Last active
September 25, 2023 12:27
-
-
Save daparic/75704afe9e36423e9c8ab535128ea84f to your computer and use it in GitHub Desktop.
Parasoft Github CI/CD Yaml For Static Analysis
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: demo | |
| on: | |
| push: | |
| branches: [master, main] | |
| pull_request: | |
| branches: [master, main] | |
| workflow_dispatch: | |
| jobs: | |
| italian: | |
| name: Run Parasoft Static Analysis | |
| runs-on: self-hosted | |
| permissions: | |
| security-events: write | |
| steps: | |
| - name: 1) Gotta checkout the codes | |
| uses: actions/checkout@v3 | |
| - name: 2) Build the codes | |
| run: cpptesttrace make clean all | |
| - name: 3) Run Parasoft static analysis | |
| run: cpptestcli -config "builtin://Effective C++" -report report -property report.format=sarif -input cpptestscan.bdf -compiler gcc_11-64 | |
| - name: 4) Upload results (SARIF) | |
| if: always() | |
| uses: github/codeql-action/upload-sarif@v2 | |
| with: | |
| sarif_file: report/report.sarif | |
| - name: 5) Archive reports | |
| if: always() | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: CpptestReports | |
| path: report/*.* |
Author
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Points to ponder: Because we use
bin/cli/cpptestcli, then we must supply these options:-input cpptestscan.bdf -compiler gcc_11-64