From dc6486f20038fe320b8429bf5ebe58074d5ca24d Mon Sep 17 00:00:00 2001 From: Weston Schmidt Date: Tue, 15 Sep 2020 11:32:52 -0700 Subject: [PATCH] Add sonar, travis and friends. --- .sonar-project.properties | 31 +++++++ .travis.yml | 183 +++++++++++++++++++++++++++++++------- README.md | 1 + 3 files changed, 185 insertions(+), 30 deletions(-) create mode 100644 .sonar-project.properties diff --git a/.sonar-project.properties b/.sonar-project.properties new file mode 100644 index 0000000..c265ac9 --- /dev/null +++ b/.sonar-project.properties @@ -0,0 +1,31 @@ +# Reference: +# https://github.com/SonarSource/sonarcloud_example_go-sqscanner-travis/blob/master/sonar-project.properties + + +# ===================================================== +# Standard properties +# ===================================================== + +sonar.projectKey=xmidt-org_parodus +sonar.projectName=parodus + +sonar.sources=src + +#sonar.tests=tests + +# ===================================================== +# Meta-data for the project +# ===================================================== + +sonar.links.homepage=https://github.com/xmidt-org/parodus +sonar.links.ci=https://travis-ci.org/xmidt-org/parodus +sonar.links.scm=https://github.com/xmidt-org/parodus +sonar.links.issue=https://github.com/xmidt-org/parodus/issues + +# ===================================================== +# Properties specific to C +# ===================================================== +sonar.cfamily.build-wrapper-output=build/bw-output +sonar.cfamily.gcov.reportsPath=. +sonar.cfamily.threads=1 +sonar.cfamily.cache.enabled=false diff --git a/.travis.yml b/.travis.yml index 7329404..7cbaf6f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,43 +1,166 @@ -dist: trusty -sudo: required - language: c -compiler: - - gcc -addons: - coverity_scan: - project: - name: "Comcast/parodus" - description: "C implementation of the WebPA client coordinator" - notification_email: weston_schmidt@alumni.purdue.edu - build_command_prepend: "mkdir coverity_build && cd coverity_build && cmake .." - build_command: "make" - branch_pattern: ignore - +branches: + only: + - main + - master + - /^v[0-9]+\.[0-9]+\.[0-9]+$/ + +env: + global: + - DISABLE_VALGRIND="false" + - TRAVIS_REPO_OWNER=${TRAVIS_REPO_SLUG%/*} + - TRAVIS_REPO_NAME=${TRAVIS_REPO_SLUG#*/} + before_install: - - sudo pip install codecov - - echo -n | openssl s_client -connect scan.coverity.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca- install: - - sudo apt-get update -qq - - sudo apt-get install -y -qq check libcunit1 libcunit1-dev uuid-dev valgrind script: - mkdir build - - cd build + - pushd build + - cmake .. -DDISABLE_VALGRIND:BOOL=${DISABLE_VALGRIND} - cmake .. -DINTEGRATION_TESTING:BOOL=false -DDISABLE_VALGRIND:BOOL=false -DENABLE_SESHAT:BOOL=true -DFEATURE_DNS_QUERY:BOOL=true - - make - export ARGS="-V" - - make test + - build-wrapper-linux-x86-64 --out-dir bw-output make all test + - popd after_success: - - codecov + - find . -type f -name '*.gcda' -exec gcov -p {} + + - sonar-scanner -Dproject.settings=.sonar-project.properties + - bash <(curl -s https://codecov.io/bash) -F unittests || echo "Codecov did not collect coverage reports" -env: - global: - - secure: EwQu1WDUgIF5qM5tnKj/+NCPz9t15y289bbqFo0wDhyfTlJGS9buQeJNeVLtNJBEOngpo+AkaPGvh/d9NZ0vLdxu+K/e+HhA6kOTxUrCHD8+4oX9XpVs/XvQmD1COlJYeeqd8bJMKtlFtonGdMJogxpEFQzv4fQjmoARvL2ciV4OB0MBcD5Lsb72L3a0aJT69F6WFuDpgGj2eIQyCDSTPNIi2X7EA8R33lxnntFDn8Vj6qSBbVOI2S5R5S+JUCMp1Q1ZbEqmh6j+wKtszWj8wGqfz8Ol5+GYl511bExb+hwvV5zen0Ol0+2LQmSpYhbQZ7prfI8AclLLwhDUrP+WDOv34vwd4EWQ1OoLqG23HbBygCxPSBIB6ZxPtVkzjVlOK8qqIB5QXqCyq8sPKlrXfntOQ+Ha938cIA+A0ag+26MLbhDGj8k3Os7BdY/oqNTKADZQdxfGKhCiA9qO2clpMyRXoE0q6hv9dYoG/2c4sxH8DKsT8XY/QbGmiBsk0DWHcpxkObCsHUxVKi+gIBGSL/tSjz2IJfQVZkdl2hhcyStGuPKbiwAlW3HydMk0VgRhVmHBIc41Cv7vPdMEVf/XiFhr2utRX468M/LR8vkhhokKl1xkVIiquwCPYPzZVAFARHTlaBMhz9kQVtTAHf2JkHuM9XcLWKW996FiSeswKyI= - - secure: LQK36EsQdIJw7eSW1yz+yh3+yJdp8cznynBjE3whOEVI2KHZimr+vtK5hxE6TH0QjYyrb/BFgRql6CtLprpaABSEC9gpqpahu50jiAkjKC8DtfSloAbH5jj+ZllaPjURocerllNLVZxiRM/WCuJAy0nzBpAyx62YmVlEYi+zYD67d3wG6gLwso6l2DWuPPze6t5NmbUmH9hNk52++TZalwMtZFdibQoYm64vCTT5gycujw6ZDa8GD0m+Yryvc20kLlWPOVS9lN1iEGo98/gj8Ops8w0iw6k7SfEkvvFsKEUDr77wAN5Tk4tGq7odVrD/y3W9AsHkkSb1B6RqVWkcW3SjCAQc03jhdaBxXwcoJZcYahY21CB12EP7p0HSjEbvIzNpk0D9MulsGaMPlOudnKdG0/kmD7oIAiXjfC7PiPBBFIc/cVF5VAKNTUInEVfcKvlLpqDatwjB+qgb7pld24dUPuJw+yOgglk7J7xckJYHFTHhk0PWI5oN66dndj3yyJp4dz1v64ViFFTG4PO4YPJydZxRxolg1eGMuG0UIYJK6RWcSQ+ZPBm4p78J8xfHtgUkvWvrHJoXC1qAzqx1XRzbHEeTJgbKgLrWY+B6nbNotw1RDX4lNDirp5EI6GqezoFJToZkqe3MRs8DrqhaFjUbbEzAxznRWmxnWNN3Ujc= - # The next declaration is the encrypted COVERITY_SCAN_TOKEN, created - # via the "travis encrypt" command using the project repo's public key - - secure: "V/W4Z9/3uXpS83CvlZ1XfDAbHPIA2ID5G5s9GPcsUqoOASQdc6Y/DPejUlot+DgtiHOEdTr9n5iWDOuxqjcVnjVd6ag9i2m0PMqDhPj3fnUJM6dAeXIBda/qSuTsJTX4cIwb371R77cLcIUm35IEOSIAQOBCjh7RCf3ivGPUp+wobTonkNzDw6xqO90hx7NLnxwGSCcaNBFKOcLL0e7DXspp18lTWCSSaHELzXOyLlhZnWhC5tiFUIZk1ixm/cO1YEQH9AzgPJ5OYs+On0j8VT8XWMsxHu0zfkZkdZMAEOQbO6u4HBDePIfp+PoF1LwtX/UXfaEkUHZ0kNVXHfsN/KP7NHgTbASe9EXp+R4pcKEy4ZEbx+xpp7FlMQSJYiYiQbJ2FBrjwRPreXiHyCqn8htd0YNOTH4UykvO3NYxlTaMf9aE041lnLjUY18TuXrILz6SzMsGV+nYqfIci/NPuj/57k7nw127a93S4Mr/phXts9ZL8I7kagd8wKv3m5+7rmIfuSfS2kg2pTa0hk5uMqFWLG8AilUQ5t1ChylzPcl/Gdgi9OP0pG2WyUmkqOiSqhwwdg2ZCwptodwuonfbdKMSBuHOS8lLU1bGyCRdWsMoscSv/xn4t3ikzBsSDiKgI8xq2+aqQyHDeVneqAk1BbxiNIwoJeyVXq2EKU6MlgI=" +stages: + - test + - coverity + - tag + - release + +jobs: + include: + - stage: test + name: "Trusty gcc build" + os: linux + dist: trusty + compiler: gcc + addons: + apt: + sources: + - ubuntu-toolchain-r-test + packages: + - libcunit1 + - libcunit1-doc + - libcunit1-dev + - libtool + - valgrind + - lcov + sonarcloud: + organization: "xmidt-org" + token: "$SONAR_TOKEN" + + - stage: test + name: "Trusty clang build" + os: linux + dist: trusty + compiler: clang + addons: + apt: + sources: + - ubuntu-toolchain-r-test + packages: + - libcunit1 + - libcunit1-doc + - libcunit1-dev + - libtool + - valgrind + - lcov + sonarcloud: + organization: "xmidt-org" + token: "$SONAR_TOKEN" + after_success: skip + + # How the tag and release targets work + # + # Each time a build is run on the main branch the CHANGELOG.md file is + # checked To see if there is a new version tag with details under it. If a + # version with details is found then **tag** creates a new tag with the + # proper version. + # + # The creation of the tag branch triggers the **release** stage. + # + # The release stage builds tar.gz and zip artificts