[clang] [llvm] Add SonarCloud (PR #94745)

Balazs Benics via cfe-commits cfe-commits at lists.llvm.org
Fri Jun 7 04:04:44 PDT 2024


https://github.com/steakhal updated https://github.com/llvm/llvm-project/pull/94745

>From 099e93f425293daf376eccbe6fd771f297126588 Mon Sep 17 00:00:00 2001
From: Balazs Benics <benicsbalazs at gmail.com>
Date: Fri, 7 Jun 2024 12:55:07 +0200
Subject: [PATCH 1/3] Add initial SonarCloud config

---
 .github/workflows/clang-tests-sonar-cloud.yml |  38 +++++
 .../llvm-project-tests-sonar-cloud.yml        | 146 ++++++++++++++++++
 sonar-project.properties                      |   7 +
 3 files changed, 191 insertions(+)
 create mode 100644 .github/workflows/clang-tests-sonar-cloud.yml
 create mode 100644 .github/workflows/llvm-project-tests-sonar-cloud.yml
 create mode 100644 sonar-project.properties

diff --git a/.github/workflows/clang-tests-sonar-cloud.yml b/.github/workflows/clang-tests-sonar-cloud.yml
new file mode 100644
index 0000000000000..2969687708629
--- /dev/null
+++ b/.github/workflows/clang-tests-sonar-cloud.yml
@@ -0,0 +1,38 @@
+name: Clang Tests with SonarScanner
+
+permissions:
+  contents: read
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - 'release/**'
+    paths:
+      - 'clang/**'
+      - '.github/workflows/clang-tests-sonar-cloud.yml'
+      - '.github/workflows/llvm-project-tests-sonar-cloud.yml'
+      - '!llvm/**'
+  pull_request:
+    branches:
+      - 'release/**'
+    paths:
+      - 'clang/**'
+      - '.github/workflows/clang-tests-sonar-cloud.yml'
+      - '.github/workflows/llvm-project-tests-sonar-cloud.yml'
+      - '!llvm/**'
+
+concurrency:
+  # Skip intermediate builds: always.
+  # Cancel intermediate builds: only if it is a pull request build.
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: ${{ startsWith(github.ref, 'refs/pull/') }}
+
+jobs:
+  check_clang:
+    if: github.repository_owner == 'llvm'
+    name: Test clang,lldb,libclc
+    uses: ./.github/workflows/llvm-project-tests-sonar-cloud.yml
+    with:
+      build_target: check-clang
+      projects: clang;lldb;libclc
diff --git a/.github/workflows/llvm-project-tests-sonar-cloud.yml b/.github/workflows/llvm-project-tests-sonar-cloud.yml
new file mode 100644
index 0000000000000..7c489effda92f
--- /dev/null
+++ b/.github/workflows/llvm-project-tests-sonar-cloud.yml
@@ -0,0 +1,146 @@
+name: LLVM Project Tests and analyze with SonarScanner
+
+permissions:
+  contents: read
+
+on:
+  workflow_dispatch:
+    inputs:
+      build_target:
+        required: false
+      projects:
+        required: false
+      extra_cmake_args:
+        required: false
+      os_list:
+        required: false
+        default: '["ubuntu-latest"]'
+      python_version:
+        required: false
+        type: string
+        default: '3.11'
+  workflow_call:
+    inputs:
+      build_target:
+        required: false
+        type: string
+        default: "all"
+
+      projects:
+        required: true
+        type: string
+
+      extra_cmake_args:
+        required: false
+        type: string
+
+      os_list:
+        required: false
+        type: string
+        # Use windows-2019 due to:
+        # https://developercommunity.visualstudio.com/t/Prev-Issue---with-__assume-isnan-/1597317
+        default: '["ubuntu-latest"]'
+
+      python_version:
+        required: false
+        type: string
+        default: '3.11'
+
+concurrency:
+  # Skip intermediate builds: always.
+  # Cancel intermediate builds: only if it is a pull request build.
+  # If the group name here is the same as the group name in the workflow that includes
+  # this one, then the action will try to wait on itself and get stuck.
+  group: llvm-project-${{ github.workflow }}-${{ inputs.projects }}${{ github.ref }}
+  cancel-in-progress: ${{ startsWith(github.ref, 'refs/pull/') }}
+
+jobs:
+  lit-tests:
+    name: Lit Tests
+    runs-on: ${{ matrix.os }}
+    container:
+      image: ${{(startsWith(matrix.os, 'ubuntu') && 'ghcr.io/llvm/ci-ubuntu-22.04:latest') || null}}
+      volumes:
+        - /mnt/:/mnt/
+    strategy:
+      fail-fast: false
+      matrix:
+        os: ${{ fromJSON(inputs.os_list) }}
+    steps:
+      - name: Setup Windows
+        if: startsWith(matrix.os, 'windows')
+        uses: llvm/actions/setup-windows at main
+        with:
+          arch: amd64
+      # On Windows, starting with win19/20220814.1, cmake choose the 32-bit
+      # python3.10.6 libraries instead of the 64-bit libraries when building
+      # lldb.  Using this setup-python action to make 3.10 the default
+      # python fixes this.
+      - name: Setup Python
+        uses: actions/setup-python at v4
+        with:
+          python-version: ${{ inputs.python_version }}
+      - name: Install Ninja
+        if: runner.os != 'Linux'
+        uses: llvm/actions/install-ninja at main
+      # actions/checkout deletes any existing files in the new git directory,
+      # so this needs to either run before ccache-action or it has to use
+      # clean: false.
+      - uses: actions/checkout at v4
+        with:
+          fetch-depth: 250
+      - name: Setup ccache
+        uses: hendrikmuhs/ccache-action at v1
+        with:
+          # A full build of llvm, clang, lld, and lldb takes about 250MB
+          # of ccache space. There's not much reason to have more than this,
+          # because we usually won't need to save cache entries from older
+          # builds.  Also, there is an overall 10GB cache limit, and each
+          # run creates a new cache entry so we want to ensure that we have
+          # enough cache space for all the tests to run at once and still
+          # fit under the 10 GB limit.
+          # Default to 2G to workaround: https://github.com/hendrikmuhs/ccache-action/issues/174
+          max-size: 2G
+          key: ${{ matrix.os }}
+          variant: sccache
+      - name: Install sonar-scanner and build-wrapper
+        uses: SonarSource/sonarcloud-github-c-cpp at v2
+      - name: Build and log with Build Wrapper
+        env:
+          # Workaround for https://github.com/actions/virtual-environments/issues/5900.
+          # This should be a no-op for non-mac OSes
+          PKG_CONFIG_PATH: /usr/local/Homebrew/Library/Homebrew/os/mac/pkgconfig//12
+        shell: bash
+        id: build-llvm
+        run: |
+          if [ "${{ runner.os }}" == "Linux" ]; then
+            builddir="/mnt/build/"
+            mkdir -p $builddir
+            extra_cmake_args="-DCMAKE_CXX_COMPILER=clang++ -DCMAKE_C_COMPILER=clang"
+          else
+            builddir="$(pwd)"/build
+          fi
+          if [ "${{ runner.os }}" == "macOS" ]; then
+            # Workaround test failure on some lld tests on MacOS
+            # https://github.com/llvm/llvm-project/issues/81967
+            extra_cmake_args="-DLLVM_DISABLE_ASSEMBLY_FILES=ON"
+          fi
+          echo "llvm-builddir=$builddir" >> "$GITHUB_OUTPUT"
+          cmake -G Ninja \
+                -B "$builddir" \
+                -S llvm \
+                -DLLVM_ENABLE_PROJECTS="${{ inputs.projects }}" \
+                -DCMAKE_BUILD_TYPE=Release \
+                -DLLVM_ENABLE_ASSERTIONS=ON \
+                -DLLDB_INCLUDE_TESTS=OFF \
+                -DCMAKE_C_COMPILER_LAUNCHER=sccache \
+                -DCMAKE_CXX_COMPILER_LAUNCHER=sccache \
+                $extra_cmake_args \
+                ${{ inputs.extra_cmake_args }}
+          build-wrapper-linux-x86-64 --out-dir bwout \
+            ninja -C "$builddir" '${{ inputs.build_target }}'
+      - name: Run sonar-scanner
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: |
+          sonar-scanner --define sonar.cfamily.compile-commands="bwout/compile_commands.json"
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 0000000000000..e213f623be8b3
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,7 @@
+sonar.projectKey=steakhal_llvm-project
+sonar.organization=balazs-benics
+sonar.projectName=llvm-project
+
+sonar.sources=clang,llvm
+sonar.inclusions=**/*.c,**/*.cc,**/*.cpp,**/*.cxx,**/*.h
+sonar.exclusions=**/examples/**,**/unittests/**,**/benchmarks/**,**/benchmark/**,compiler-rt/lib/crt/crt*.c,**/*Fuzzer.*,**/test/**,clang/lib/Testing/*.cpp

