Update sast.yaml #9
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Static analysis | |
on: push | |
# Will run on push when merging to 'branches'. The output will be shown in the console | |
# push | |
# 'pull_request_target' allows this Action to also run on forked repositories | |
# The output will be shown in PR comments (unless the 'force_console_print' flag is used) | |
# pull_request_target: | |
# branches: | |
# - "*" | |
jobs: | |
static_analysis: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v2 | |
- name: Clone libtins | |
env: | |
GH_PAT: ${{ secrets.GH_PAT }} | |
run: | | |
git clone https://x-access-token:${GH_PAT}@github.com/the-tcpdump-group/libtins.git vendor/libtins | |
- name: Setup OpenSSL | |
run: | | |
wget https://www.openssl.org/source/openssl-1.1.1g.tar.gz | |
tar xzf openssl-1.1.1g.tar.gz | |
mv openssl-1.1.1g ./openssl-OpenSSL_1_1_1g | |
- name: Setup init_script | |
shell: bash | |
run: | | |
echo "#!/bin/bash | |
# Input args provided by StaticAnalysis action | |
root_dir=\${1} | |
build_dir=\${2} | |
echo \"Hello from the init script! First arg=\${root_dir} second arg=\${build_dir}\" | |
add-apt-repository ppa:oibaf/graphics-drivers | |
wget -qO - http://packages.lunarg.com/lunarg-signing-key-pub.asc | apt-key add - | |
wget -qO /etc/apt/sources.list.d/lunarg-vulkan-focal.list http://packages.lunarg.com/vulkan/lunarg-vulkan-focal.list | |
apt update && apt upgrade -y | |
apt install -y libvulkan1 mesa-vulkan-drivers vulkan-tools" > init_script.sh | |
chmod +x init_script.sh | |
- name: Run static analysis | |
uses: JacobDomagala/StaticAnalysis@master | |
with: | |
language: c++ | |
exclude_dir: lib | |
use_cmake: true | |
apt_pckgs: software-properties-common libglu1-mesa-dev freeglut3-dev mesa-common-dev | |
init_script: init_script.sh | |
clang_tidy_args: -checks='*,fuchsia-*,google-*,zircon-*,abseil-*,modernize-use-trailing-return-type' | |
cppcheck_args: --enable=all --suppress=missingInclude |