Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Run sonarcloud using compilation database #11629

Conversation

balaji-nordic
Copy link

No description provided.

Balaji Srinivasan added 30 commits June 21, 2023 16:18
Add workflow that rebases from ncs/main and creates a PR

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Add sonarcloud workflow

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
The workflow now invokes sonarcloud with coverage option.
This will make sonarcloud UI show code coverage data.

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Removed building of atv2 on all integration platforms because I am not
sure if invoking build wrapper twice, once for building atv2 for
integration platforms and once again for native_posix will work.

Run tests separately after building. Running the tests under build
wrapper fails mysterously for certain tests (lwm2m_* tests).

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
This avoids code owners (with access to my fork)  getting PR requests.

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Run all native_posix tests in sdk-nrf repo.

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Exclude modules from analysis.

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Expand the scope of sonarcloud to include integration tests. This has to
be run on self-hosted setup because github actions does not have the
resources to handle large twister runs.

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
We dont want to analyse zephyr repo

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
And also the code coverage

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
This reverts commit beb643f.

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
This is to make it produce debug output

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Ignore vsdx files

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Clobber output when running unit tests

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
This is to make it print failures inline

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Created a new workflow file that runs sonarcloud by only invoking
twister for native_posix tests. The sonarcloud analysis on main branch
will run twister with integration scope and will take longer time to
complete.

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
This is mainly to exclude any failing unit tests

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Run native_posix tests on main so that sonarcloud
gets some info about main branch.

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Renamed to reflect what it does

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
This was done in sonarcloud for PR. Doing this in
main sonarcloud now.

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
We have another workflow that runs sonarcloud on integration scope on
pushes to main

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Exclude zephyr from code coverage collection

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
This is to debug any possible future failures

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
This was causing gcovr to fail with an assert. Its a known issue

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
They are now moved to sonar-project.properties file

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Add chatgpt review workflow

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Include python code in the sonarcloud analysis

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
This is to avoid conflicts due to changes in upstream

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Create codeql.yml for security analysis of c and python code

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
It has been fixed in ncs/main

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Balaji Srinivasan added 12 commits June 21, 2023 16:18
Make codeql run every day at 12am

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
The usage limit for the API expired for my acc. So removing this.

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
lwm2m_code test was fixed long time back. Removing from quarentine.
But the download_client test started failing on docker on github actions
(passes locally even in docker). My guess is that the failure is because
of ioctl call return 2 because docker was not run in privilaged mode by
github actions. Disabling now.

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Changed pull_request to pull_request_target

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
This is done because I have not disabled the sonarcloud (all platforms)
workflow on main.

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
- Use PR's head sha when checking out code when triggered from PR.
- Provided the PR number, head ref, sha to sonarcloud so that it
consideres the run as a PR run. It would not treat pull_request_target
events as a PR and hence wont do PR decoration if not done this way
- Also when building/running unit tests on PRs, we should not use
quarentine_downstream.yaml file as it is not available on the PR's
branch.

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
It is now included in the docker image

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Saves a lot of manual steps in the workflow

Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
Signed-off-by: Balaji Srinivasan <balaji.srinivasan@nordicsemi.no>
@github-actions github-actions bot added the changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added. label Jun 27, 2023
@balaji-nordic balaji-nordic deleted the run_sonarcloud_using_compilation_database branch June 27, 2023 12:58
@balaji-nordic balaji-nordic restored the run_sonarcloud_using_compilation_database branch June 27, 2023 12:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
changelog-entry-required Update changelog before merge. Remove label if entry is not needed or already added.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant