-
Notifications
You must be signed in to change notification settings - Fork 83
155 lines (136 loc) · 5.89 KB
/
clang_tidy.yml
File metadata and controls
155 lines (136 loc) · 5.89 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
# *******************************************************************************
# Copyright (c) 2026 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
#
# This program and the accompanying materials are made available under the
# terms of the Apache License Version 2.0 which is available at
# https://www.apache.org/licenses/LICENSE-2.0
#
# SPDX-License-Identifier: Apache-2.0
# *******************************************************************************
# Workflow: Clang-Tidy PR check (voting).
#
# Runs clang-tidy on every pull_request and push to main.
# - Writes a job summary with error/warning counts.
# - Uploads findings as a downloadable artifact (clang-tidy-findings).
# - Fails the check if any clang-tidy *errors* are found.
#
# Cache is saved only on pushes to main (not on PRs) to avoid
# cache poisoning from unreviewed code.
name: Clang-Tidy Check
on:
pull_request:
types: [opened, reopened, synchronize]
push:
branches: [main]
merge_group:
types: [checks_requested]
permissions:
contents: read
concurrency:
group: clang-tidy-pr-${{ github.event.pull_request.number || github.run_id }}
cancel-in-progress: true
env:
ANDROID_HOME: ""
ANDROID_SDK_ROOT: ""
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
jobs:
clang-tidy:
runs-on: ubuntu-24.04
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Free Disk Space (Ubuntu)
uses: eclipse-score/more-disk-space@v1
with:
level: 4
- uses: castler/setup-bazel@cache-optimized
with:
bazelisk-cache: true
disk-cache: "clang_tidy"
repository-cache: true
cache-optimized: true
cache-save: ${{ github.ref == 'refs/heads/main' }}
- name: Allow linux-sandbox
uses: ./actions/unblock_user_namespace_for_linux_sandbox
- name: Run clang-tidy via Bazel
id: run-clang-tidy
# continue-on-error so we can collect findings and upload the artifact
# even when the Bazel invocation exits non-zero.
continue-on-error: true
run: |
bazel test --config=clang-tidy //... \
2>&1 | tee clang_tidy_raw.log
- name: Collect findings
id: findings
run: |
# aspect_rules_lint writes one .out file per target under bazel-bin.
# -L is needed because bazel-bin is a symlink.
ERRORS=$(find -L bazel-bin -name "*.AspectRulesLintClangTidy.out" 2>/dev/null \
| xargs cat 2>/dev/null \
| grep -c "error:" || true)
WARNINGS=$(find -L bazel-bin -name "*.AspectRulesLintClangTidy.out" 2>/dev/null \
| xargs cat 2>/dev/null \
| grep -c "warning:" || true)
TOTAL=$((ERRORS + WARNINGS))
echo "errors=${ERRORS}" >> $GITHUB_OUTPUT
echo "warnings=${WARNINGS}" >> $GITHUB_OUTPUT
echo "total=${TOTAL}" >> $GITHUB_OUTPUT
# ── Count errors only in C++ files changed by this PR ─────────────
# For push to main: all errors are blocking.
# For pull_request with no C++ changes: nothing to block on.
# For pull_request with C++ changes: only errors in changed files block.
if [[ "$GITHUB_EVENT_NAME" == "pull_request" ]]; then
CHANGED_CPP=$(git diff --name-only "origin/${GITHUB_BASE_REF}...HEAD" 2>/dev/null \
| grep -E '\.(cpp|h|cc|cxx|hpp)$' || true)
if [[ -z "$CHANGED_CPP" ]]; then
ERRORS_BLOCKING=0
else
PATTERN=$(echo "$CHANGED_CPP" | tr '\n' '|' | sed 's/|$//')
ERRORS_BLOCKING=$(find -L bazel-bin -name "*.AspectRulesLintClangTidy.out" 2>/dev/null \
| xargs cat 2>/dev/null \
| grep -E "(${PATTERN})" \
| grep -c "error:" || true)
fi
else
ERRORS_BLOCKING=$ERRORS
fi
echo "errors_blocking=${ERRORS_BLOCKING}" >> $GITHUB_OUTPUT
# ── Write findings to file for artifact ───────────────────────────
find -L bazel-bin -name "*.AspectRulesLintClangTidy.out" 2>/dev/null \
| xargs cat 2>/dev/null > clang_tidy_findings.txt || true
# ── Job summary ──────────────────────────────────────────────────
{
echo "## Clang-Tidy Results"
echo ""
echo "| Metric | Count |"
echo "|--------|------:|"
echo "| :x: Errors (total) | **${ERRORS}** |"
echo "| :x: Errors (in changed files) | **${ERRORS_BLOCKING}** |"
echo "| :warning: Warnings | **${WARNINGS}** |"
echo "| Total | **${TOTAL}** |"
if [[ "${ERRORS_BLOCKING}" -gt 0 ]]; then
echo ""
echo "> :x: **Check failed** — clang-tidy errors found in changed files. Fix before merging."
else
echo ""
echo "> :white_check_mark: **Check passed** — no errors in changed files."
fi
} >> "$GITHUB_STEP_SUMMARY"
- name: Upload clang-tidy findings as artifact
if: always()
uses: actions/upload-artifact@v4
with:
name: clang-tidy-findings
path: |
clang_tidy_findings.txt
clang_tidy_raw.log
if-no-files-found: ignore
retention-days: 7
- name: Fail check if clang-tidy errors found in changed files
if: steps.findings.outputs.errors_blocking != '0'
run: |
echo "::error::Clang-tidy found ${{ steps.findings.outputs.errors_blocking }} error(s) in changed files. See the 'clang-tidy-findings' artifact for details."
exit 1