps.codechecker.outputs.PATH }}`
			`RAW_RESULT_DIR: ${{ steps.analyze.outputs.OUTPUT_DIR }}`

			`IN_CONFIGFILE: ${{ inputs.config }}`
			`IN_FAIL_IF_REPORTS: ${{ inputs.fail-build-if-reports }}`
			`IN_OUTPUT_DIR: ${{ inputs.analyze-output }}`
			`shell: bash`
			`run: ${{ github.action_path }}/src/parse-results.sh`

			`- name: "Fail the build if requested and warnings detected"`
			`if: ${{ steps.parse.outputs.HAS_FINDINGS == 'true' && inputs.fail-build-if-reports == 'true' }}`
			`shell: bash`
			`run: \|`
			`echo "Static analysis reported warnings, and user requested build breaking."`
			`exit 1`
feat: Expose and wire in the `store` command 2021-11-29 16:22:28 +01:00
			`- name: "Generate the configuration for uploading results"`
			`id: store-pre`
			`if: ${{ inputs.store == 'true' }}`
			`env:`
			`IN_STORE_URL: ${{ inputs.store-url }}`
			`IN_STORE_USERNAME: ${{ inputs.store-username }}`
			`IN_STORE_PASSWORD: ${{ inputs.store-password }}`
			`IN_STORE_RUN_NAME: ${{ inputs.store-run-name }}`

			`GITHUB_REPOSITORY: ${{ github.repository }}`
			`GITHUB_REF_NAME: ${{ github.ref_name }}`
			`GITHUB_REF_TYPE: ${{ github.ref_type }}`
			`GITHUB_SHA: ${{ github.sha }}`
			`shell: bash`
			`run: ${{ github.action_path }}/src/store-pre.sh`

			`- name: "Store analysis results to server"`
			`id: store`
			`if: ${{ steps.store-pre.outputs.STORE_CONFIGURED == 'true' }}`
			`env:`
			`PROJECT_PATH: ${{ github.workspace }}`
			`CODECHECKER_PATH: ${{ steps.codechecker.outputs.PATH }}`
			`CODECHECKER_STORE_RUN_NAME: ${{ steps.store-pre.outputs.RUN_NAME }}`
			`CODECHECKER_STORE_RUN_TAG: ${{ steps.store-pre.outputs.RUN_TAG }}`
			`RAW_RESULT_DIR: ${{ steps.analyze.outputs.OUTPUT_DIR }}`

			`IN_CONFIGFILE: ${{ inputs.config }}`
			`IN_STORE_URL: ${{ inputs.store-url }}`
			`shell: bash`
			`run: ${{ github.action_path }}/src/store.sh`