diff --git a/.github/workflows/static.yml b/.github/workflows/static.yml index 7203fc5..e87915e 100644 --- a/.github/workflows/static.yml +++ b/.github/workflows/static.yml @@ -35,26 +35,53 @@ jobs: uses: actions/configure-pages@v5 - name: Install packages - run: sudo apt-get update && sudo apt-get upgrade && sudo DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt-get -y install doxygen graphviz lcov cmake + run: sudo apt-get update && sudo apt-get upgrade && sudo DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt-get -y install doxygen graphviz lcov cmake pipx clang clang-tidy + - name: Install CodeChecker + run: sudo pipx install CodeChecker --force + - name: Create documentation run: ./Docs/Gendoc.sh - - name: Run tests - run: ./Scripts/RunTests.sh + # - name: Run tests + # run: ./Scripts/RunTests.sh - - name: Test coverage - run: ./Scripts/TestCoverage.sh + # - name: Test coverage + # run: ./Scripts/TestCoverage.sh - - name: Move coverage artifact - run: mv ./Coverage ./Docs/Generated/html + # - name: Move coverage artifact + # run: mv ./Coverage ./Docs/Generated/html + + - name: Run sast + run: | + # Navigate to root dir + # Navigate to sast dir + mkdir -p Sast + cd Sast + + cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=1 ../Source/ + + CodeChecker analyze ./compile_commands.json --analyzers clangsa --enable=sensitive --output clangsa + CodeChecker parse --export html --output ./html_clangsa ./clangsa + + CodeChecker analyze ./compile_commands.json --analyzers cppcheck --enable=sensitive --output cppcheck + CodeChecker parse --export html --output ./html_cppcheck ./cppcheck + + CodeChecker analyze ./compile_commands.json --analyzers clang-tidy --enable=sensitive --output clang-tidy + CodeChecker parse --export html --output ./html_clang_tidy ./clang-tidy + + - name: Move sast artifacts + run: | + mv ./Sast/html_clang_tidy ./Docs/Generated/html + mv ./Sast/html_clang_tidy ./Docs/Generated/html + mv ./Sast/html_clang_tidy ./Docs/Generated/html - name: Upload artifact uses: actions/upload-pages-artifact@v3 with: # Upload documentation path: './Docs/Generated/html/' - + - name: Deploy to GitHub Pages id: deployment uses: actions/deploy-pages@v4 diff --git a/.gitignore b/.gitignore index f75b785..e4cc82f 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,5 @@ Docs/Generated Docs/Examples Build Release -Coverage \ No newline at end of file +Coverage +Sast \ No newline at end of file diff --git a/Scripts/Clean.sh b/Scripts/Clean.sh index c7b30d9..021e77e 100755 --- a/Scripts/Clean.sh +++ b/Scripts/Clean.sh @@ -4,6 +4,7 @@ cd .. rm -rf Build rm -rf Coverage +rm -rf Sast rm -rf Release rm -rf Docs/Examples rm -rf Docs/Generated \ No newline at end of file diff --git a/Scripts/RunSast.sh b/Scripts/RunSast.sh new file mode 100755 index 0000000..e0bb6c3 --- /dev/null +++ b/Scripts/RunSast.sh @@ -0,0 +1,18 @@ +# Navigate to root dir +cd $(dirname "$0") +cd .. + +# Navigate to sast dir +mkdir -p Sast +cd Sast + +cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=1 ../Source/ + +CodeChecker analyze ./compile_commands.json --analyzers clangsa --enable=sensitive --output clangsa +CodeChecker parse --export html --output ./html_clangsa ./clangsa + +CodeChecker analyze ./compile_commands.json --analyzers cppcheck --enable=sensitive --output cppcheck +CodeChecker parse --export html --output ./html_cppcheck ./cppcheck + +CodeChecker analyze ./compile_commands.json --analyzers clang-tidy --enable=sensitive --output clang-tidy +CodeChecker parse --export html --output ./html_clang_tidy ./clang-tidy \ No newline at end of file