Include source code analysis

[axel3rd]

See: https://github.com/marketplace/actions/sonarcloud-scan

@peio42 : Please create on https://sonarcloud.io/

• New project with key org.blutch:uvpp
• Please create a SonarCloud token and store it as secret (SONAR_TOKEN) in repo secrets

[axel3rd]

Argh, SonarCloud GitHub action seems not (now) support C/C++ analysis 😭 : https://github.com/SonarSource/sonarcloud-github-action#do-not-use-this-github-action-if-you-are-in-the-following-situations

This language requires build-wrapper usage, seems not been included into action. But perhaps can be done "manually" ... to investigate.

[axel3rd]

Wrapper URL download: http://sonarcloud.io/static/cpp/build-wrapper-linux-x86.zip

[axel3rd]

@peio42 : A Makefile on root where make (as currently) / make clean / make test would be more simple.

[peio42]

See "codeAnalysis" branch for that (which will evolve to run code analsysis) make => build test program & runs it make test => build test program make clean => remove object files

[axel3rd]

Please create a SonarCloud token and store it as secret (SONAR_TOKEN) in repo secrets

@peio42 In your hand 😁 : https://github.com/peio42/uvpp/runs/1473975983?check_suite_focus=true#step:7:10

[peio42]

@axel3rd : java.lang.IllegalStateException: The "build-wrapper-dump.json" file was found but 0 C/C++/Objective-C files were analyzed. Please make sure that:

• you are using the latest version of the build-wrapper and the CFamily analyzer
• you are correctly invoking the scanner with correct configuration
• your compiler is supported
• you are wrapping your build correctly
• you are wrapping a full/clean build
• you are providing the path to the correct build-wrapper output directory
• you are building and analyzing the same source checkout, absolute paths must be identical in build and analysis steps

[axel3rd]

java.lang.IllegalStateException: The "build-wrapper-dump.json" file was found but 0 C/C++/Objective-C files were analyzed. Please make sure that:

Humm ... don't know why 😢. I would test if removing the "sub call of make" could produce a better result.

[axel3rd]

See https://community.sonarsource.com/t/the-build-wrapper-dump-json-file-was-found-but-0-c-c-objective-c-files-were-analyzed/15944, perhaps it is not supported, because compilation and analysis (in docker) are not done in the same environment.

But I can reproduce the problem locally ... so perhaps not in this case (even if it smells not good).

[axel3rd]

I can analyse the project locally but with:

• One Makefile on root directory
• A sonar.sources=.

So there is a understanding to have with subdirectories. Perhaps a problem is that uvpp doesn't contain sources but only headers. Adding examples as sources can perhaps be a solution.

I will provide some change (that works but perhaps not sustainable) to see if analyse with GitHub Action could be OK (because not supported officially).

[axel3rd]

see if analyse with GitHub Action could be OK (because not supported officially).

Really not supported https://github.com/peio42/uvpp/runs/1489280883?check_suite_focus=true#step:7:133 😢

[axel3rd]

Scanner inside container is definitively dead ... it execute Probing compiler: [/usr/lib/llvm-10/bin/clang, -x, c++, --std, c++17, -v, -dM, -E, -] to have define info ... compiler is not inside container => 🖕.

I will try manually with scanner

[axel3rd]

I will try manually with scanner

@peio42 : It is ok 👍, now: https://sonarcloud.io/dashboard?branch=codeAnalysis&id=org.blutch%3Auvpp (branch sample ... when master will be analysed it will be better)

TODO:

• [x] I need to analyse why PullRequest decoration is not done (perhaps because all is done manually)
• [x] Badge icon should be added into README
• [ ] We need check if Google Test can provide a coverage report supported by SonarCloud (https://docs.sonarqube.org/latest/analysis/coverage/)
• [ ] Adding samples could be great but lambda problem again: https://github.com/peio42/uvpp/blob/1cd98ffc66f598afd1c8665f4189ee07b838153d/Makefile#L8
• [ ] Not sure of my update into Makefile because only make in ci-tests.yml seems not work https://github.com/peio42/uvpp/blob/1cd98ffc66f598afd1c8665f4189ee07b838153d/Makefile#L12-L15 https://github.com/peio42/uvpp/blob/1cd98ffc66f598afd1c8665f4189ee07b838153d/.github/workflows/ci-tests.yml#L25

[axel3rd]

I need to analyse why PullRequest decoration is not done (perhaps because all is done manually)

@peio42 : You should Enable summary comment in project settings: https://sonarcloud.io/project/settings?category=pull_request&id=org.blutch%3Auvpp

[peio42]

[image: image.png] It is by default...

Le sam. 5 déc. 2020 à 18:13, Alix Lourme notifications@github.com a écrit :

I need to analyse why PullRequest decoration is not done (perhaps because all is done manually)

@peio42 https://github.com/peio42 : You should Enable summary comment in project settings: https://sonarcloud.io/project/settings?category=pull_request&id=org.blutch%3Auvpp

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/peio42/uvpp/issues/3#issuecomment-739322663, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKVMZSIRBBOASRBTLKK2H3TSTJS4XANCNFSM4UGT7WJQ .

[axel3rd]

It is by default...

So perhaps to be complicated with scanner executed manually ... to see in the future