ci: add GitHub Actions workflows #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: SonarCloud Analysis | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - staging/* | |
| - next_stable | |
| - '20*' | |
| pull_request: | |
| branches: | |
| - main | |
| - next_stable | |
| - '20*' | |
| env: | |
| # SonarCloud configuration | |
| SONAR_SCANNER_VERSION: 5.0.1.3006 | |
| jobs: | |
| sonarcloud: | |
| name: SonarCloud Analysis | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # Shallow clones should be disabled for better analysis | |
| - name: Setup Java 17 | |
| uses: actions/setup-java@v3 | |
| with: | |
| java-version: '17' | |
| distribution: 'temurin' | |
| - name: Install build dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y build-essential gcc-arm-none-eabi lcov python3-pip bear | |
| pip3 install gcovr | |
| - name: Setup Ruby for tests | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| ruby-version: '3.0' | |
| bundler-cache: false | |
| - name: Install Ceedling for test coverage | |
| run: | | |
| gem install ceedling | |
| - name: Verify ARM toolchain | |
| run: | | |
| which arm-none-eabi-gcc | |
| arm-none-eabi-gcc --version | |
| - name: Cache SonarCloud packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.sonar/cache | |
| key: ${{ runner.os }}-sonar | |
| restore-keys: ${{ runner.os }}-sonar | |
| - name: Download and setup SonarCloud scanner | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| run: | | |
| wget -qO- "https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux.zip" > /tmp/sonar-scanner.zip | |
| unzip -q /tmp/sonar-scanner.zip -d /tmp/ | |
| echo "/tmp/sonar-scanner-${SONAR_SCANNER_VERSION}-linux/bin" >> $GITHUB_PATH | |
| - name: Generate test coverage reports | |
| run: | | |
| echo "=== Generating test coverage for SonarCloud ===" | |
| # Find test directories | |
| test_dirs=$(find tests -name "project.yml" -type f -exec dirname {} \;) | |
| # Create combined coverage directory | |
| mkdir -p coverage | |
| # Run tests and collect coverage for each test suite | |
| for test_dir in $test_dirs; do | |
| echo "Running coverage for: $test_dir" | |
| cd "$test_dir" | |
| # Run tests with coverage | |
| if ceedling gcov:all > test_output.txt 2>&1; then | |
| echo "✅ Tests completed for $test_dir" | |
| # Copy coverage files to combined directory | |
| if [ -d "build/artifacts/gcov" ]; then | |
| cp -r build/artifacts/gcov/* ../../../coverage/ 2>/dev/null || true | |
| fi | |
| else | |
| echo "⚠️ Tests failed or incomplete for $test_dir" | |
| fi | |
| cd - > /dev/null | |
| done | |
| # Generate combined coverage report in XML format for SonarCloud | |
| if [ -d "coverage" ] && [ "$(ls -A coverage)" ]; then | |
| echo "Generating combined coverage report..." | |
| gcovr --xml --xml-pretty --exclude-unreachable-branches \ | |
| --print-summary -o coverage/coverage.xml \ | |
| --root . coverage/ || echo "Coverage report generation completed with warnings" | |
| else | |
| echo "No coverage data found, creating empty report" | |
| echo '<?xml version="1.0" ?><coverage version="1"><sources></sources></coverage>' > coverage/coverage.xml | |
| fi | |
| - name: Generate compile_commands.json | |
| run: | | |
| # Verify ARM toolchain is available | |
| if ! command -v arm-none-eabi-gcc &> /dev/null; then | |
| echo "❌ ARM toolchain not found" | |
| exit 1 | |
| fi | |
| echo "✅ ARM toolchain found: $(which arm-none-eabi-gcc)" | |
| echo "Version: $(arm-none-eabi-gcc --version | head -1)" | |
| # Generate compile_commands.json using bear | |
| cd drivers | |
| # Clean previous builds to ensure fresh compilation | |
| make clean || true | |
| # Generate compilation database with bear | |
| if bear -- make -j$(nproc); then | |
| echo "✅ Compilation successful" | |
| else | |
| echo "⚠️ Compilation had warnings/errors but may have produced compile_commands.json" | |
| fi | |
| # Move compile_commands.json to root directory | |
| if [ -f "compile_commands.json" ]; then | |
| mv compile_commands.json ../ | |
| cd .. | |
| echo "✅ compile_commands.json generated successfully" | |
| echo "📊 Files captured: $(grep -c '"file":' compile_commands.json)" | |
| echo "📁 Sample files:" | |
| grep '"file":' compile_commands.json | head -3 | sed 's/.*"file": "\([^"]*\)".*/ - \1/' | |
| else | |
| cd .. | |
| echo "⚠️ compile_commands.json not generated" | |
