From ca4df37f23d668f92932b50c1d03e0ea6b5a5b8b Mon Sep 17 00:00:00 2001
From: Wu Xiaotian <yetist@gmail.com>
Date: Fri, 26 Apr 2019 17:37:37 +0800
Subject: [ci] Enable Clang Static Analyzer

---
 .travis.yml | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 65 insertions(+), 4 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 20be03a..57aa9f1 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -5,9 +5,14 @@ language: bash
 services:
   - docker
 
+branches:
+  except:
+    - gh-pages
+
 before_install:
   - curl -Ls -o docker-build https://github.com/mate-desktop/mate-dev-scripts/raw/master/travis/docker-build
-  - chmod +x docker-build
+  - curl -Ls -o gen-index https://github.com/mate-desktop/mate-dev-scripts/raw/master/travis/gen-index.sh
+  - chmod +x docker-build gen-index
 
 install:
   - sudo apt-get install -y python3-pip python3-setuptools
@@ -16,9 +21,19 @@ install:
   - ./docker-build --name ${DISTRO} --config .travis.yml --install
 
 script:
-  - ./docker-build --name ${DISTRO} --verbose --config .travis.yml --build autotools
+  - ./docker-build --name ${DISTRO} --verbose --config .travis.yml --build scripts
 
 deploy:
+  - provider: pages
+    github-token: $GITHUB_TOKEN
+    #keep-history: true
+    skip_cleanup: true
+    committer-from-gh: true
+    target-branch: gh-pages
+    local-dir: html-report
+    on:
+      all_branches: true
+      condition: ${DISTRO} =~ ^fedora.*$
   - provider: script
     script: ./docker-build --verbose --config .travis.yml --release github
     skip_cleanup: true
@@ -26,6 +41,17 @@ deploy:
       tags: true
       condition: "${TRAVIS_TAG} =~ ^v.*$ && ${DISTRO} =~ ^fedora.*$"
 
+after_success:
+  - 'if [[ "$TRAVIS_SECURE_ENV_VARS" == "true" && "$TRAVIS_PULL_REQUEST" != "false" && ${DISTRO} =~ ^fedora.*$ ]]; then
+        REPO_SLUG_ARRAY=(${TRAVIS_REPO_SLUG//\// });
+        REPO_NAME=${REPO_SLUG_ARRAY[1]};
+        URL="https://${REPO_NAME}.mate-desktop.dev";
+        COMMENT="Code analysis completed";
+        curl -H "Authorization: token $GITHUB_TOKEN" -X POST
+           -d "{\"state\": \"success\", \"description\": \"$COMMENT\", \"context\":\"scan-build\", \"target_url\": \"$URL\"}"
+           https://api.github.com/repos/${TRAVIS_REPO_SLUG}/statuses/${TRAVIS_PULL_REQUEST_SHA};
+     fi'
+
 env:
   - DISTRO="archlinux/base"
   - DISTRO="debian:sid"
@@ -38,6 +64,7 @@ env:
 requires:
   archlinux:
     # Useful URL: https://git.archlinux.org/svntogit/community.git/tree/mate-sensors-applet
+    - clang
     - gcc
     - git
     - gtk3
@@ -53,6 +80,9 @@ requires:
   debian:
     # Useful URL: https://github.com/mate-desktop/debian-packages
     # Useful URL: https://salsa.debian.org/debian-mate-team/mate-sensors-applet
+    - clang
+    - clang-tools
+    - gcc
     - git
     - intltool
     - libcairo2-dev
@@ -63,13 +93,15 @@ requires:
     - libsensors4-dev
     - libtool
     - libxml-parser-perl
-    - libxnvctrl-dev 
+    - libxnvctrl-dev
     - make
     - mate-common
     - yelp-tools
 
   fedora:
     # Useful URL: https://src.fedoraproject.org/cgit/rpms/mate-sensors-applet.git
+    - clang
+    - clang-analyzer
     - gcc
     - git
     - gtk3-devel
@@ -82,6 +114,8 @@ requires:
     - redhat-rpm-config
 
   ubuntu:
+    - clang
+    - clang-tools
     - git
     - intltool
     - libcairo2-dev
@@ -92,13 +126,28 @@ requires:
     - libsensors4-dev
     - libtool
     - libxml-parser-perl
-    - libxnvctrl-dev 
+    - libxnvctrl-dev
     - make
     - mate-common
     - yelp-tools
 
 variables:
   - CFLAGS="-Wall -Werror=format-security"
+  - 'CHECKERS="
+    -enable-checker deadcode.DeadStores
+    -enable-checker alpha.core.CastSize
+    -enable-checker alpha.core.CastToStruct
+    -enable-checker alpha.core.IdenticalExpr
+    -enable-checker alpha.core.SizeofPtr
+    -enable-checker alpha.security.ArrayBoundV2
+    -enable-checker alpha.security.MallocOverflow
+    -enable-checker alpha.security.ReturnPtrRange
+    -enable-checker alpha.unix.SimpleStream
+    -enable-checker alpha.unix.cstring.BufferOverlap
+    -enable-checker alpha.unix.cstring.NotNullTerminated
+    -enable-checker alpha.unix.cstring.OutOfBounds
+    -enable-checker alpha.core.FixedAddr
+    -enable-checker security.insecureAPI.strcpy"'
 
 before_scripts:
   - if [ ${DISTRO_NAME} == "debian" ];then
@@ -106,7 +155,19 @@ before_scripts:
   -     bash ./debian.sh
   - fi
 
+build_scripts:
+  - ./autogen.sh
+  - scan-build $CHECKERS ./configure
+  - if [ $CPU_COUNT -gt 1 ]; then
+  -     scan-build $CHECKERS --keep-cc -o html-report make -j $CPU_COUNT
+  - else
+  -     scan-build $CHECKERS --keep-cc -o html-report make
+  - fi
+
 after_scripts:
+  - if [ ${DISTRO_NAME} == "fedora" ];then
+  -   ./gen-index
+  - fi
   - make distcheck
 
 releases:
-- 
cgit v1.2.1