diff --git a/.github/workflows/one-line-cr-bot.yml b/.github/workflows/one-line-cr-bot.yml deleted file mode 100644 index 9cd5ac27..00000000 --- a/.github/workflows/one-line-cr-bot.yml +++ /dev/null @@ -1,84 +0,0 @@ -# Author: Norbert Manthey -# -# This workflow will present introduced defects of a pull request to a given -# branch of a package. -# -# The workflow has locations labeled '[ACTION REQUIRED]' where adaptation for -# your build might be required, as well as where to compare the findings to. -# -# To learn more about the available options, check the CLI parameters of the -# script 'one-line-cr-bot.sh' in https://github.com/awslabs/one-line-scan.git -name: One Line CR Bot - -on: - pull_request_target: - # [ACTION REQUIRED] Set the branch you want to analyze PRs for - branches: - - '**' - - # [ACTION REQUIRED] Use this, if you want analysis for push to repository as well - push: - branches: [ mainline ] - -jobs: - build: - - runs-on: ubuntu-latest - - steps: - # This is to address CVE-2020-15228 proactively. We do not rely on stdout. - - name: Disable workflow commands - run: echo "::stop-commands::`echo -n ${{ github.token }} | sha256sum | head -c 64`" - - # Get the code, fetch the full history to make sure we have the compare commit as well - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - ref: ${{github.event.pull_request.head.ref}} - repository: ${{github.event.pull_request.head.repo.full_name}} - - # one-line-cr-bot.sh will get infer and cppcheck, if not available - - name: Install Required Packages - env: - # This is needed in addition to -yq to prevent apt-get from asking for user input - DEBIAN_FRONTEND: noninteractive - # [ACTION REQUIRED] Add your build dependencies here - run: | - sudo apt-get install -y python3-github - - # Get the compare remote - - name: Setup Compare Remote - # [ACTION REQUIRED] Add the https URL of your repository - run: git remote add compare https://github.com/awslabs/ktf.git - - name: Fetch Compare Remote - run: git fetch compare - - # Get one-line-scan, the tool we will use for analysis - - name: Get OneLineScan - run: git clone -b comment-prs https://github.com/nmanthey/one-line-scan.git ../one-line-scan - - # Run the analysis, parameterized for this package - - name: one-line-cr-analysis - env: - # [ACTION REQUIRED] Adapt the values below accordingly - # 'compare' is the name of the remote to use - BASE_COMMIT: "compare/mainline" - BUILD_COMMAND: "make -B all" - CLEAN_COMMAND: "make clean" - # Parameters to be forwarded to used tools in one-line-scan for customization - # Additional CppCheck parameters, do not use e.g. --inconclusive - CPPCHECK_EXTRA_ARG: "--enable=style --enable=performance --enable=information --enable=portability" - # Additional Infer parameters, do not use e.g. --pulse - INFER_ANALYSIS_EXTRA_ARGS: "--bufferoverrun" - # These settings are more preferences, and not directly related to your project - # Set INSTALL_MISSING to false, if ALL targeted tools are already present - IGNORE_ERRORS: false - INSTALL_MISSING: true - OVERRIDE_ANALYSIS_ERROR: true - POST_TO_GITHUB_PR_ONLY: true - REPORT_NEW_ONLY: true - VERBOSE: 0 # >0 shows all currently present defects as well - # We need access to the github token to be able to comment on the PR - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - # Be explicit about the tools to be used - run: ../one-line-scan/one-line-cr-bot.sh -E infer -E cppcheck