| # Create a minimal compile_commands.json as fallback | |
| echo "Creating minimal compile_commands.json as fallback..." | |
| echo '[{"directory":"/github/workspace/drivers","command":"arm-none-eabi-gcc -c -Wall -Wformat=0 -DIIO_SUPPORT -I../include/ -I../projects/drivers/util/ example.c","file":"example.c"}]' > compile_commands.json | |
| echo "📝 Created minimal compile_commands.json for basic analysis" | |
| fi | |
| - name: Run SonarCloud Scan | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| run: | | |
| # Check if compile_commands.json exists | |
| if [ -f "compile_commands.json" ]; then | |
| echo "✅ Using compile_commands.json for enhanced C/C++ analysis" | |
| COMPILE_COMMANDS_PARAM="-Dsonar.cfamily.compile-commands=compile_commands.json" | |
| else | |
| echo "⚠️ No compile_commands.json found, using basic analysis" | |
| COMPILE_COMMANDS_PARAM="" | |
| fi | |
| sonar-scanner \ | |
| -Dsonar.projectKey=adiceline_no-OS \ | |
| -Dsonar.organization=adiceline \ | |
| -Dsonar.host.url=https://sonarcloud.io \ | |
| -Dsonar.sources=drivers,include,iio,jesd204,libraries,network \ | |
| -Dsonar.tests=tests \ | |
| ${COMPILE_COMMANDS_PARAM} \ | |
| -Dsonar.cfamily.cache.enabled=true \ | |
| -Dsonar.cfamily.threads=2 \ | |
| -Dsonar.c.file.suffixes=.c \ | |
| -Dsonar.cpp.file.suffixes=.cpp,.cc,.cxx \ | |
| -Dsonar.objc.file.suffixes=.m \ | |
| -Dsonar.coverage.gcov.xmlReportPaths=coverage/coverage.xml \ | |
| -Dsonar.exclusions="**/build/**,**/libraries/azure/**,**/libraries/mbed/**,**/libraries/mbedtls/**,**/tests/**/build/**" \ | |
| -Dsonar.test.exclusions="**/build/**" \ | |
| -Dsonar.scm.provider=git | |
| - name: Create SonarCloud Job Summary | |
| if: always() | |
| run: | | |
| # Extract project key and org for URL construction | |
| PROJECT_KEY="adiceline_no-OS" | |
| ORG_KEY="adiceline" | |
| SONARCLOUD_URL="https://sonarcloud.io/project/overview?id=${PROJECT_KEY}" | |
| # Check if compile_commands.json was generated | |
| if [ -f "compile_commands.json" ]; then | |
| COMPILE_DB_STATUS="✅ Generated ($(grep -c '"file":' compile_commands.json) files)" | |
| ANALYSIS_MODE="Enhanced with compilation database" | |
| else | |
| COMPILE_DB_STATUS="❌ Not available" | |
| ANALYSIS_MODE="Basic analysis mode" | |
| fi | |
| cat >> $GITHUB_STEP_SUMMARY << EOF | |
| ## [📊 SonarCloud Analysis Results](${SONARCLOUD_URL}) | |
| ### 🎯 Analysis Complete | |
| | Metric | Details | | |
| |--------|---------| | |
| | 🔗 Dashboard | [View on SonarCloud](${SONARCLOUD_URL}) | | |
| | 📋 Project Key | \`${PROJECT_KEY}\` | | |
| | 🏢 Organization | \`${ORG_KEY}\` | | |
| | 📈 Branch | \`${{ github.ref_name }}\` | | |
| | 🔧 Analysis Mode | ${ANALYSIS_MODE} | | |
| | 📁 Compile Database | ${COMPILE_DB_STATUS} | | |
| ### 🔍 What's Analyzed | |
| - **Source Code**: drivers, include, iio, jesd204, libraries, network | |
| - **Tests**: tests directory (excluded from main analysis) | |
| - **Coverage**: Combined test coverage from Ceedling/gcov | |
| - **Languages**: C/C++ with cfamily analyzer | |
| - **Toolchain**: ARM GCC $(arm-none-eabi-gcc --version 2>/dev/null | head -1 | sed 's/.*) //' || echo "Not available") | |
| ### 📊 Key Metrics Available | |
| - 🐛 **Bugs**: Reliability issues | |
| - 🔒 **Security Vulnerabilities**: Security hotspots and vulnerabilities | |
| - 📏 **Code Smells**: Maintainability issues | |
| - 📊 **Coverage**: Test coverage percentage | |
| - 🔄 **Duplications**: Code duplication analysis | |
| - 📈 **Technical Debt**: Estimated time to fix issues | |
| > 💡 **Tip**: Click the dashboard link above to explore detailed metrics, quality gates, and historical trends | |
| ### 🚀 Next Steps | |
| 1. Review the SonarCloud dashboard for detailed analysis | |
| 2. Set up quality gates based on your project standards | |
| 3. Configure branch analysis for pull requests | |
| 4. Integrate SonarCloud badges in your README | |
| ### 🔧 Analysis Details | |
| - **ARM Toolchain**: $(which arm-none-eabi-gcc 2>/dev/null || echo "Not found in CI") | |
| - **Bear Version**: $(bear --version 2>/dev/null || echo "Not available") | |
| - **Workflow Status**: ${{ job.status }} | |
| EOF | |
| - name: Upload coverage reports | |
| if: always() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: sonarcloud-coverage | |
| path: | | |
| coverage/ | |
| tests/**/build/artifacts/gcov/ | |
| retention-days: 30 |