Skip to content

Use gcc option _FORTIFY_SOURCE=3 #1972

Use gcc option _FORTIFY_SOURCE=3

Use gcc option _FORTIFY_SOURCE=3 #1972

Workflow file for this run

name: Code Analysis
on: [push, pull_request]
jobs:
build:
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository
name: Waiting for build
uses: ./.github/workflows/wait-for-build.yml
secrets: inherit
sonarcloud:
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository
name: Sonar Cloud code analysis
needs: build
runs-on: ubuntu-latest
env:
SHARED: /tmp/workdir/pki
steps:
- name: Clone repository
uses: actions/checkout@v4
- name: Retrieve PKI images
uses: actions/cache@v4
with:
key: pki-images-${{ github.sha }}
path: pki-images.tar
- name: Load PKI images
run: docker load --input pki-images.tar
- name: Set up PKI container
run: |
tests/bin/runner-init.sh pki
- name: Copy build in current folder
run: docker cp pki:/usr/share/java/pki ./build
- name: Remove maven related file
run: rm -f pom.xml
- name: Start Sonar analysis
uses: SonarSource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
get-pr-ref:
if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository
name: Sonar cloud PR fork analyses deferring
runs-on: ubuntu-latest
steps:
- name: Save PR information
run: |
mkdir -p ./pr
echo ${{ github.event.number }} > ./pr/NR
echo ${{ github.event.pull_request.base.ref }} > ./pr/BaseBranch
- name: Upload pr as artifact
uses: actions/upload-artifact@v4
with:
name: pr
path: pr/
shellcheck:
name: Shellcheck
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@master
with:
severity: error
ignore_paths: tests # Don't check legacy test scripts