From 2a7b8b7447173f398eb07c96c854e1ed0c78f379 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Sat, 1 Jun 2024 07:22:16 +0000 Subject: [PATCH 01/13] [workflows] Add post-commit job that runs the clang static analyzer OpenSSF Best Practices recoomends running a static analyzer on software before it is released: https://www.bestpractices.dev/en/criteria/0#0.static_analysis --- .github/workflows/ci-post-commit-analyzer.yml | 64 +++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 .github/workflows/ci-post-commit-analyzer.yml diff --git a/.github/workflows/ci-post-commit-analyzer.yml b/.github/workflows/ci-post-commit-analyzer.yml new file mode 100644 index 00000000000000..b7ee832b8e8ea9 --- /dev/null +++ b/.github/workflows/ci-post-commit-analyzer.yml @@ -0,0 +1,64 @@ +name: Post-Commit Static Analyzer + +permissions: + contents: read + +on: + push: + branches: + - 'release/**' + paths: + - 'llvm/**' + pull_request: + paths: + - '.github/workflows/ci-post-commit-analyzer.yml' + schedule: + - cron: '30 0 * * *' + +concurrency: + group: >- + llvm-project-${{ github.workflow }}-${{ github.event_name == 'pull_request' && + ( github.event.pull_request.number || github.ref) }} + cancel-in-progress: ${{ startsWith(github.ref, 'refs/pull/') }} + +jobs: + post-commit-analyzer: + if: >- + github.repository_owner == 'llvm' && + github.event.action != 'closed' + runs-on: ubuntu-22.04 + steps: + - name: Checkout Source + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Install Dependencies + run: | + sudo apt-get update + sudo apt-get install \ + cmake \ + ninja-build \ + perl \ + clang-tools \ + clang + + - name: Configure + run: | + scan-build \ + --use-c++=clang++ \ + --use-cc=clang \ + cmake -B build -S llvm -G Ninja \ + -DLLVM_ENABLE_ASSERTIONS=ON \ + -DLLVM_BUILD_LLVM_DYLIB=ON \ + -DLLVM_LINK_LLVM_DYLIB=ON \ + -DCMAKE_BUILD_TYPE=Release + + - name: Build + run: | + scan-build -o analyzer-results --use-c++=clang++ --use-cc=clang ninja -v -C build + + - name: Upload Results + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 #v4.3.0 + with: + name: analyzer-results + path: 'analyzer-results/**/*' + From fe82839b116a8612afd385cf1ce2461be05b0bf5 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Sat, 1 Jun 2024 10:14:07 +0000 Subject: [PATCH 02/13] Use apt.llvm.org for the latest packages --- .github/workflows/ci-post-commit-analyzer.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci-post-commit-analyzer.yml b/.github/workflows/ci-post-commit-analyzer.yml index b7ee832b8e8ea9..7b7d5c3126aea5 100644 --- a/.github/workflows/ci-post-commit-analyzer.yml +++ b/.github/workflows/ci-post-commit-analyzer.yml @@ -27,23 +27,27 @@ jobs: github.repository_owner == 'llvm' && github.event.action != 'closed' runs-on: ubuntu-22.04 + env: + LLVM_VERSION: 18 steps: - name: Checkout Source uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install Dependencies run: | + sudo echo "deb http://apt.llvm.org/jammy/ llvm-toolchain-jammy-18 main" | sudo tee -a /etc/apt/sources.list.d/llvm.list + wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add - sudo apt-get update sudo apt-get install \ cmake \ ninja-build \ perl \ - clang-tools \ - clang + clang-tools-$LLVM_VERSION \ + clang-$LLVM_VERSION - name: Configure run: | - scan-build \ + scan-build-$LLVM_VERSION \ --use-c++=clang++ \ --use-cc=clang \ cmake -B build -S llvm -G Ninja \ @@ -54,7 +58,7 @@ jobs: - name: Build run: | - scan-build -o analyzer-results --use-c++=clang++ --use-cc=clang ninja -v -C build + scan-build-$LLVM_VERSION -o analyzer-results --use-c++=clang++ --use-cc=clang ninja -v -C build - name: Upload Results uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 #v4.3.0 From ac70506508aecae24f2785ad3ac93a0bf69106f4 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Sat, 1 Jun 2024 10:18:29 +0000 Subject: [PATCH 03/13] Run workflow on pushes when the workflow file itself is modified. --- .github/workflows/ci-post-commit-analyzer.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci-post-commit-analyzer.yml b/.github/workflows/ci-post-commit-analyzer.yml index 7b7d5c3126aea5..642cc6f214f846 100644 --- a/.github/workflows/ci-post-commit-analyzer.yml +++ b/.github/workflows/ci-post-commit-analyzer.yml @@ -9,6 +9,7 @@ on: - 'release/**' paths: - 'llvm/**' + - '.github/workflows/ci-post-commit-analyzer.yml' pull_request: paths: - '.github/workflows/ci-post-commit-analyzer.yml' From 3019e707ac626155113a71c9e783db0cb0e5cd8b Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Tue, 4 Jun 2024 00:03:50 +0000 Subject: [PATCH 04/13] Also test clang Added ccache support and used our pre-built clang to help speed up the build. Also passing -analyzer-config max-nodes=75000 to scan-build now. --- .github/workflows/ci-post-commit-analyzer.yml | 53 ++++++++++++++++--- 1 file changed, 46 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci-post-commit-analyzer.yml b/.github/workflows/ci-post-commit-analyzer.yml index 642cc6f214f846..833e10a0a467ff 100644 --- a/.github/workflows/ci-post-commit-analyzer.yml +++ b/.github/workflows/ci-post-commit-analyzer.yml @@ -11,6 +11,11 @@ on: - 'llvm/**' - '.github/workflows/ci-post-commit-analyzer.yml' pull_request: + types: + - opened + - synchronize + - reopened + - closed paths: - '.github/workflows/ci-post-commit-analyzer.yml' schedule: @@ -28,6 +33,8 @@ jobs: github.repository_owner == 'llvm' && github.event.action != 'closed' runs-on: ubuntu-22.04 + container: + image: 'ghcr.io/llvm/ci-ubuntu-22.04:latest' env: LLVM_VERSION: 18 steps: @@ -35,34 +42,66 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install Dependencies + env: + DEBIAN_FRONTEND: noninteractive run: | - sudo echo "deb http://apt.llvm.org/jammy/ llvm-toolchain-jammy-18 main" | sudo tee -a /etc/apt/sources.list.d/llvm.list - wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add - - sudo apt-get update - sudo apt-get install \ + apt-get update + apt-get -y install \ + wget \ + gnupg + echo "deb http://apt.llvm.org/jammy/ llvm-toolchain-jammy-18 main" | tee -a /etc/apt/sources.list.d/llvm.list + wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - + apt-get update + apt-get -y install \ cmake \ ninja-build \ perl \ clang-tools-$LLVM_VERSION \ clang-$LLVM_VERSION + - name: Setup ccache + uses: hendrikmuhs/ccache-action@v1 + with: + # A full build of llvm, clang, lld, and lldb takes about 250MB + # of ccache space. There's not much reason to have more than this, + # because we usually won't need to save cache entries from older + # builds. Also, there is an overall 10GB cache limit, and each + # run creates a new cache entry so we want to ensure that we have + # enough cache space for all the tests to run at once and still + # fit under the 10 GB limit. + # Default to 2G to workaround: https://github.com/hendrikmuhs/ccache-action/issues/174 + max-size: 2G + key: post-commit-analyzer + variant: ccache + - name: Configure run: | scan-build-$LLVM_VERSION \ - --use-c++=clang++ \ - --use-cc=clang \ + --use-c++='clang++' \ + --use-cc='clang' \ + -analyzer-config max-nodes=75000 \ cmake -B build -S llvm -G Ninja \ -DLLVM_ENABLE_ASSERTIONS=ON \ + -DLLVM_ENABLE_PROJECTS=clang \ -DLLVM_BUILD_LLVM_DYLIB=ON \ -DLLVM_LINK_LLVM_DYLIB=ON \ -DCMAKE_BUILD_TYPE=Release - name: Build run: | - scan-build-$LLVM_VERSION -o analyzer-results --use-c++=clang++ --use-cc=clang ninja -v -C build + # Create symlinks for use with ccache. + ln -s /usr/bin/ccache /usr/local/bin/clang++ + ln -s /usr/bin/ccache /usr/local/bin/clang + scan-build-$LLVM_VERSION \ + -o analyzer-results \ + --use-c++=/usr/local/bin/clang++ \ + --use-cc=/usr/local/bin/clang \ + -analyzer-config max-nodes=75000 \ + ninja -v -C build - name: Upload Results uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 #v4.3.0 + if: always() with: name: analyzer-results path: 'analyzer-results/**/*' From 5b25b45a313bff396d251f8b0e0e8b430e035c46 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Wed, 5 Jun 2024 20:04:34 +0000 Subject: [PATCH 05/13] Replace scan-build with a simple script --- .../ci-post-commit-analyzer-launcher.sh | 4 +++ .github/workflows/ci-post-commit-analyzer.yml | 30 +++++-------------- 2 files changed, 12 insertions(+), 22 deletions(-) create mode 100755 .github/workflows/ci-post-commit-analyzer-launcher.sh diff --git a/.github/workflows/ci-post-commit-analyzer-launcher.sh b/.github/workflows/ci-post-commit-analyzer-launcher.sh new file mode 100755 index 00000000000000..bccd91ffe79b9d --- /dev/null +++ b/.github/workflows/ci-post-commit-analyzer-launcher.sh @@ -0,0 +1,4 @@ +#!/bin/sh +ccache "$@" +"$@" --analyze --analyzer-output html -o analyzer-results \ + -Xclang -analyzer-config -Xclang max-nodes=75000 diff --git a/.github/workflows/ci-post-commit-analyzer.yml b/.github/workflows/ci-post-commit-analyzer.yml index 833e10a0a467ff..d4b9da26e6d9c3 100644 --- a/.github/workflows/ci-post-commit-analyzer.yml +++ b/.github/workflows/ci-post-commit-analyzer.yml @@ -45,19 +45,12 @@ jobs: env: DEBIAN_FRONTEND: noninteractive run: | - apt-get update - apt-get -y install \ - wget \ - gnupg - echo "deb http://apt.llvm.org/jammy/ llvm-toolchain-jammy-18 main" | tee -a /etc/apt/sources.list.d/llvm.list - wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | apt-key add - apt-get update apt-get -y install \ cmake \ ninja-build \ perl \ - clang-tools-$LLVM_VERSION \ - clang-$LLVM_VERSION + clang-tools - name: Setup ccache uses: hendrikmuhs/ccache-action@v1 @@ -76,33 +69,26 @@ jobs: - name: Configure run: | - scan-build-$LLVM_VERSION \ - --use-c++='clang++' \ - --use-cc='clang' \ - -analyzer-config max-nodes=75000 \ cmake -B build -S llvm -G Ninja \ -DLLVM_ENABLE_ASSERTIONS=ON \ -DLLVM_ENABLE_PROJECTS=clang \ -DLLVM_BUILD_LLVM_DYLIB=ON \ -DLLVM_LINK_LLVM_DYLIB=ON \ + -DCMAKE_CXX_COMPILER=clang++ \ + -DCMAKE_C_COMPILER=clang \ + -DCMAKE_CXX_COMPILER_LAUNCHER=`pwd`/.github/workflows/ci-post-commit-analyzer-launcher.sh \ + -DCMAKE_C_COMPILER_LAUNCHER=`pwd`/.github/workflows/ci-post-commit-analyzer-launcher.sh \ -DCMAKE_BUILD_TYPE=Release - name: Build run: | - # Create symlinks for use with ccache. - ln -s /usr/bin/ccache /usr/local/bin/clang++ - ln -s /usr/bin/ccache /usr/local/bin/clang - scan-build-$LLVM_VERSION \ - -o analyzer-results \ - --use-c++=/usr/local/bin/clang++ \ - --use-cc=/usr/local/bin/clang \ - -analyzer-config max-nodes=75000 \ - ninja -v -C build + ninja -v -C build + scan-build --generate-index-only build/analyzer-results - name: Upload Results uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 #v4.3.0 if: always() with: name: analyzer-results - path: 'analyzer-results/**/*' + path: 'build/analyzer-results/**/*' From 31b147e36e13f2cad93ff98a13ae8b5770e04c54 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Wed, 5 Jun 2024 23:41:34 +0000 Subject: [PATCH 06/13] Fix artifact path --- .github/workflows/ci-post-commit-analyzer.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-post-commit-analyzer.yml b/.github/workflows/ci-post-commit-analyzer.yml index d4b9da26e6d9c3..3e4a04fb57311b 100644 --- a/.github/workflows/ci-post-commit-analyzer.yml +++ b/.github/workflows/ci-post-commit-analyzer.yml @@ -90,5 +90,5 @@ jobs: if: always() with: name: analyzer-results - path: 'build/analyzer-results/**/*' + path: 'build/analyzer-results/*' From 05aca639ce06843beb3747e1a14be16a40cfe5c9 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Thu, 6 Jun 2024 00:25:27 +0000 Subject: [PATCH 07/13] No longer need to install dependencies --- .github/workflows/ci-post-commit-analyzer.yml | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/.github/workflows/ci-post-commit-analyzer.yml b/.github/workflows/ci-post-commit-analyzer.yml index 3e4a04fb57311b..64206ad16b75b1 100644 --- a/.github/workflows/ci-post-commit-analyzer.yml +++ b/.github/workflows/ci-post-commit-analyzer.yml @@ -41,17 +41,6 @@ jobs: - name: Checkout Source uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - name: Install Dependencies - env: - DEBIAN_FRONTEND: noninteractive - run: | - apt-get update - apt-get -y install \ - cmake \ - ninja-build \ - perl \ - clang-tools - - name: Setup ccache uses: hendrikmuhs/ccache-action@v1 with: @@ -83,7 +72,8 @@ jobs: - name: Build run: | ninja -v -C build - scan-build --generate-index-only build/analyzer-results + # TODO: Use scan-build from container once we have new container builds with scan-build. + ./clang/tools/scan-build/bin/scan-build --generate-index-only build/analyzer-results - name: Upload Results uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 #v4.3.0 From 43e286cf3e5a7e4ba1265da1038d43537e382b82 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Thu, 6 Jun 2024 00:44:13 +0000 Subject: [PATCH 08/13] Run job on prs that modify clang --- .github/workflows/ci-post-commit-analyzer.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci-post-commit-analyzer.yml b/.github/workflows/ci-post-commit-analyzer.yml index 64206ad16b75b1..30996f600cceeb 100644 --- a/.github/workflows/ci-post-commit-analyzer.yml +++ b/.github/workflows/ci-post-commit-analyzer.yml @@ -8,6 +8,7 @@ on: branches: - 'release/**' paths: + - 'clang/**' - 'llvm/**' - '.github/workflows/ci-post-commit-analyzer.yml' pull_request: From f6e92d7e6735752f36f7061b2f5d58ceb379fb62 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Thu, 6 Jun 2024 20:57:23 +0000 Subject: [PATCH 09/13] Run the analyzer after the build Also continue analyzing if one job fails. --- .../ci-post-commit-analyzer-launcher.sh | 4 --- .../workflows/ci-post-commit-analyzer-run.py | 27 +++++++++++++++++++ .github/workflows/ci-post-commit-analyzer.yml | 18 ++++++++++--- 3 files changed, 41 insertions(+), 8 deletions(-) delete mode 100755 .github/workflows/ci-post-commit-analyzer-launcher.sh create mode 100644 .github/workflows/ci-post-commit-analyzer-run.py diff --git a/.github/workflows/ci-post-commit-analyzer-launcher.sh b/.github/workflows/ci-post-commit-analyzer-launcher.sh deleted file mode 100755 index bccd91ffe79b9d..00000000000000 --- a/.github/workflows/ci-post-commit-analyzer-launcher.