From ca4df37f23d668f92932b50c1d03e0ea6b5a5b8b Mon Sep 17 00:00:00 2001 From: Wu Xiaotian Date: Fri, 26 Apr 2019 17:37:37 +0800 Subject: [ci] Enable Clang Static Analyzer --- .travis.yml | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 65 insertions(+), 4 deletions(-) diff --git a/.travis.yml b/.travis.yml index 20be03a..57aa9f1 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,9 +5,14 @@ language: bash services: - docker +branches: + except: + - gh-pages + before_install: - curl -Ls -o docker-build https://github.com/mate-desktop/mate-dev-scripts/raw/master/travis/docker-build - - chmod +x docker-build + - curl -Ls -o gen-index https://github.com/mate-desktop/mate-dev-scripts/raw/master/travis/gen-index.sh + - chmod +x docker-build gen-index install: - sudo apt-get install -y python3-pip python3-setuptools @@ -16,9 +21,19 @@ install: - ./docker-build --name ${DISTRO} --config .travis.yml --install script: - - ./docker-build --name ${DISTRO} --verbose --config .travis.yml --build autotools + - ./docker-build --name ${DISTRO} --verbose --config .travis.yml --build scripts deploy: + - provider: pages + github-token: $GITHUB_TOKEN + #keep-history: true + skip_cleanup: true + committer-from-gh: true + target-branch: gh-pages + local-dir: html-report + on: + all_branches: true + condition: ${DISTRO} =~ ^fedora.*$ - provider: script script: ./docker-build --verbose --config .travis.yml --release github skip_cleanup: true @@ -26,6 +41,17 @@ deploy: tags: true condition: "${TRAVIS_TAG} =~ ^v.*$ && ${DISTRO} =~ ^fedora.*$" +after_success: + - 'if [[ "$TRAVIS_SECURE_ENV_VARS" == "true" && "$TRAVIS_PULL_REQUEST" != "false" && ${DISTRO} =~ ^fedora.*$ ]]; then + REPO_SLUG_ARRAY=(${TRAVIS_REPO_SLUG//\// }); + REPO_NAME=${REPO_SLUG_ARRAY[1]}; + URL="https://${REPO_NAME}.mate-desktop.dev"; + COMMENT="Code analysis completed"; + curl -H "Authorization: token $GITHUB_TOKEN" -X POST + -d "{\"state\": \"success\", \"description\": \"$COMMENT\", \"context\":\"scan-build\", \"target_url\": \"$URL\"}" + https://api.github.com/repos/${TRAVIS_REPO_SLUG}/statuses/${TRAVIS_PULL_REQUEST_SHA}; + fi' + env: - DISTRO="archlinux/base" - DISTRO="debian:sid" @@ -38,6 +64,7 @@ env: requires: archlinux: # Useful URL: https://git.archlinux.org/svntogit/community.git/tree/mate-sensors-applet + - clang - gcc - git - gtk3 @@ -53,6 +80,9 @@ requires: debian: # Useful URL: https://github.com/mate-desktop/debian-packages # Useful URL: https://salsa.debian.org/debian-mate-team/mate-sensors-applet + - clang + - clang-tools + - gcc - git - intltool - libcairo2-dev @@ -63,13 +93,15 @@ requires: - libsensors4-dev - libtool - libxml-parser-perl - - libxnvctrl-dev + - libxnvctrl-dev - make - mate-common - yelp-tools fedora: # Useful URL: https://src.fedoraproject.org/cgit/rpms/mate-sensors-applet.git + - clang + - clang-analyzer - gcc - git - gtk3-devel @@ -82,6 +114,8 @@ requires: - redhat-rpm-config ubuntu: + - clang + - clang-tools - git - intltool - libcairo2-dev @@ -92,13 +126,28 @@ requires: - libsensors4-dev - libtool - libxml-parser-perl - - libxnvctrl-dev + - libxnvctrl-dev - make - mate-common - yelp-tools variables: - CFLAGS="-Wall -Werror=format-security" + - 'CHECKERS=" + -enable-checker deadcode.DeadStores + -enable-checker alpha.core.CastSize + -enable-checker alpha.core.CastToStruct + -enable-checker alpha.core.IdenticalExpr + -enable-checker alpha.core.SizeofPtr + -enable-checker alpha.security.ArrayBoundV2 + -enable-checker alpha.security.MallocOverflow + -enable-checker alpha.security.ReturnPtrRange + -enable-checker alpha.unix.SimpleStream + -enable-checker alpha.unix.cstring.BufferOverlap + -enable-checker alpha.unix.cstring.NotNullTerminated + -enable-checker alpha.unix.cstring.OutOfBounds + -enable-checker alpha.core.FixedAddr + -enable-checker security.insecureAPI.strcpy"' before_scripts: - if [ ${DISTRO_NAME} == "debian" ];then @@ -106,7 +155,19 @@ before_scripts: - bash ./debian.sh - fi +build_scripts: + - ./autogen.sh + - scan-build $CHECKERS ./configure + - if [ $CPU_COUNT -gt 1 ]; then + - scan-build $CHECKERS --keep-cc -o html-report make -j $CPU_COUNT + - else + - scan-build $CHECKERS --keep-cc -o html-report make + - fi + after_scripts: + - if [ ${DISTRO_NAME} == "fedora" ];then + - ./gen-index + - fi - make distcheck releases: -- cgit v1.2.1