afa5ce4afe
* CI: add static analysis for native code / cython * CI: scan-build: also run for requirements.txt
66 lines
1.5 KiB
YAML
66 lines
1.5 KiB
YAML
name: Native Code Static Analysis
|
|
|
|
on:
|
|
push:
|
|
paths:
|
|
- '**.c'
|
|
- '**.cc'
|
|
- '**.cpp'
|
|
- '**.cxx'
|
|
- '**.h'
|
|
- '**.hh'
|
|
- '**.hpp'
|
|
- '**.pyx'
|
|
- 'setup.py'
|
|
- 'requirements.txt'
|
|
- '.github/workflows/scan-build.yml'
|
|
pull_request:
|
|
paths:
|
|
- '**.c'
|
|
- '**.cc'
|
|
- '**.cpp'
|
|
- '**.cxx'
|
|
- '**.h'
|
|
- '**.hh'
|
|
- '**.hpp'
|
|
- '**.pyx'
|
|
- 'setup.py'
|
|
- 'requirements.txt'
|
|
- '.github/workflows/scan-build.yml'
|
|
|
|
jobs:
|
|
scan-build:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
submodules: recursive
|
|
- name: Install newer Clang
|
|
run: |
|
|
wget https://apt.llvm.org/llvm.sh
|
|
chmod +x ./llvm.sh
|
|
sudo ./llvm.sh 17
|
|
- name: Install scan-build command
|
|
run: |
|
|
sudo apt install clang-tools-17
|
|
- name: Get a recent python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: '3.11'
|
|
- name: Install dependencies
|
|
run: |
|
|
python -m venv venv
|
|
source venv/bin/activate
|
|
python -m pip install --upgrade pip -r requirements.txt
|
|
- name: scan-build
|
|
run: |
|
|
source venv/bin/activate
|
|
scan-build-17 --status-bugs -o scan-build-reports -disable-checker deadcode.DeadStores python setup.py build -y
|
|
- name: Store report
|
|
if: failure()
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: scan-build-reports
|
|
path: scan-build-reports
|