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh -ccache "$@" -"$@" --analyze --analyzer-output html -o analyzer-results \ - -Xclang -analyzer-config -Xclang max-nodes=75000 diff --git a/.github/workflows/ci-post-commit-analyzer-run.py b/.github/workflows/ci-post-commit-analyzer-run.py new file mode 100644 index 00000000000000..8a41d6c3ba9490 --- /dev/null +++ b/.github/workflows/ci-post-commit-analyzer-run.py @@ -0,0 +1,27 @@ +import json +import multiprocessing +import os +import re +import subprocess +import sys + +def run_analyzer(data): + os.chdir(data['directory']) + command = data['command'] + f' --analyze --analyzer-output html -o analyzer-results -Xclang -analyzer-config -Xclang max-nodes=75000' + print(command) + subprocess.run(command, shell=True, check=True) + +def pool_error(e): + print("Error analyzing file:", e) + +def main(): + db_path = sys.argv[1] + database = json.load(open(db_path)) + + with multiprocessing.Pool() as pool: + pool.map_async(run_analyzer, [k for k in database], error_callback=pool_error) + pool.close() + pool.join() + +if __name__ == "__main__": + main() diff --git a/.github/workflows/ci-post-commit-analyzer.yml b/.github/workflows/ci-post-commit-analyzer.yml index 30996f600cceeb..27174e9ec5b77a 100644 --- a/.github/workflows/ci-post-commit-analyzer.yml +++ b/.github/workflows/ci-post-commit-analyzer.yml @@ -55,7 +55,7 @@ jobs: # Default to 2G to workaround: https://github.com/hendrikmuhs/ccache-action/issues/174 max-size: 2G key: post-commit-analyzer - variant: ccache + variant: sccache - name: Configure run: | @@ -66,13 +66,23 @@ jobs: -DLLVM_LINK_LLVM_DYLIB=ON \ -DCMAKE_CXX_COMPILER=clang++ \ -DCMAKE_C_COMPILER=clang \ - -DCMAKE_CXX_COMPILER_LAUNCHER=`pwd`/.github/workflows/ci-post-commit-analyzer-launcher.sh \ - -DCMAKE_C_COMPILER_LAUNCHER=`pwd`/.github/workflows/ci-post-commit-analyzer-launcher.sh \ + -DCMAKE_CXX_COMPILER_LAUNCHER=sccache \ + -DCMAKE_C_COMPILER_LAUNCHER=sccache \ + -DCMAKE_EXPORT_COMPILE_COMMANDS=ON \ + -DLLVM_INCLUDE_TESTS=OFF \ + -DCLANG_INCLUDE_TESTS=OFF \ -DCMAKE_BUILD_TYPE=Release - name: Build run: | - ninja -v -C build + # FIXME: We need to build all the generated header files in order to be able to run + # the analyzer on every file. Building libLLVM and libclang is probably overkill for + # this, but it's better than building every target. + ninja -v -C build libLLVM.so libclang.so + + # Run the analyzer. + python3 .github/workflows/ci-post-commit-analyzer-run.py build/compile_commands.json + # TODO: Use scan-build from container once we have new container builds with scan-build. ./clang/tools/scan-build/bin/scan-build --generate-index-only build/analyzer-results From 24d616f99234bcaceab33f5d0bb486c02e4f2216 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Thu, 6 Jun 2024 21:49:59 +0000 Subject: [PATCH 10/13] Fix python formatting --- .github/workflows/ci-post-commit-analyzer-run.py | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci-post-commit-analyzer-run.py b/.github/workflows/ci-post-commit-analyzer-run.py index 8a41d6c3ba9490..88e8c5b87350e5 100644 --- a/.github/workflows/ci-post-commit-analyzer-run.py +++ b/.github/workflows/ci-post-commit-analyzer-run.py @@ -5,15 +5,21 @@ import subprocess import sys + def run_analyzer(data): - os.chdir(data['directory']) - command = data['command'] + f' --analyze --analyzer-output html -o analyzer-results -Xclang -analyzer-config -Xclang max-nodes=75000' + os.chdir(data["directory"]) + command = ( + data["command"] + + f" --analyze --analyzer-output html -o analyzer-results -Xclang -analyzer-config -Xclang max-nodes=75000" + ) print(command) subprocess.run(command, shell=True, check=True) + def pool_error(e): print("Error analyzing file:", e) + def main(): db_path = sys.argv[1] database = json.load(open(db_path)) @@ -23,5 +29,6 @@ def main(): pool.close() pool.join() + if __name__ == "__main__": main() From 4c79c2e046a6da0609c8c3223930290bb53fd5f6 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Thu, 6 Jun 2024 21:52:42 +0000 Subject: [PATCH 11/13] Run on PR's that touch the python script --- .github/workflows/ci-post-commit-analyzer.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci-post-commit-analyzer.yml b/.github/workflows/ci-post-commit-analyzer.yml index 27174e9ec5b77a..b327ecd0d254b4 100644 --- a/.github/workflows/ci-post-commit-analyzer.yml +++ b/.github/workflows/ci-post-commit-analyzer.yml @@ -19,6 +19,7 @@ on: - closed paths: - '.github/workflows/ci-post-commit-analyzer.yml' + - '.github/workflows/ci-post-commit-analyzer-run.py' schedule: - cron: '30 0 * * *' From 7b8e023ea884b5e865caa206997639874c662db4 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Thu, 6 Jun 2024 22:12:45 +0000 Subject: [PATCH 12/13] Fix formatting --- .github/workflows/ci-post-commit-analyzer-run.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-post-commit-analyzer-run.py b/.github/workflows/ci-post-commit-analyzer-run.py index 88e8c5b87350e5..e5f52d3b2fa671 100644 --- a/.github/workflows/ci-post-commit-analyzer-run.py +++ b/.github/workflows/ci-post-commit-analyzer-run.py @@ -9,7 +9,7 @@ def run_analyzer(data): os.chdir(data["directory"]) command = ( - data["command"] + data["command"] + f" --analyze --analyzer-output html -o analyzer-results -Xclang -analyzer-config -Xclang max-nodes=75000" ) print(command) From c5bdc29ec277ea70495f9692fb2a999edd81bbc8 Mon Sep 17 00:00:00 2001 From: Tom Stellard Date: Thu, 6 Jun 2024 22:24:08 +0000 Subject: [PATCH 13/13] Use scan-build from the containre --- .github/workflows/ci-post-commit-analyzer.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci-post-commit-analyzer.yml b/.github/workflows/ci-post-commit-analyzer.yml index b327ecd0d254b4..d614dd07b3a493 100644 --- a/.github/workflows/ci-post-commit-analyzer.yml +++ b/.github/workflows/ci-post-commit-analyzer.yml @@ -84,8 +84,7 @@ jobs: # Run the analyzer. python3 .github/workflows/ci-post-commit-analyzer-run.py build/compile_commands.json - # TODO: Use scan-build from container once we have new container builds with scan-build. - ./clang/tools/scan-build/bin/scan-build --generate-index-only build/analyzer-results + scan-build --generate-index-only build/analyzer-results - name: Upload Results uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 #v4.3.0