From efbc0161d758dde72d162cf2043d8889abdb20d0 Mon Sep 17 00:00:00 2001
From: Autumn60 <akiro.harada@tier4.jp>
Date: Thu, 6 Jun 2024 09:28:58 +0900
Subject: [PATCH] add cppcheck-all and cppcheck-differential workflows

Signed-off-by: Autumn60 <akiro.harada@tier4.jp>
---
 .github/sync-files.yaml                      |  5 ++
 .github/workflows/cppcheck-all.yaml          | 60 ++++++++++++++++++
 .github/workflows/cppcheck-differential.yaml | 65 ++++++++++++++++++++
 3 files changed, 130 insertions(+)
 create mode 100644 .github/workflows/cppcheck-all.yaml
 create mode 100644 .github/workflows/cppcheck-differential.yaml

diff --git a/.github/sync-files.yaml b/.github/sync-files.yaml
index d3e31ac..d2518c9 100644
--- a/.github/sync-files.yaml
+++ b/.github/sync-files.yaml
@@ -21,3 +21,8 @@
     - source: .github/workflows/build-and-test.yaml
     - source: .github/workflows/build-and-test-differential.yaml
     - source: .github/workflows/cancel-previous-workflows.yaml
+
+- repository: autowarefoundation/autoware.universe
+  files:
+    - source: .github/workflows/cppcheck-all.yaml
+    - source: .github/workflows/cppcheck-differential.yaml
diff --git a/.github/workflows/cppcheck-all.yaml b/.github/workflows/cppcheck-all.yaml
new file mode 100644
index 0000000..db3bd5d
--- /dev/null
+++ b/.github/workflows/cppcheck-all.yaml
@@ -0,0 +1,60 @@
+name: cppcheck-all
+
+on:
+  pull_request:
+  schedule:
+    - cron: 0 0 * * *
+  workflow_dispatch:
+
+jobs:
+  cppcheck-all:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Install dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y build-essential cmake git libpcre3-dev
+
+      # cppcheck from apt does not yet support --check-level args, and thus install from source
+      - name: Install Cppcheck from source
+        run: |
+          mkdir /tmp/cppcheck
+          git clone https://github.com/danmar/cppcheck.git /tmp/cppcheck
+          cd /tmp/cppcheck
+          git checkout 2.14.1
+          mkdir build
+          cd build
+          cmake ..
+          make -j $(nproc)
+          sudo make install
+
+      - name: Run Cppcheck on all files
+        continue-on-error: true
+        id: cppcheck
+        run: |
+          cppcheck --enable=all --inconclusive --check-level=exhaustive --error-exitcode=1 --xml . 2> cppcheck-report.xml
+        shell: bash
+
+      - name: Count errors by error ID and severity
+        run: |
+          #!/bin/bash
+          temp_file=$(mktemp)
+          grep -oP '(?<=id=")[^"]+" severity="[^"]+' cppcheck-report.xml | sed 's/" severity="/,/g' > "$temp_file"
+          echo "Error counts by error ID and severity:"
+          sort "$temp_file" | uniq -c
+          rm "$temp_file"
+        shell: bash
+
+      - name: Upload Cppcheck report
+        uses: actions/upload-artifact@v2
+        with:
+          name: cppcheck-report
+          path: cppcheck-report.xml
+
+      - name: Fail the job if Cppcheck failed
+        if: steps.cppcheck.outcome == 'failure'
+        run: exit 1
diff --git a/.github/workflows/cppcheck-differential.yaml b/.github/workflows/cppcheck-differential.yaml
new file mode 100644
index 0000000..914abd7
--- /dev/null
+++ b/.github/workflows/cppcheck-differential.yaml
@@ -0,0 +1,65 @@
+name: cppcheck-differential
+
+on:
+  pull_request:
+
+jobs:
+  cppcheck-differential:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Install dependencies
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y build-essential cmake git libpcre3-dev
+
+      # cppcheck from apt does not yet support --check-level args, and thus install from source
+      - name: Install Cppcheck from source
+        run: |
+          mkdir /tmp/cppcheck
+          git clone https://github.com/danmar/cppcheck.git /tmp/cppcheck
+          cd /tmp/cppcheck
+          git checkout 2.14.1
+          mkdir build
+          cd build
+          cmake ..
+          make -j $(nproc)
+          sudo make install
+
+      - name: Get changed files
+        id: changed-files
+        run: |
+          git fetch origin ${{ github.base_ref }} --depth=1
+          git diff --name-only FETCH_HEAD ${{ github.sha }} > changed_files.txt
+          cat changed_files.txt
+
+      - name: Run Cppcheck on changed files
+        continue-on-error: true
+        id: cppcheck
+        run: |
+          files=$(cat changed_files.txt | grep -E '\.(cpp|hpp)$' || true)
+          if [ -n "$files" ]; then
+            echo "Running Cppcheck on changed files: $files"
+            cppcheck --enable=all --inconclusive --check-level=exhaustive --error-exitcode=1 --suppressions-list=.cppcheck_suppressions $files 2> cppcheck-report.txt
+          else
+            echo "No C++ files changed."
+            touch cppcheck-report.txt
+          fi
+        shell: bash
+
+      - name: Show cppcheck-report result
+        run: |
+          cat cppcheck-report.txt
+
+      - name: Upload Cppcheck report
+        uses: actions/upload-artifact@v2
+        with:
+          name: cppcheck-report
+          path: cppcheck-report.txt
+
+      - name: Fail the job if Cppcheck failed
+        if: steps.cppcheck.outcome == 'failure'
+        run: exit 1