Adds the code-inspector script (#3675)

* Adds the code-inspector script * Sets the code-inspector to run together with the others GitHub Analyzers * Removes code inspection from build-travis and refactors code-inspector so it can be reused
2022-01-18 15:54:15 -03:00 · 2022-01-18 15:54:15 -03:00 · 4502b196e4
commit 4502b196e4
parent 4cb8c3f63b
4 changed files with 60 additions and 17 deletions
--- a/.github/workflows/analyzers.yml
+++ b/.github/workflows/analyzers.yml
@ -30,3 +30,11 @@ jobs:
            cmake-format
      - name: Check cmake-format
        run: ci/cmake-format-check.sh
+
+  code_inspector:
+    runs-on: ubuntu-20.04
+    if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository
+    steps:
+      - uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e
+      - name: Run code-inspector
+        run: ci/code-inspector-check.sh
--- a/ci/build-travis.sh
+++ b/ci/build-travis.sh
@ -7,24 +7,9 @@ set -o nounset
 set -o xtrace
 OS=$(uname)

-# This is to prevent out of scope access in async_write from asio which is not picked up by static analysers
-if [[ $(grep -rl --exclude="*asio.hpp" "asio::async_write" ./nano) ]]; then
-    echo "Using boost::asio::async_write directly is not permitted (except in nano/lib/asio.hpp). Use nano::async_write instead"
-    exit 1
-fi
+source "$(dirname "$BASH_SOURCE")/impl/code-inspector.sh"
+code_inspect "${ROOTPATH:-.}"

-# prevent unsolicited use of std::lock_guard, std::unique_lock, std::condition_variable & std::mutex outside of allowed areas
-if [[ $(grep -rl --exclude={"*random_pool.cpp","*random_pool.hpp","*random_pool_shuffle.hpp","*locks.hpp","*locks.cpp"} "std::unique_lock\|std::lock_guard\|std::condition_variable\|std::mutex" ./nano) ]]; then
-    echo "Using std::unique_lock, std::lock_guard, std::condition_variable or std::mutex is not permitted (except in nano/lib/locks.hpp and non-nano dependent libraries). Use the nano::* versions instead"
-    exit 1
-fi
-
-if [[ $(grep -rlP "^\s*assert \(" ./nano) ]]; then
-    echo "Using assert is not permitted. Use debug_assert instead."
-    exit 1
-fi
-
-# prevent unsolicited use of std::lock_guard & std::unique_lock outside of allowed areas
 mkdir build
 pushd build

--- a/ci/code-inspector-check.sh
+++ b/ci/code-inspector-check.sh
@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+###################################################################################################
+
+source "$(dirname "$BASH_SOURCE")/impl/common.sh"
+source "$(dirname "$BASH_SOURCE")/impl/code-inspector.sh"
+
+###################################################################################################
+
+set -o errexit
+set -o nounset
+
+code_inspect "${ROOTPATH:-.}"
+
+echo "code-inspector check passed"
+
+###################################################################################################
--- a/ci/impl/code-inspector.sh
+++ b/ci/impl/code-inspector.sh
@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+
+###################################################################################################
+
+code_inspect()
+{
+    local SOURCE_ROOT_PATH=$1
+    if [[ $SOURCE_ROOT_PATH == "" ]]; then
+        echo "Missing the source code path" >&2
+        return 1
+    fi
+
+    # This is to prevent out of scope access in async_write from asio which is not picked up by static analysers
+    if [[ $(grep -rl --exclude="*asio.hpp" "asio::async_write" $SOURCE_ROOT_PATH/nano) ]]; then
+        echo "Using boost::asio::async_write directly is not permitted (except in nano/lib/asio.hpp). Use nano::async_write instead" >&2
+        return 1
+    fi
+
+    # prevent unsolicited use of std::lock_guard, std::unique_lock, std::condition_variable & std::mutex outside of allowed areas
+    if [[ $(grep -rl --exclude={"*random_pool.cpp","*random_pool.hpp","*random_pool_shuffle.hpp","*locks.hpp","*locks.cpp"} "std::unique_lock\|std::lock_guard\|std::condition_variable\|std::mutex" $SOURCE_ROOT_PATH/nano) ]]; then
+        echo "Using std::unique_lock, std::lock_guard, std::condition_variable or std::mutex is not permitted (except in nano/lib/locks.hpp and non-nano dependent libraries). Use the nano::* versions instead" >&2
+        return 1
+    fi
+
+    if [[ $(grep -rlP "^\s*assert \(" $SOURCE_ROOT_PATH/nano) ]]; then
+        echo "Using assert is not permitted. Use debug_assert instead." >&2
+        return 1
+    fi
+
+    return 0
+}
+
+###################################################################################################