kopia lustrzana https://github.com/espressif/esp-idf
122 wiersze
4.5 KiB
YAML
122 wiersze
4.5 KiB
YAML
# pre_check stage
|
|
clang_tidy_check:
|
|
extends:
|
|
- .pre_check_template
|
|
- .rules:patterns:clang_tidy
|
|
artifacts:
|
|
paths:
|
|
- clang_tidy_reports/
|
|
expire_in: 1 week
|
|
when: always
|
|
variables:
|
|
IDF_TOOLCHAIN: clang
|
|
script:
|
|
- run_cmd idf_clang_tidy $(cat tools/ci/clang_tidy_dirs.txt | xargs)
|
|
--output-path clang_tidy_reports
|
|
--limit-file tools/ci/static-analysis-rules.yml
|
|
--xtensa-include-dir
|
|
|
|
check_pylint:
|
|
extends:
|
|
- .pre_check_template
|
|
- .rules:patterns:python-files
|
|
needs:
|
|
- pipeline_variables
|
|
artifacts:
|
|
reports:
|
|
codequality: pylint.json
|
|
paths:
|
|
- pylint.json
|
|
expire_in: 1 week
|
|
when: always
|
|
script:
|
|
- |
|
|
if [ -n "$CI_MERGE_REQUEST_IID" ]; then
|
|
export files=$(echo "$GIT_DIFF_OUTPUT" | grep ".py$" | xargs);
|
|
else
|
|
export files=$(git ls-files "*.py" | xargs);
|
|
fi
|
|
- if [ -z "$files" ]; then echo "No python files found"; exit 0; fi
|
|
- run_cmd pylint --exit-zero --load-plugins=pylint_gitlab --output-format=gitlab-codeclimate:pylint.json $files
|
|
|
|
# build stage
|
|
# Sonarqube related jobs put here for this reason:
|
|
# Here we have two jobs. code_quality_check and code_quality_report.
|
|
#
|
|
# code_quality_check will analyze the code changes between your MR and
|
|
# code repo stored in sonarqube server. The analysis result is only shown in
|
|
# the comments under this MR and won't be transferred to the server.
|
|
#
|
|
# code_quality_report will analyze and transfer both of the newly added code
|
|
# and the analysis result to the server.
|
|
#
|
|
# Put in the front to ensure that the newly merged code can be stored in
|
|
# sonarqube server ASAP, in order to avoid reporting unrelated code issues
|
|
.sonar_scan_template:
|
|
stage: build
|
|
extends: .pre_check_template
|
|
# full clone since this image does not support fetch --shallow-since-cutoff
|
|
# shiny runners are used for full clone
|
|
tags: [build, shiny]
|
|
image: $SONARQUBE_SCANNER_IMAGE
|
|
before_script:
|
|
- source tools/ci/utils.sh
|
|
- export PYTHONPATH="$CI_PROJECT_DIR/tools:$CI_PROJECT_DIR/tools/ci/python_packages:$PYTHONPATH"
|
|
- fetch_submodules
|
|
# Exclude the submodules, all paths ends with /**
|
|
- submodules=$(get_all_submodules)
|
|
# get all exclude paths specified in tools/ci/sonar_exclude_list.txt | ignore lines start with # | xargs | replace all <space> to <comma>
|
|
- custom_excludes=$(cat $CI_PROJECT_DIR/tools/ci/sonar_exclude_list.txt | grep -v '^#' | xargs | sed -e 's/ /,/g')
|
|
# Exclude the report dir as well
|
|
- export EXCLUSIONS="$custom_excludes,$submodules"
|
|
- export SONAR_SCANNER_OPTS="-Xmx2048m"
|
|
variables:
|
|
GIT_DEPTH: 0
|
|
REPORT_PATTERN: clang_tidy_reports/**/*.txt
|
|
artifacts:
|
|
paths:
|
|
- $REPORT_PATTERN
|
|
expire_in: 1 week
|
|
when: always
|
|
dependencies: # Here is not a hard dependency relationship, could be skipped when only python files changed. so we do not use "needs" here.
|
|
- clang_tidy_check
|
|
|
|
code_quality_check:
|
|
extends:
|
|
- .sonar_scan_template
|
|
- .rules:patterns:static-code-analysis-preview
|
|
allow_failure: true # it's using exit code to indicate the code analysis result,
|
|
# we don't want to block ci when critical issues founded
|
|
script:
|
|
- export CI_MERGE_REQUEST_COMMITS=$(python ${CI_PROJECT_DIR}/tools/ci/ci_get_mr_info.py commits --src-branch ${CI_COMMIT_REF_NAME} | tr '\n' ',')
|
|
# test if this branch have merge request, if not, exit 0
|
|
- test -n "$CI_MERGE_REQUEST_IID" || exit 0
|
|
- test -n "$CI_MERGE_REQUEST_COMMITS" || exit 0
|
|
- sonar-scanner
|
|
-Dsonar.analysis.mode=preview
|
|
-Dsonar.branch.name=$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME
|
|
-Dsonar.cxx.clangtidy.reportPath=$REPORT_PATTERN
|
|
-Dsonar.exclusions=$EXCLUSIONS
|
|
-Dsonar.gitlab.ci_merge_request_iid=$CI_MERGE_REQUEST_IID
|
|
-Dsonar.gitlab.commit_sha=$CI_MERGE_REQUEST_COMMITS
|
|
-Dsonar.gitlab.merge_request_discussion=true
|
|
-Dsonar.gitlab.ref_name=$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME
|
|
-Dsonar.host.url=$SONAR_HOST_URL
|
|
-Dsonar.login=$SONAR_LOGIN
|
|
|
|
code_quality_report:
|
|
extends:
|
|
- .sonar_scan_template
|
|
- .rules:protected
|
|
allow_failure: true # it's using exit code to indicate the code analysis result,
|
|
# we don't want to block ci when critical issues founded
|
|
script:
|
|
- sonar-scanner
|
|
-Dsonar.branch.name=$CI_COMMIT_REF_NAME
|
|
-Dsonar.cxx.clangtidy.reportPath=$REPORT_PATTERN
|
|
-Dsonar.exclusions=$EXCLUSIONS
|
|
-Dsonar.gitlab.commit_sha=$PIPELINE_COMMIT_SHA
|
|
-Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
|
|
-Dsonar.host.url=$SONAR_HOST_URL
|
|
-Dsonar.login=$SONAR_LOGIN
|