-
Notifications
You must be signed in to change notification settings - Fork 257
42 lines (30 loc) · 1.15 KB
/
tidy-analysis-stage-01.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# Insecure workflow with limited permissions that should provide analysis
# results through an artifact.
name: Tidy analysis
on: pull_request
jobs:
clang-tidy:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 2
- name: Install clang-tidy
run: |
sudo apt-get update
sudo apt-get install -y clang-tidy-12
- name: Prepare compile_commands.json
run: cmake -S . -B build -DCMAKE_EXPORT_COMPILE_COMMANDS=ON
- name: Create results directory
run: mkdir clang-tidy-result
- name: Analyze
run: git diff -U0 HEAD^ | clang-tidy-diff-12.py -p1 -regex ".+hpp" -extra-arg=-Iinclude -extra-arg=-std=c++17 -export-fixes clang-tidy-result/fixes.yml
- name: Save PR metadata
run: |
echo ${{ github.event.number }} > clang-tidy-result/pr-id.txt
echo ${{ github.event.pull_request.head.repo.full_name }} > clang-tidy-result/pr-head-repo.txt
echo ${{ github.event.pull_request.head.ref }} > clang-tidy-result/pr-head-ref.txt
- uses: actions/upload-artifact@v2
with:
name: clang-tidy-result
path: clang-tidy-result/