Peter M. Groen / TrueMQTT-cpp

Commit 84f875a93583f94c92c0b8675ac8fa7a4f3294f4

Authored by Patric Stout
Committed by GitHub
1 parent af4f6f4e

chore: switch from SonarCloud to CodeQL for code analysis (#20) 

Also fix the single warning CodeQL noticed
Inline Side-by-side
Showing 3 changed files with 47 additions and 115 deletions
.github/workflows/codeql.yaml 0 → 100644
  View file @84f875a
  1 +name: CodeQL
  2 +
  3 +on:
  4 + push:
  5 + branches:
  6 + - main
  7 + pull_request:
  8 + branches:
  9 + - main
  10 +
  11 +jobs:
  12 + analyze:
  13 + name: Analyze
  14 + runs-on: ubuntu-latest
  15 + permissions:
  16 + security-events: write
  17 +
  18 + steps:
  19 + - name: Checkout
  20 + uses: actions/checkout@v3
  21 +
  22 + - name: Set environment
  23 + run: |
  24 + echo "MAKEFLAGS=-j$(nproc)" >> $GITHUB_ENV
  25 +
  26 + - name: Install conan
  27 + run: |
  28 + pip install conan
  29 + conan profile new default --detect
  30 + conan profile update settings.compiler.libcxx=libstdc++11 default
  31 +
  32 + - name: Initialize CodeQL
  33 + uses: github/codeql-action/init@v2
  34 + with:
  35 + languages: cpp
  36 + queries: security-and-quality
  37 +
  38 + - name: Compile
  39 + run: |
  40 + mkdir build
  41 + cd build
  42 + conan install ..
  43 + cmake .. -DMIN_LOGGER_LEVEL=TRACE
  44 + make -j$(nproc)
  45 +
  46 + - name: Perform CodeQL Analysis
  47 + uses: github/codeql-action/analyze@v2
... ...
.github/workflows/sonarcloud.yaml deleted
View file @af4f6f4
1   -name: Code quality
2   -
3   -on:
4   - push:
5   - branches:
6   - - main
7   -
8   -jobs:
9   - has_sonar_token:
10   - name: Check for SonarCloud token
11   - runs-on: ubuntu-latest
12   -
13   - outputs:
14   - ok: ${{ steps.check.outputs.ok }}
15   -
16   - steps:
17   - - name: Check for SonarCloud token
18   - id: check
19   - run: |
20   - if [ -n "${{ secrets.SONAR_TOKEN }}" ];
21   - then
22   - echo "ok=true" >> $GITHUB_OUTPUT;
23   - echo "SONAR_TOKEN secret detected, running Code Quality."
24   - else
25   - echo "ok=false" >> $GITHUB_OUTPUT;
26   - echo "No SONAR_TOKEN secret detected, skipping Code Quality."
27   - fi
28   -
29   - code_quality:
30   - name: Code quality (SonarCloud)
31   - runs-on: ubuntu-latest
32   -
33   - # This prevents running SonarCloud on forks that don't have a SONAR_TOKEN set.
34   - needs: has_sonar_token
35   - if: needs.has_sonar_token.outputs.ok == 'true'
36   -
37   - env:
38   - SONAR_SCANNER_VERSION: 4.7.0.2747
39   -
40   - steps:
41   - - name: Checkout
42   - uses: actions/checkout@v3
43   -
44   - - name: Set up JDK 11
45   - uses: actions/setup-java@v3
46   - with:
47   - distribution: temurin
48   - java-version: 11
49   -
50   - - name: Cache SonarCloud
51   - id: cache-sonarcloud
52   - uses: actions/cache@v3
53   - with:
54   - path: .sonar
55   - key: sonar-${{ runner.os }}-${{ env.SONAR_SCANNER_VERSION }}
56   -
57   - - name: Cache SonarCloud-Cache
58   - uses: actions/cache@v3
59   - with:
60   - path: .sonar-cache
61   - key: sonar-cache-${{ runner.os }}-${{ env.SONAR_SCANNER_VERSION }}-${{ hashFiles('src/**') }}
62   - restore-keys: |
63   - sonar-cache-${{ runner.os }}-${{ env.SONAR_SCANNER_VERSION }}-
64   - sonar-cache-${{ runner.os }}-
65   - sonar-cache-
66   -
67   - - name: Download SonarCloud
68   - if: steps.cache-sonarcloud.outputs.cache-hit != 'true'
69   - run: |
70   - mkdir .sonar
71   -
72   - curl -sSLo .sonar/sonar-scanner.zip ${{ env.SONAR_SCANNER_DOWNLOAD_URL }}
73   - unzip -o .sonar/sonar-scanner.zip -d .sonar/
74   -
75   - curl -sSLo .sonar/build-wrapper-linux-x86.zip ${{ env.BUILD_WRAPPER_DOWNLOAD_URL }}
76   - unzip -o .sonar/build-wrapper-linux-x86.zip -d .sonar/
77   - env:
78   - SONAR_SCANNER_DOWNLOAD_URL: https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${{ env.SONAR_SCANNER_VERSION }}-linux.zip
79   - BUILD_WRAPPER_DOWNLOAD_URL: https://sonarcloud.io/static/cpp/build-wrapper-linux-x86.zip
80   -
81   - - name: Setup SonarCloud
82   - run: |
83   - echo "$(pwd)/.sonar/sonar-scanner-${{ env.SONAR_SCANNER_VERSION }}-linux/bin" >> $GITHUB_PATH
84   - echo "$(pwd)/.sonar/build-wrapper-linux-x86" >> $GITHUB_PATH
85   -
86   - - name: Install conan
87   - run: |
88   - pip install conan
89   - conan profile new default --detect
90   - conan profile update settings.compiler.libcxx=libstdc++11 default
91   -
92   - - name: Compile
93   - run: |
94   - mkdir build
95   - cd build
96   - conan install ..
97   - build-wrapper-linux-x86-64 --out-dir ../.build-wrapper-out cmake .. -DMIN_LOGGER_LEVEL=TRACE
98   - build-wrapper-linux-x86-64 --out-dir ../.build-wrapper-out make -j$(nproc)
99   -
100   - - name: Run SonarCloud
101   - run: |
102   - sonar-scanner \
103   - --define sonar.host.url="https://sonarcloud.io/" \
104   - --define sonar.cfamily.build-wrapper-output=".build-wrapper-out" \
105   - --define sonar.projectKey=TrueBrain_TrueMQTT-cpp \
106   - --define sonar.organization=truebrain \
107   - --define sonar.projectName=TrueMQTT-cpp \
108   - --define sonar.sources=src \
109   - --define sonar.sourceEncoding=UTF-8 \
110   - --define sonar.cfamily.cache.enabled=true \
111   - --define sonar.cfamily.cache.path=.sonar-cache
112   - env:
113   - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
114   - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
example/stress/main.cpp
  View file @84f875a
... ... @@ -57,7 +57,6 @@ int main()
57 57 // backs up, after which it starts to fail intermittently. To push the broker
58 58 // to its breaking point, it helps to add additional subscriptions by other
59 59 // means.
60   - bool is_failing = true;
61 60 auto start = std::chrono::steady_clock::now();
62 61 int channel = 0;
63 62 while (true)
... ...