RFC: Add static code analyzer integration #51179
Conversation
| @@ -0,0 +1,10 @@ | |||
| { | |||
There was a problem hiding this comment.
The file is a generated file and will be removed from the commit sooner or later.
It is here to illustrate the output format.
Question:
Why are CMAKE_CXX_COMPILER and all the other variables empty except for the CMAKE_C_COMPILER?
Did I include the sca_integration.cmake too early?
Any hints for me?
|
@romkell - would be happy to backport, but this would need to go into |
laurenmurphyx64
added
TSC
@cfriedt With our company internal framework we are currently stuck on a 2.7 tag. Therefore I implemented against that, but tried to keep it as independent as possible to be hooked in at the right location (3.2 cmake files have been rather reorganized compared to 2.7). We will need it on 2.7-auditable-branch. My initial thought was that we would take the latest 2.7 tag as new 2.7-auditable-branch to get all the fixes. Does not work since 2.7-branch and 2.7-auditable-branch are very much out of sync due to misra fixes in auditable. Would it be ok to create a PR to main with a not tested, half finished implementation to get the attention and feedback? The main goal at this time is to get feedback on the mechanism and also to get some hints why basically all CMAKE__COMPILER/LINKER variables are empty (except for CMAKE_C_COMPILER). |
Add a generic way to integrate any static code analyzer into the cmake build script. - Writing the selected toolchain paths to the sca_export.json - Reading the static code analyzer toolchain paths from a sca_import.json and replacing the CMAKE_C_COMPILER settings with the values read from the json - Executing static code analyzer customized scripts updating the analyzers configuration (with the information in sca_export.json) - Support for a in tree and a out of tree location, allowing to integrate analyzers as part of Zephyr itself and as part of a customer environment using Zephyr as its base. Signed-off-by: Roman Kellner <[email protected]>
romkell
force-pushed
the
cmake_sca_integration_v2_7_2
branch
from
f471578 to
004d639
Compare
|
This is not a Backport task. What this PR is proposing to do is to merge a new feature into a previous release, which is something we do not do very often (in fact, we almost never do this). If you want to pull this into v2.7-auditable-branch, that is up to you and the Safety Committee; but, it will likely never go into the v2.7-branch or any other previous release branches. |
@stephanosio Please consider the v2.7-branch a mistake. Can we discuss the mechansim / solution proposal in this PR or do I need to create one aiming to main (I assume not getting a lot of feedback when aiming for 2.7-auditable-branch)? |
I would say creating one for main is going to be for the best. |
|
PR dropped and closed in favor of #51212. |
PR dropped and closed in favor of #51212.