>From da2900a70a1f5ca4ecffa6d5a1736318f3176e7d Mon Sep 17 00:00:00 2001
From: Balazs Benics <benicsbalazs at gmail.com>
Date: Fri, 7 Jun 2024 13:02:34 +0200
Subject: [PATCH 2/3] trigger analysis

---
 clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
index 238e87a712a43..ff6900b4acf1e 100644
--- a/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp
@@ -56,7 +56,7 @@ static ErrorMessage createOutOfBoundErrorMsg(StringRef FunctionDescription,
      << &FunctionDescription.data()[1];
 
   if (Access == AccessKind::write) {
-    Os << " overflows the destination buffer";
+    Os << " overflows the destination buffer"; // testtest
   } else { // read access
     Os << " accesses out-of-bound array element";
   }

>From cd6f174776f2a974c181c04156c352e6c4375929 Mon Sep 17 00:00:00 2001
From: Balazs Benics <benicsbalazs at gmail.com>
Date: Fri, 7 Jun 2024 13:04:33 +0200
Subject: [PATCH 3/3] Enable for steakhal repo owner

---
 .github/workflows/clang-tests-sonar-cloud.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/clang-tests-sonar-cloud.yml b/.github/workflows/clang-tests-sonar-cloud.yml
index 2969687708629..1dad77dbe6072 100644
--- a/.github/workflows/clang-tests-sonar-cloud.yml
+++ b/.github/workflows/clang-tests-sonar-cloud.yml
@@ -30,7 +30,7 @@ concurrency:
 
 jobs:
   check_clang:
-    if: github.repository_owner == 'llvm'
+    if: github.repository_owner == 'steakhal'
     name: Test clang,lldb,libclc
     uses: ./.github/workflows/llvm-project-tests-sonar-cloud.yml
     with:



More information about the cfe-commits mailing list