From 6939d56c6e45722a9cbcc1cf3d8943a0082fff47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20Gro=C3=9F?= Date: Tue, 16 Jun 2026 15:16:37 +0200 Subject: [PATCH 1/7] Update repository name in README. --- README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index d649c54..85447d2 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ job: cmake .. -DCMAKE_BUILD_TYPE=Debug -DCMAKE_EXPORT_COMPILE_COMMANDS=ON # Run the analysis - - uses: whisperity/codechecker-analysis-action@v1 + - uses: whisperity/codechecker-action@v1 id: codechecker with: logfile: ${{ github.workspace }}/Build/compile_commands.json @@ -89,7 +89,7 @@ job: cmake .. -DCMAKE_BUILD_TYPE=Debug -DCMAKE_EXPORT_COMPILE_COMMANDS=OFF # Run the analysis - - uses: whisperity/codechecker-analysis-action@v1 + - uses: whisperity/codechecker-action@v1 id: codechecker with: build-command: "cd ${{ github.workspace }}/Build; cmake --build ." @@ -124,7 +124,7 @@ job: cmake .. -DCMAKE_BUILD_TYPE=Debug -DCMAKE_EXPORT_COMPILE_COMMANDS=OFF # Run the analysis - - uses: whisperity/codechecker-analysis-action@v1 + - uses: whisperity/codechecker-action@v1 id: codechecker with: build-command: "cd ${{ github.workspace }}/Build; cmake --build ." @@ -166,7 +166,7 @@ job: cmake .. -DCMAKE_BUILD_TYPE=Debug -DCMAKE_EXPORT_COMPILE_COMMANDS=OFF # Run the analysis - - uses: whisperity/codechecker-analysis-action@v1 + - uses: whisperity/codechecker-action@v1 id: codechecker with: build-command: "cd ${{ github.workspace }}/Build; cmake --build ." @@ -204,7 +204,7 @@ runs: cmake .. -DCMAKE_BUILD_TYPE=Debug -DCMAKE_EXPORT_COMPILE_COMMANDS=OFF # Run the analysis - - uses: whisperity/codechecker-analysis-action@v1 + - uses: whisperity/codechecker-action@v1 id: codechecker with: build-command: "cd ${{ github.workspace }}/Build; cmake --build ." @@ -272,7 +272,7 @@ job: pylint -f json --exit-zero myproject > pylint_reports.json # Run the conversion - - uses: whisperity/codechecker-analysis-action@v1 + - uses: whisperity/codechecker-action@v1 id: codechecker with: report-converter: true From 9c9840f8e96b10f43de37179c81fc247a1b1c772 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20Gro=C3=9F?= Date: Tue, 16 Jun 2026 15:16:45 +0200 Subject: [PATCH 2/7] Fix typo in README. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 85447d2..d2878ba 100644 --- a/README.md +++ b/README.md @@ -214,7 +214,7 @@ runs: store-username: ${{ secrets.CODECHECKER_STORE_USER }} store-password: ${{ secrets.CODECHECKER_STORE_PASSWORD }} # Keep the names for 'store' and 'diff' in sync, or auto-generated! - # diff-run-name: "custom run name to store with" + # store-run-name: "custom run name to store with" diff: ${{ github.event_name == 'pull_request' }} diff-url: 'http://example.com:8001/MyProject' From 117a5837c2786bf4cb64070c3e02fb1d557ca04d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20Gro=C3=9F?= Date: Tue, 16 Jun 2026 15:18:25 +0200 Subject: [PATCH 3/7] Work around https://github.com/actions/runner/issues/716 by using GITHUB_ACTION_PATH instead of github.action_path. --- action.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/action.yml b/action.yml index b327ad3..943e1f2 100644 --- a/action.yml +++ b/action.yml @@ -160,7 +160,7 @@ runs: env: IN_LLVM_VERSION: ${{ inputs.llvm-version }} shell: bash - run: ${{ github.action_path }}/src/get-llvm.sh + run: ${GITHUB_ACTION_PATH}/src/get-llvm.sh - name: "Build and Package CodeChecker" id: codechecker @@ -177,9 +177,9 @@ runs: fi if [[ "$IN_INSTALL_CUSTOM" == "true" ]]; then - ${{ github.action_path }}/src/build-codechecker.sh + ${GITHUB_ACTION_PATH}/src/build-codechecker.sh else - ${{ github.action_path }}/src/pip-codechecker.sh + ${GITHUB_ACTION_PATH}/src/pip-codechecker.sh fi - name: "Prepare JSON Compilation Database" @@ -194,7 +194,7 @@ runs: OUT_FILE: ${{ github.workspace }}/${{ github.action }}_codechecker_compilation_database.json shell: bash - run: ${{ github.action_path }}/src/get-or-create-build-json.sh + run: ${GITHUB_ACTION_PATH}/src/get-or-create-build-json.sh - name: "Execute static analysis for C/C++" id: analyze @@ -209,7 +209,7 @@ runs: IN_IGNORE_CRASHES: ${{ inputs.ignore-analyze-crashes }} IN_OUTPUT_DIR: ${{ inputs.analyze-output }} shell: bash - run: ${{ github.action_path }}/src/execute-analysis.sh + run: ${GITHUB_ACTION_PATH}/src/execute-analysis.sh - name: "Perform report-converter" id: report-convert @@ -223,7 +223,7 @@ runs: IN_IGNORE_CRASHES: ${{ inputs.ignore-analyze-crashes }} IN_OUTPUT_DIR: ${{ inputs.analyze-output }} shell: bash - run: ${{ github.action_path }}/src/report-converter.sh + run: ${GITHUB_ACTION_PATH}/src/report-converter.sh # This step is needed because it is forbidden to reuse the 'id' of a step, # even if the two steps taking the same 'id' are mutually exclusive. @@ -254,7 +254,7 @@ runs: IN_CONFIGFILE: ${{ inputs.config }} shell: bash - run: ${{ github.action_path }}/src/parse-results.sh + run: ${GITHUB_ACTION_PATH}/src/parse-results.sh - name: "Generate the configuration for diffing current results against previously stored" id: diff-pre @@ -271,7 +271,7 @@ runs: GITHUB_REF_NAME: ${{ github.ref_name }} GITHUB_REF_TYPE: ${{ github.ref_type }} shell: bash - run: ${{ github.action_path }}/src/diff-pre.sh + run: ${GITHUB_ACTION_PATH}/src/diff-pre.sh - name: "Diff current results against previously stored run" id: diff @@ -285,7 +285,7 @@ runs: IN_CONFIGFILE: ${{ inputs.config }} IN_DIFF_URL: ${{ inputs.diff-url }} shell: bash - run: ${{ github.action_path }}/src/diff.sh + run: ${GITHUB_ACTION_PATH}/src/diff.sh - name: "Generate the configuration for uploading results" id: store-pre @@ -301,7 +301,7 @@ runs: GITHUB_REF_TYPE: ${{ github.ref_type }} GITHUB_SHA: ${{ github.sha }} shell: bash - run: ${{ github.action_path }}/src/store-pre.sh + run: ${GITHUB_ACTION_PATH}/src/store-pre.sh - name: "Store analysis results to server" id: store @@ -316,4 +316,4 @@ runs: IN_CONFIGFILE: ${{ inputs.config }} IN_STORE_URL: ${{ inputs.store-url }} shell: bash - run: ${{ github.action_path }}/src/store.sh + run: ${GITHUB_ACTION_PATH}/src/store.sh From 598cab9482feb9f248f993bb12442ae5efee3280 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20Gro=C3=9F?= Date: Tue, 16 Jun 2026 15:18:54 +0200 Subject: [PATCH 4/7] Don't fail installing Clang if Clang isn't already installed. --- src/get-llvm.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/get-llvm.sh b/src/get-llvm.sh index 1627379..1711d74 100755 --- a/src/get-llvm.sh +++ b/src/get-llvm.sh @@ -7,8 +7,8 @@ set -u echo "::group::Installing LLVM" -update-alternatives --query clang -update-alternatives --query clang-tidy +update-alternatives --query clang || echo "No clang installed. Continuing…" +update-alternatives --query clang-tidy || echo "No clang-tidy installed. Continuing…" export DISTRO_FANCYNAME="$(lsb_release -c | awk '{ print $2 }')" curl -sL http://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add - From b9dac57fc29a960025481ce9e43a7751f20bbd03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20Gro=C3=9F?