diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index e782ae0c3..e8c830caa 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -525,6 +525,87 @@ test_ldgen_on_host: # check no crashes found - test -z "$(ls out/crashes/)" || exit 1 +.clang_tidy_check_template: &clang_tidy_check_template + stage: host_test + image: ${CI_DOCKER_REGISTRY}/clang-static-analysis + tags: + - host_test + dependencies: [] + artifacts: + reports: + junit: $IDF_PATH/output.xml + when: always + paths: + - $IDF_PATH/examples/get-started/hello_world/tidybuild/report/* + expire_in: 1 day + script: + - git clone $IDF_ANALYSIS_UTILS static_analysis_utils && cd static_analysis_utils + # Setup parameters of triggered/regular job + - export TRIGGERED_RELATIVE=${BOT_LABEL_STATIC_ANALYSIS-} && export TRIGGERED_ABSOLUTE=${BOT_LABEL_STATIC_ANALYSIS_ALL-} && export TARGET_BRANCH=${BOT_CUSTOMIZED_REVISION-} + - ./analyze.sh $IDF_PATH/examples/get-started/hello_world/ $IDF_PATH/tools/ci/static-analysis-rules.yml $IDF_PATH/output.xml + +.clang_tidy_deploy_template: &clang_tidy_deploy_template + stage: deploy + image: $CI_DOCKER_REGISTRY/esp32-ci-env + tags: + - deploy + script: + - mkdir -p ~/.ssh + - chmod 700 ~/.ssh + - echo -n $DOCS_DEPLOY_KEY > ~/.ssh/id_rsa_base64 + - base64 --decode --ignore-garbage ~/.ssh/id_rsa_base64 > ~/.ssh/id_rsa + - chmod 600 ~/.ssh/id_rsa + - echo -e "Host $DOCS_SERVER\n\tStrictHostKeyChecking no\n\tUser $DOCS_SERVER_USER\n" >> ~/.ssh/config + - export GIT_VER=$(git describe --always) + - cd $IDF_PATH/examples/get-started/hello_world/tidybuild + - mv report $GIT_VER + - tar czvf $GIT_VER.tar.gz $GIT_VER + - export STATIC_REPORT_PATH="web/static_analysis/esp-idf/" + - ssh $DOCS_SERVER -x "mkdir -p $STATIC_REPORT_PATH/clang-tidy" + - scp $GIT_VER.tar.gz $DOCS_SERVER:$STATIC_REPORT_PATH/clang-tidy + - ssh $DOCS_SERVER -x "cd $STATIC_REPORT_PATH/clang-tidy && tar xzvf $GIT_VER.tar.gz && rm -f latest && ln -s $GIT_VER latest" + # add link to view the report + - echo "[static analysis][clang tidy] $CI_DOCKER_REGISTRY/static_analysis/esp-idf/clang-tidy/${GIT_VER}/index.html" + - test ! -e ${GIT_VER}/FAILED_RULES || { echo 'Failed static analysis rules!'; cat ${GIT_VER}/FAILED_RULES; exit 1; } + +clang_tidy_check: + <<: *clang_tidy_check_template + variables: + BOT_NEEDS_TRIGGER_BY_NAME: 1 + BOT_LABEL_STATIC_ANALYSIS: 1 + +clang_tidy_check_regular: + <<: *clang_tidy_check_template + +clang_tidy_check_all: + <<: *clang_tidy_check_template + variables: + BOT_NEEDS_TRIGGER_BY_NAME: 1 + BOT_LABEL_STATIC_ANALYSIS_ALL: 1 + +clang_tidy_deploy: + <<: *clang_tidy_deploy_template + dependencies: + - clang_tidy_check + - clang_tidy_check_all + variables: + BOT_NEEDS_TRIGGER_BY_NAME: 1 + +clang_tidy_deploy_regular: + <<: *clang_tidy_deploy_template + dependencies: + - clang_tidy_check_regular + only: + refs: + - master + - /^release\/v/ + - /^v\d+\.\d+(\.\d+)?($|-)/ + - triggers + - schedules + variables: + - $BOT_LABEL_STATIC_ANALYSIS + - $BOT_LABEL_STATIC_ANALYSIS_ALL + test_mdns_fuzzer_on_host: <<: *host_fuzzer_test_template variables: diff --git a/tools/ci/static-analysis-rules.yml b/tools/ci/static-analysis-rules.yml new file mode 100644 index 000000000..6678b85cb --- /dev/null +++ b/tools/ci/static-analysis-rules.yml @@ -0,0 +1,23 @@ +limits: + "clang-analyzer-core.NullDereference" : 9 + "clang-analyzer-unix.Malloc" : 9 + +ignore: + - "llvm-header-guard" + - "llvm-include-order" + +skip: + - "components/mbedtls/mbedtls" + - "components/lwip/lwip" + - "components/asio/asio" + - "components/bootloader/subproject/components/micro-ecc/micro-ecc" + - "components/bt/lib" + - "components/coap/libcoap" + - "components/esp_wifi/lib_esp32" + - "components/expat/expat" + - "components/json/cJSON" + - "components/libsodium/libsodium" + - "components/nghttp/nghttp2" + - "components/protobuf-c/protobuf-c" + - "components/spiffs/spiffs" + - "components/unity/unity"