# pre_check stage clang_tidy_check: extends: - .pre_check_base_template - .rules:patterns:clang_tidy image: ${CLANG_STATIC_ANALYSIS_IMAGE} artifacts: paths: - $OUTPUT_DIR when: always expire_in: 1 day variables: CLANG_TIDY_RUNNER_PROJ: 2107 # idf/clang-tidy-runner CLANG_TIDY_DIRS_TXT: ${CI_PROJECT_DIR}/tools/ci/clang_tidy_dirs.txt RULES_FILE: ${CI_PROJECT_DIR}/tools/ci/static-analysis-rules.yml OUTPUT_DIR: ${CI_PROJECT_DIR}/clang_tidy_reports script: - python -m pip install -U pip - internal_pip_install $CLANG_TIDY_RUNNER_PROJ pyclang - export PATH=$PATH:$(python -c "import sys; print(sys.executable.rsplit('/', 1)[0])") - dirs=$(cat ${CLANG_TIDY_DIRS_TXT} | while read line; do echo ${CI_PROJECT_DIR}/${line}; done | xargs) - run_cmd idf_clang ${dirs} --output-path ${OUTPUT_DIR} --limit-file ${RULES_FILE} --xtensa-include-dir --run-clang-tidy-py ${RUN_CLANG_TIDY_PY} check_pylint: extends: - .pre_check_base_template - .rules:patterns:python-files - .before_script_minimal image: $CI_DOCKER_REGISTRY/sonarqube-scanner:2 artifacts: when: always paths: - pylint-report.txt expire_in: 1 week script: - export PYTHONPATH="$IDF_PATH/tools:$IDF_PATH/tools/ci/python_packages:$PYTHONPATH" - | if [ -n "$CI_MERGE_REQUEST_IID" ]; then export files=$(python ${CI_PROJECT_DIR}/tools/ci/ci_get_mr_info.py files ${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME} | grep ".py"); else export files=$(find . -iname "*.py" -print); fi - pylint --rcfile=.pylintrc $files -r n --output-format=parseable > pylint-report.txt || exit 0 # build stage # Sonarqube related jobs put here for this reason: # Here we have two jobs. code_quality_check and code_quality_report. # # code_quality_check will analyze the code changes between your MR and # code repo stored in sonarqube server. The analysis result is only shown in # the comments under this MR and won't be transferred to the server. # # code_quality_report will analyze and transfer both of the newly added code # and the analysis result to the server. # # Put in the front to ensure that the newly merged code can be stored in # sonarqube server ASAP, in order to avoid reporting unrelated code issues .sonar_scan_template: stage: build image: name: $CI_DOCKER_REGISTRY/sonarqube-scanner:2 before_script: - source tools/ci/utils.sh - export PYTHONPATH="$CI_PROJECT_DIR/tools:$CI_PROJECT_DIR/tools/ci/python_packages:$PYTHONPATH" - fetch_submodules variables: GIT_DEPTH: 0 REPORT_PATTERN: clang_tidy_reports/*.txt artifacts: when: always paths: - $REPORT_PATTERN tags: - host_test dependencies: # Here is not a hard dependency relationship, could be skipped when only python files changed. so we do not use "needs" here. - clang_tidy_check - check_pylint code_quality_check: extends: - .sonar_scan_template - .rules:patterns:static-code-analysis-preview allow_failure: true # since now it's using exit code to indicate the code analysis result, # we don't want to block ci when critical issues founded script: - export CI_MERGE_REQUEST_COMMITS=$(python ${CI_PROJECT_DIR}/tools/ci/ci_get_mr_info.py commits ${CI_COMMIT_REF_NAME} | tr '\n' ',') # test if this branch have merge request, if not, exit 0 - test -n "$CI_MERGE_REQUEST_IID" || exit 0 - test -n "$CI_MERGE_REQUEST_COMMITS" || exit 0 - sonar-scanner -Dsonar.analysis.mode=preview -Dsonar.branch.name=$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME -Dsonar.cxx.clangtidy.reportPath=$REPORT_PATTERN -Dsonar.gitlab.ci_merge_request_iid=$CI_MERGE_REQUEST_IID -Dsonar.gitlab.commit_sha=$CI_MERGE_REQUEST_COMMITS -Dsonar.gitlab.ref_name=$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.python.pylint.reportPath=pylint-report.txt code_quality_report: extends: - .sonar_scan_template - .rules:protected allow_failure: true # since now it's using exit code to indicate the code analysis result, # we don't want to block ci when critical issues founded script: - sonar-scanner -Dsonar.branch.name=$CI_COMMIT_REF_NAME -Dsonar.cxx.clangtidy.reportPath=$REPORT_PATTERN -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_LOGIN -Dsonar.python.pylint.reportPath=pylint-report.txt