as well as creates a + # SHA256 checksum of the files. The process then pushes these files up to + # Github for hosting. + # + # Why do this? Yocto and other build systems depend on the artifacts being + # consistent each time they are downloaded, but there is an issue with the + # way Github generates the artifacts on the fly where on occasion the + # checksum changes. By explicitly producing our own artifacts we eliminate + # this issue for systems that rely on the checksum being constant + - stage: tag + name: "Tag For Release" + if: branch = main && type = push + before_script: + - echo -e "machine github.com\n login $GH_TOKEN" > ~/.netrc + script: + - export OLD_VERSION=$(git describe --tags `git rev-list --tags --max-count=1` | tail -1 | sed 's/v\(.*\)/\1/') + - git config --global user.name "xmidt-bot" + - git config --global user.email "$BOT_EMAIL" + - export TAG=$(cat CHANGELOG.md | perl -0777 -ne 'print "$1" if /.*## \[Unreleased\]\s+## \[(v\d+.\d+.\d+)\].*/s') + - export TODAY=`date +'%m/%d/%Y'` + - export NOTES=$(cat CHANGELOG.md | perl -0777 -ne 'print "$ENV{TODAY}\n\n$1\n" if /.*## \[$ENV{TAG}\]\s(.*?)\s+## \[(v\d+.\d+.\d+)\].*/s') + - if [[ "$TAG" != "" && "$TAG" != "$OLD_VERSION" ]]; then git tag -a "$TAG" -m "$NOTES"; git push origin --tags; echo $?; fi + addons: + before_install: skip + after_success: skip + + - stage: release + name: "Make a Release" + if: branch != main + script: + - export VERSION=${TRAVIS_TAG##*v} + - git archive --format=tar.gz --prefix=${TRAVIS_REPO_NAME}-${VERSION}/ -o ${TRAVIS_REPO_NAME}-${VERSION}.tar.gz ${TRAVIS_TAG} + - git archive --format=zip --prefix=${TRAVIS_REPO_NAME}-${VERSION}/ -o ${TRAVIS_REPO_NAME}-${VERSION}.zip ${TRAVIS_TAG} + - sha256sum ${TRAVIS_REPO_NAME}-${VERSION}.tar.gz ${TRAVIS_REPO_NAME}-${VERSION}.zip > sha256sum.txt + deploy: + cleanup: false + on: + all_branches: true + tags: true + provider: releases + api_key: "$GH_TOKEN" + file: + - "${TRAVIS_REPO_NAME}-${VERSION}.tar.gz" + - "${TRAVIS_REPO_NAME}-${VERSION}.zip" + - "sha256sum.txt" + addons: + before_install: skip + + - stage: coverity + name: "Coverity build" + if: branch = main + os: linux + dist: trusty + compiler: gcc + addons: + apt: + sources: + - ubuntu-toolchain-r-test + packages: + - libcunit1 + - libcunit1-doc + - libcunit1-dev + - libtool + - valgrind + - lcov + coverity_scan: + project: + name: ${TRAVIS_REPO_SLUG} + notification_email: weston_schmidt@alumni.purdue.edu + build_command_prepend: "mkdir coverity_build && cd coverity_build && cmake .." + build_command: "make" + branch_pattern: main + after_success: skip + + allow_failures: + - stage: coverity diff --git a/README.md b/README.md index 7a127c5..0787bdf 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,7 @@ [![Coverity](https://img.shields.io/coverity/scan/11192.svg)](https://scan.coverity.com/projects/comcast-parodus) [![Apache V2 License](http://img.shields.io/badge/license-Apache%20V2-blue.svg)](https://github.com/Comcast/parodus/blob/master/LICENSE) [![GitHub release](https://img.shields.io/github/release/Comcast/parodus.svg)](CHANGELOG.md) +[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=xmidt-org_parodus&metric=alert_status)](https://sonarcloud.io/dashboard?id=xmidt-org_parodus) C implementation of the XMiDT client coordinator