-
Notifications
You must be signed in to change notification settings - Fork 279
213 lines (173 loc) · 6.7 KB
/
lint_pr.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
name: lint_pr
on: pull_request
jobs:
run-cppcheck:
runs-on: ubuntu-latest
steps:
- name: Get PR File List
shell: bash
run: |
URL="https://api.github.com/repos/${GITHUB_REPOSITORY}/pulls/${{ github.event.pull_request.number }}/files"
curl -s -X GET -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" $URL | jq -r '.[] | .filename' > git_diff.log
cat git_diff.log
- name: Check for C/CPP Sources
shell: bash
run : |
CPP_FILE_LIST="/tmp/cppcheck_file_list.log"
# Only keep the source files to check or CPPCheck gets confused.
sed '/\(\.c$\|\.cpp$\|\.c$\|\.cc$\|\.cu$\|\.cxx$\|\.h$\|\.hh$\|\.hpp$\|\.hxx$\|\.tcc$\)/!d' git_diff.log > $CPP_FILE_LIST
if [ -s $CPP_FILE_LIST ]; then
echo "C/C++ source files kept:"
cat $CPP_FILE_LIST
fi
if [ -s $CPP_FILE_LIST ]; then
echo "contains_c_source=true" >> $GITHUB_ENV
else
echo "contains_c_source=false" >> $GITHUB_ENV
fi
- uses: actions/checkout@v3
name: Checkout Repo
if: env.contains_c_source == 'true'
- uses: actions/setup-python@v2
name: Setup Python
if: env.contains_c_source == 'true'
- name: Install CPPCheck
if: env.contains_c_source == 'true'
run: sudo apt-get install -y cppcheck
- name: Run CPPCheck on Modified Source Files
if: env.contains_c_source == 'true'
continue-on-error: true
shell: bash
run: |
# These files specify the config for cppcheck and a list of errors to suppress
CPPCHECK_CONFIG=.circleci/lint/cppcheck/cppcheck.cfg
CPPCHECK_SUPPRESSED=.circleci/lint/cppcheck/cppcheck-suppressions.txt
echo "Files to check:"
cat /tmp/cppcheck_file_list.log
options=( "-j2"
"--inconclusive"
"--enable=performance,style,portability,information"
"--library=./tools/circle-ci/lint-config/cppcheck.cfg"
"--suppressions-list=./tools/circle-ci/lint-config/cppcheck-suppressions.txt"
"--file-list=/tmp/cppcheck_file_list.log"
"--template={file}:{line}:{column}:{message}"
"--output-file=/tmp/cppcheck.log"
"--report-progress")
cppcheck "${options[@]}"
echo "Errors Found:"
cat /tmp/cppcheck.log
- uses: actions/upload-artifact@master
name: Upload CPPCheck error log
if: env.contains_c_source == 'true'
with:
name: cppcheck-output
path: /tmp/cppcheck.log
- name: Check for cppcheck output
if: env.contains_c_source == 'true'
run : |
if [ -s /tmp/cppcheck.log ]; then
exit 1
fi
run-shellcheck:
runs-on: ubuntu-latest
steps:
# Unfortunately some shell files don't have an extension.
# This means we need to checkout the entire repo just to see if we need
# to lint anything...
- uses: actions/checkout@v3
name: Checkout Repo
- name: Get PR File List
shell: bash
run: |
URL="https://api.github.com/repos/${GITHUB_REPOSITORY}/pulls/${{ github.event.pull_request.number }}/files"
curl -s -X GET -H "Authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" $URL | jq -r '.[] | .filename' > git_diff.log
cat git_diff.log
- name: Check for shell files
shell: bash
run : |
SHELL_FILE_LIST="/tmp/shellcheck_file_list.log"
# Get all the shell files.
FILE_PATHS=$(cat git_diff.log)
for FILE_PATH in $FILE_PATHS
do
file_type="$(file -b $FILE_PATH)"
echo $file_type
sub_str='shell'
if [[ "$file_type" == *"$sub_str"* ]]; then
echo "$FILE_PATH" >> $SHELL_FILE_LIST
fi
done
if [ -s $SHELL_FILE_LIST ]; then
echo "Shell files kept:"
cat $SHELL_FILE_LIST
fi
if [ -s $SHELL_FILE_LIST ]; then
echo "contains_shell_files=true" >> "$GITHUB_ENV"
else
echo "contains_shell_files=false" >> "$GITHUB_ENV"
fi
- name: Install shellcheck
if: env.contains_shell_files == 'true'
run: sudo apt-get install -y shellcheck
- name: Run shellcheck on Modified Source Files
if: env.contains_shell_files == 'true'
continue-on-error: true
shell: bash
run: |
echo "Files to check:"
cat /tmp/shellcheck_file_list.log
FILE_PATHS=$(cat /tmp/shellcheck_file_list.log)
for FILE_PATH in $FILE_PATHS
do
options=(
"--format=gcc"
"--exclude=SC1091")
# Shellcheck will throw an error if a file fails, github actions don't like that...
shellcheck "${options[@]}" $FILE_PATH >> /tmp/shellcheck.log || true
done
echo "Errors Found:"
cat /tmp/shellcheck.log
- uses: actions/upload-artifact@master
name: Upload shellcheck error log
if: env.contains_shell_files == 'true'
with:
name: shellcheck-output
path: /tmp/shellcheck.log
- name: Check for shellcheck output
if: env.contains_shell_files == 'true'
run : |
if [ -s /tmp/shellcheck.log ]; then
exit 1
fi
Aggregate-Lint-Output:
needs: [run-cppcheck, run-shellcheck]
if: |
always() &&
(needs.run-cppcheck.result == 'failure' ||
needs.run-shellcheck.result == 'failure')
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
name: Checkout Repo
- uses: reviewdog/action-setup@v1
with:
reviewdog_version: latest
- name: Download all artifacts
uses: actions/download-artifact@v2
with:
path: /tmp/artifacts
- name: Display structure of downloaded files
run: ls -R
working-directory: /tmp/artifacts
- name: Run reviewdog
env:
REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
CPP_FILE=/tmp/artifacts/cppcheck-output/cppcheck.log
if test -f "$CPP_FILE"; then
cat "$CPP_FILE" | reviewdog -efm="%f:%l:%c:%m" -filter-mode=nofilter -reporter=github-pr-check
fi
SHELL_FILE=/tmp/artifacts/shellcheck-output/shellcheck.log
if test -f "$SHELL_FILE"; then
cat "$SHELL_FILE" | reviewdog -efm="%f:%l:%c:%m" -filter-mode=nofilter -reporter=github-pr-check
fi