Code analysis #47

Workflow file for this run

.github/workflows/code-analysis.yaml at b78be0c

	name: "Code analysis"

	on:
	workflow_call:
	inputs:
	os:
	required: false
	type: string
	default: "ubuntu-22.04-amd64"
	full-scan:
	required: false
	type: boolean
	default: false
	workflow_dispatch:
	inputs:
	os:
	required: false
	type: string
	default: "ubuntu-22.04-amd64"
	full-scan:
	required: false
	type: boolean
	default: false

	jobs:
	build-docker-image:
	uses: ./.github/workflows/build-docker-artifact.yaml
	secrets: inherit
	with:
	os: ${{ inputs.os }}


	clang-tidy:
	needs: build-docker-image
	env:
	ARCH_NAME: wormhole_b0
	runs-on:
	- build
	- in-service
	steps:
	- name: Verify ccache availability
	shell: bash
	run: \|
	if [ ! -d "/mnt/MLPerf/ccache" ]; then
	echo "::error title=ccache-mlperf-not-mounted::NFS drive is not mounted; build machine not properly provisioned."
	exit 1
	fi
	if [ ! -d "$HOME/.ccache-ci" ]; then
	echo "::error title=ccache-not-provisioned::Ccache is not properly provisioned."
	exit 1
	fi
	- name: Set up dynamic env vars for build
	run: \|
	echo "TT_METAL_HOME=$(pwd)" >> $GITHUB_ENV
	echo "RUNNER_UID=$(id -u)" >> $GITHUB_ENV
	echo "RUNNER_GID=$(id -g)" >> $GITHUB_ENV
	- name: Generate docker tag
	id: generate-docker-tag
	uses: ./.github/actions/generate-docker-tag
	with:
	image: tt-metalium/${{ inputs.os }}
	- name: Docker login
	uses: docker/login-action@v3
	with:
	registry: https://ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}
	- name: Pull docker image
	run: docker pull ${{ env.TT_METAL_DOCKER_IMAGE_TAG }}

	- name: Check out repo
	uses: actions/checkout@v4
	with:
	fetch-depth: 0
	submodules: recursive
	clean: true

	- name: Determine merge base
	if: github.ref_name != 'main' && !inputs.full-scan
	run: \|
	echo "Current branch: ${{ github.ref_name }}"
	MERGE_BASE=$(git merge-base ${{ github.ref_name }} origin/main)
	echo "Merge base between ${{ github.ref_name }} and main: $MERGE_BASE"
	echo "MERGE_BASE=$MERGE_BASE" >> $GITHUB_ENV

	- name: Check out baseline
	if: github.ref_name != 'main' && !inputs.full-scan
	uses: actions/checkout@v4
	with:
	ref: ${{ env.MERGE_BASE }}
	fetch-depth: 0
	submodules: recursive
	clean: true

	- name: Create baseline
	if: github.ref_name != 'main' && !inputs.full-scan
	uses: addnab/docker-run-action@v3
	with:
	image: ${{ env.TT_METAL_DOCKER_IMAGE_TAG }}
	options: \|
	--rm
	--tmpfs /tmp
	-u ${{ env.RUNNER_UID }}:${{ env.RUNNER_GID }}
	--group-add 1457
	-v ${{ github.workspace }}:${{ github.workspace }}
	-v /etc/passwd:/etc/passwd:ro
	-v /etc/shadow:/etc/shadow:ro
	-v /etc/bashrc:/etc/bashrc:ro
	-v /home/ubuntu/.ccache-ci:/home/ubuntu/.ccache
	-v /mnt/MLPerf/ccache:/mnt/MLPerf/ccache
	-e ARCH_NAME=${{ env.ARCH_NAME }}
	-e CARGO_HOME=${{ github.workspace }}/.cargo
	-w ${{ github.workspace }}
	run: \|
	set -eu # basic shell hygiene

	# /tmp is a tmpfs; more efficient than persisted storage
	mkdir -p /tmp/ccache
	export CCACHE_TEMPDIR=/tmp/ccache

	# Zero out the stats so we can see how we did this build
	# NOTE: may be inaccurate if we have >1 build runner on the same machine, using the same local cache
	ccache -z

	# Suppress clang-tidy to first get an up-to-date build tree
	ln -sf /usr/bin/true ./clang-tidy-shim

	cmake --preset clang-tidy -DCMAKE_CXX_CLANG_TIDY=$(pwd)/clang-tidy-shim -DCMAKE_C_CLANG_TIDY=$(pwd)/clang-tidy-shim
	nice -n 19 cmake --build --preset clang-tidy

	mkdir -p out
	ccache -s > out/ccache.stats

	- name: Publish Ccache summary
	if: github.ref_name != 'main' && !inputs.full-scan
	run: \|
	echo '## CCache Summary (baseline)' >> $GITHUB_STEP_SUMMARY
	echo '```' >> $GITHUB_STEP_SUMMARY
	cat out/ccache.stats >> $GITHUB_STEP_SUMMARY
	echo '```' >> $GITHUB_STEP_SUMMARY

	- name: Checkout repo
	uses: actions/checkout@v4
	with:
	submodules: recursive
	clean: false

	- name: Analyze code with clang-tidy
	uses: addnab/docker-run-action@v3
	with:
	image: ${{ env.TT_METAL_DOCKER_IMAGE_TAG }}
	options: \|
	--rm
	--tmpfs /tmp
	-u ${{ env.RUNNER_UID }}:${{ env.RUNNER_GID }}
	--group-add 1457
	-v ${{ github.workspace }}:${{ github.workspace }}
	-v /etc/passwd:/etc/passwd:ro
	-v /etc/shadow:/etc/shadow:ro
	-v /etc/bashrc:/etc/bashrc:ro
	-v /home/ubuntu/.ccache-ci:/home/ubuntu/.ccache
	-v /mnt/MLPerf/ccache:/mnt/MLPerf/ccache
	-e ARCH_NAME=${{ env.ARCH_NAME }}
	-e CARGO_HOME=${{ github.workspace }}/.cargo
	-w ${{ github.workspace }}
	run: \|
	set -eu # basic shell hygiene

	# /tmp is a tmpfs; more efficient than persisted storage
	mkdir -p /tmp/ccache
	export CCACHE_TEMPDIR=/tmp/ccache

	# Zero out the stats so we can see how we did this build
	# NOTE: may be inaccurate if we have >1 build runner on the same machine, using the same local cache
	ccache -z

	# Restore shim to legit clang-tidy
	# Symlink tomfoolery here so that Ninja believes the build command has not changed from the previous run
	ln -sf $(which clang-tidy-17) ./clang-tidy-shim

	cmake --preset clang-tidy -DCMAKE_CXX_CLANG_TIDY="$(pwd)/clang-tidy-shim;--warnings-as-errors=" -DCMAKE_C_CLANG_TIDY="$(pwd)/clang-tidy-shim;--warnings-as-errors="
	nice -n 19 cmake --build --preset clang-tidy
	mkdir -p out
	ccache -s > out/ccache.stats
	- name: Publish Ccache summary
	run: \|
	echo '## CCache Summary' >> $GITHUB_STEP_SUMMARY
	echo '```' >> $GITHUB_STEP_SUMMARY
	cat out/ccache.stats >> $GITHUB_STEP_SUMMARY
	echo '```' >> $GITHUB_STEP_SUMMARY

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Code analysis #47

Workflow file

Code analysis #47

Jobs

Run details

Workflow file for this run