= Date: Tue, 16 Jun 2026 15:25:16 +0200 Subject: [PATCH 5/7] Allow specifying analyzer-config. --- action.yml | 4 ++++ src/execute-analysis.sh | 9 ++++++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 943e1f2..7597eb7 100644 --- a/action.yml +++ b/action.yml @@ -46,6 +46,9 @@ inputs: description: 'If set to "true", the "analyze" action will ALWAYS pass, and not report a failure if some analysis jobs fail to execute due to internal crashes in the Clang analysers.' required: true default: 'true' + analyzer-config: + description: "Same as CodeChecker's `--analyzer-config`. E.g.: `cppcheck:cc-verbatim-args-file=cppcheck_args.txt`" + required: false report-converter: description: 'Whether to perform report conversion from analyses executed by third-party analysers instead of driving the analysis via CodeChecker directly.' @@ -206,6 +209,7 @@ runs: IN_CONFIGFILE: ${{ inputs.config }} IN_CTU: ${{ inputs.ctu }} + IN_ANALYZER_CONFIG: ${{ inputs.analyzer-config }} IN_IGNORE_CRASHES: ${{ inputs.ignore-analyze-crashes }} IN_OUTPUT_DIR: ${{ inputs.analyze-output }} shell: bash diff --git a/src/execute-analysis.sh b/src/execute-analysis.sh index 9830a4e..66a545a 100755 --- a/src/execute-analysis.sh +++ b/src/execute-analysis.sh @@ -26,6 +26,12 @@ if [[ "$IN_CTU" == "true" ]]; then CTU_FLAGS="--ctu --ctu-ast-mode load-from-pch" echo "::notice title=Cross Translation Unit analyis::CTU has been enabled, the analysis might take a long time!" fi + +if [[ ! -z "$IN_ANALYZER_CONFIG" ]]; then + ANALYZER_CONFIG_FLAG_1="--analyzer-config" + ANALYZER_CONFIG_FLAG_2=$IN_ANALYZER_CONFIG + echo "Using analyzer-config: \"$IN_ANALYZER_CONFIG\"!" +fi echo "::endgroup::" "$CODECHECKER_PATH"/CodeChecker analyzers \ @@ -38,7 +44,8 @@ echo "::group::Executing Static Analysis" --output "$OUTPUT_DIR" \ --jobs $(nproc) \ $CONFIG_FLAG_1 $CONFIG_FLAG_2 \ - $CTU_FLAGS + $CTU_FLAGS \ + $ANALYZER_CONFIG_FLAG_1 $ANALYZER_CONFIG_FLAG_2 EXIT_CODE=$? echo "::endgroup::" From ee432ecece8643476f93937f6b9c72a52834e45b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20Gro=C3=9F?= Date: Tue, 16 Jun 2026 15:28:17 +0200 Subject: [PATCH 6/7] Allow specifying a skipfile. --- action.yml | 4 ++++ src/execute-analysis.sh | 9 ++++++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index 7597eb7..9fd4fdb 100644 --- a/action.yml +++ b/action.yml @@ -49,6 +49,9 @@ inputs: analyzer-config: description: "Same as CodeChecker's `--analyzer-config`. E.g.: `cppcheck:cc-verbatim-args-file=cppcheck_args.txt`" required: false + skipfile: + description: "A file contianing which files to skip during analysis. Same as CodeChecker's `--skipfile` argument." + required: false report-converter: description: 'Whether to perform report conversion from analyses executed by third-party analysers instead of driving the analysis via CodeChecker directly.' @@ -210,6 +213,7 @@ runs: IN_CONFIGFILE: ${{ inputs.config }} IN_CTU: ${{ inputs.ctu }} IN_ANALYZER_CONFIG: ${{ inputs.analyzer-config }} + IN_SKIPFILE: ${{ inputs.skipfile }} IN_IGNORE_CRASHES: ${{ inputs.ignore-analyze-crashes }} IN_OUTPUT_DIR: ${{ inputs.analyze-output }} shell: bash diff --git a/src/execute-analysis.sh b/src/execute-analysis.sh index 66a545a..9d6e154 100755 --- a/src/execute-analysis.sh +++ b/src/execute-analysis.sh @@ -32,6 +32,12 @@ if [[ ! -z "$IN_ANALYZER_CONFIG" ]]; then ANALYZER_CONFIG_FLAG_2=$IN_ANALYZER_CONFIG echo "Using analyzer-config: \"$IN_ANALYZER_CONFIG\"!" fi + +if [[ ! -z "$IN_SKIPFILE" ]]; then + SKIPFILE_FLAG_1="--skip" + SKIPFILE_FLAG_2=$IN_SKIPFILE + echo "Using skipfile: \"$IN_SKIPFILE\"!" +fi echo "::endgroup::" "$CODECHECKER_PATH"/CodeChecker analyzers \ @@ -45,7 +51,8 @@ echo "::group::Executing Static Analysis" --jobs $(nproc) \ $CONFIG_FLAG_1 $CONFIG_FLAG_2 \ $CTU_FLAGS \ - $ANALYZER_CONFIG_FLAG_1 $ANALYZER_CONFIG_FLAG_2 + $ANALYZER_CONFIG_FLAG_1 $ANALYZER_CONFIG_FLAG_2 \ + $SKIPFILE_FLAG_1 $SKIPFILE_FLAG_2 EXIT_CODE=$? echo "::endgroup::" From ef11562e9c851b2d92482574327e21ad1ebb80a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian=20Gro=C3=9F?= Date: Tue, 16 Jun 2026 15:31:12 +0200 Subject: [PATCH 7/7] Fix authenticating on self-hosted Runners. GitHubs home changes randomly on self-hosted Runners. --- src/diff-pre.sh | 4 ++-- src/diff.sh | 1 + src/store-pre.sh | 4 ++-- src/store.sh | 1 + 4 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/diff-pre.sh b/src/diff-pre.sh index 9c79b78..455f952 100755 --- a/src/diff-pre.sh +++ b/src/diff-pre.sh @@ -10,7 +10,7 @@ fi if [[ ! -z "$IN_DIFF_USERNAME" && ! -z "$IN_DIFF_PASSWORD" ]]; then echo "Configuring credentials..." - cat < ~/.codechecker.passwords.json + cat < /.codechecker.passwords.json { "client_autologin": true, "credentials": { @@ -18,7 +18,7 @@ if [[ ! -z "$IN_DIFF_USERNAME" && ! -z "$IN_DIFF_PASSWORD" ]]; then } } EOF - chmod 0600 ~/.codechecker.passwords.json + chmod 0600 /.codechecker.passwords.json fi if [[ ! -z "$IN_DIFF_RUN_NAME" && "$IN_DIFF_RUN_NAME" != "__DEFAULT__" ]]; then diff --git a/src/diff.sh b/src/diff.sh index fa7a37f..611873e 100755 --- a/src/diff.sh +++ b/src/diff.sh @@ -28,6 +28,7 @@ fi OUTPUT_DIR="$RAW_RESULT_DIR"_DiffHTML OUTPUT_LOG="$(dirname "$RAW_RESULT_DIR")"/"$(basename "$RAW_RESULT_DIR")_Diff.log" mkdir -pv "$(dirname "$OUTPUT_DIR")" +export CC_PASS_FILE=/.codechecker.passwords.json echo "::endgroup::" echo "::group::Generating HTML results from diff" diff --git a/src/store-pre.sh b/src/store-pre.sh index f112857..f3d0d45 100755 --- a/src/store-pre.sh +++ b/src/store-pre.sh @@ -10,7 +10,7 @@ fi if [[ ! -z "$IN_STORE_USERNAME" && ! -z "$IN_STORE_PASSWORD" ]]; then echo "Configuring credentials..." - cat < ~/.codechecker.passwords.json + cat < /.codechecker.passwords.json { "client_autologin": true, "credentials": { @@ -18,7 +18,7 @@ if [[ ! -z "$IN_STORE_USERNAME" && ! -z "$IN_STORE_PASSWORD" ]]; then } } EOF - chmod 0600 ~/.codechecker.passwords.json + chmod 0600 /.codechecker.passwords.json fi if [[ ! -z "$IN_STORE_RUN_NAME" && "$IN_STORE_RUN_NAME" != "__DEFAULT__" ]]; then diff --git a/src/store.sh b/src/store.sh index 91dad26..c54cc01 100755 --- a/src/store.sh +++ b/src/store.sh @@ -35,6 +35,7 @@ if [[ ! -z "$CODECHECKER_STORE_RUN_TAG" ]]; then RUN_TAG_FLAG_1="--tag" RUN_TAG_FLAG_2=$CODECHECKER_STORE_RUN_TAG fi +export CC_PASS_FILE=/.codechecker.passwords.json echo "::endgroup::" echo "::group::Storing results to server"