-
Notifications
You must be signed in to change notification settings - Fork 2.1k
132 lines (111 loc) · 4.56 KB
/
analyze.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: Analyze
on:
push:
pull_request:
workflow_dispatch:
release:
types: [published]
env:
PROJECT_TYPE: UEFI
jobs:
analyze-shell-scripts:
name: Shell Scripts
runs-on: macos-latest
env:
JOB_TYPE: ANALYZE
HOMEBREW_NO_INSTALL_CLEANUP: 1
steps:
- uses: actions/checkout@v4
# Due to brew adopting PEP 668 https://github.com/orgs/Homebrew/discussions/3404 pip installs should be in a Python venv
- name: Install Dependencies
run: |
brew install shellcheck
python3 -m venv ~/pyenv
source ~/pyenv/bin/activate
python3 -m pip install pyyaml
- name: CI Bootstrap
run: |
src=$(/usr/bin/curl -LfsS https://raw.githubusercontent.com/acidanthera/ocbuild/master/ci-bootstrap.sh) && eval "$src" || exit 1
- name: Run shellcheck
run: find . \( -name "*.tool" -o -name "*.command" -o -name "*.sh" \) -exec sh -c 'for TargetFile; do shellcheck --severity=info "${TargetFile}" || exit 1; done' sh {} +
- name: Check AppleModels
working-directory: AppleModels
run: |
source ~/pyenv/bin/activate
python3 ./update_generated.py || exit 1
if [ "$(git status --porcelain)" != "" ]; then echo "DataBase desync"; exit 1 ; fi
- name: Lint Samples
run: |
File='Docs/Sample.plist'
plutil -lint "${File}" || exit 1
/usr/libexec/PlistBuddy -c 'Save' "${File}"
awk ' /<data>$/ {inside=1; printf $0; next}
/<\/data>$/ {inside=0; print "</data>"; next}
inside {gsub ("\t", "", $0); printf $0; next}
{print}' "${File}" > "${File}.tmp" && mv "${File}.tmp" "${File}"
if [ "$(git diff ${File})" != '' ]; then echo "Not in Xcode style or not in alphabetical order!!"; exit 1 ; fi
File='Docs/SampleCustom.plist'
plutil -lint "${File}" || exit 1
/usr/libexec/PlistBuddy -c 'Save' "${File}"
awk ' /<data>$/ {inside=1; printf $0; next}
/<\/data>$/ {inside=0; print "</data>"; next}
inside {gsub ("\t", "", $0); printf $0; next}
{print}' "${File}" > "${File}.tmp" && mv "${File}.tmp" "${File}"
if [ "$(git diff ${File})" != '' ]; then echo "Not in Xcode style or not in alphabetical order!!"; exit 1 ; fi
analyze-python-scripts:
name: Python Scripts
runs-on: ubuntu-22.04
env:
JOB_TYPE: ANALYZE
steps:
- uses: actions/checkout@v4
- name: Install Dependencies
run: |
python3 -m pip install prospector
- name: Run prospector
run: |
/usr/bin/curl -L https://raw.githubusercontent.com/acidanthera/ocbuild/master/prospector/profile.yml -o profile.yml || exit 1
python3 -m prospector . -P ./profile.yml | tee prospector_result.txt || exit 1
- name: Upload prospector result to Artifacts
uses: actions/upload-artifact@v4
if: failure()
with:
name: Prospector Artifacts
path: ./prospector_result.txt
analyze-docs-linux:
name: Documentation
runs-on: ubuntu-22.04
if: github.repository_owner == 'acidanthera' && github.ref_name == 'master'
steps:
- uses: actions/checkout@v4
- name: Install Dependencies
run: |
sudo apt-get update
sudo apt-get install texlive latexdiff
- name: Check documentation
run: ./Docs/BuildDocs.tool --check-docs
analyze-coverity:
name: Coverity
runs-on: ubuntu-22.04
env:
JOB_TYPE: COVERITY
TOOLCHAINS: GCC
if: github.repository_owner == 'acidanthera' && github.event_name != 'pull_request'
steps:
- uses: actions/checkout@v4
- name: Install Dependencies
run: |
sudo apt-get update
sudo apt-get install curl nasm uuid-dev libssl-dev iasl
- name: CI Bootstrap
run: |
src=$(/usr/bin/curl -LfsS https://raw.githubusercontent.com/acidanthera/ocbuild/master/ci-bootstrap.sh) && eval "$src" || exit 1
- run: ./build_oc.tool --skip-build --skip-package
- name: Run Coverity
working-directory: UDK
run: |
src=$(/usr/bin/curl -LfsS https://raw.githubusercontent.com/acidanthera/ocbuild/master/coverity/covstrap-linux.sh) && eval "$src" || exit 1
env:
COVERITY_SCAN_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
COVERITY_SCAN_EMAIL: ${{ secrets.COVERITY_SCAN_EMAIL }}
COVERITY_BUILD_COMMAND: ../build_oc.tool --skip-tests --skip-package RELEASE