add pvs-studio analyze to ci

hathach · hathach · commit 948ba203ca8d · 2025-10-25T00:15:41.000+07:00
diff --git a/.github/workflows/build_util.yml b/.github/workflows/build_util.yml
@@ -20,10 +20,6 @@ on:
         required: false
         default: false
         type: boolean
-      analyze-pvs:
-        required: false
-        default: false
-        type: boolean
       os:
         required: false
         type: string
@@ -72,28 +68,6 @@ jobs:
           fi
         shell: bash
 
-      - name: PVS-Studio analyze
-        if: ${{ inputs.analyze-pvs }}
-        run: |
-          wget -q -O - https://files.pvs-studio.com/etc/pubkey.txt | sudo apt-key add -
-          sudo wget -O /etc/apt/sources.list.d/viva64.list https://files.pvs-studio.com/etc/viva64.list
-          sudo apt update
-          sudo apt install pvs-studio
-          pvs-studio-analyzer credentials ${{ secrets.PVS_STUDIO_CREDENTIALS }}
-          mkdir -p sarif-reports
-          for build_dir in cmake-build/cmake-build-*; do
-            BOARD=${build_dir#cmake-build/cmake-build-}
-            pvs-studio-analyzer analyze -f ${build_dir}/compile_commands.json -j -o ${build_dir}/pvs-report.log --exclude-path hw/mcu/ --exclude-path lib/
-            plog-converter -t sarif -o sarif-reports/${BOARD}.sarif ${build_dir}/pvs-report.log
-          done
-
-      - name: PVS-Studio upload SARIF
-        if: ${{ inputs.analyze-pvs }}
-        uses: github/codeql-action/upload-sarif@v4
-        with:
-          sarif_file: sarif-reports/
-          category: PVS-Studio
-
       - name: Upload Artifacts for Hardware Testing
         if: ${{ inputs.upload-artifacts }}
         uses: actions/upload-artifact@v4
diff --git a/.github/workflows/static_analysis.yml b/.github/workflows/static_analysis.yml
@@ -29,15 +29,40 @@ jobs:
 #          args: >
 #            --define "sonar.cfamily.compile-commands=${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json"
   PVS-Studio:
-    uses: ./.github/workflows/build_util.yml
+    runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
         board:
           - 'stm32h743eval'
-    with:
-      build-system: 'cmake'
-      toolchain: 'arm-gcc'
-      build-args: '-b${{ matrix.board }}'
-      one-per-family: true
-      analyze-pvs: true
+    steps:
+      - name: Checkout TinyUSB
+        uses: actions/checkout@v4
+
+      - name: Get Dependencies
+        uses: ./.github/actions/get_deps
+        with:
+          arg: -b${{ matrix.board }}
+
+      - name: Setup Toolchain
+        uses: ./.github/actions/setup_toolchain
+        with:
+          toolchain: 'arm-gcc'
+
+      - name: Analyze
+        run: |
+          wget -q -O - https://files.pvs-studio.com/etc/pubkey.txt | sudo apt-key add -
+          sudo wget -O /etc/apt/sources.list.d/viva64.list https://files.pvs-studio.com/etc/viva64.list
+          sudo apt update
+          sudo apt install pvs-studio
+          pvs-studio-analyzer credentials ${{ secrets.PVS_STUDIO_CREDENTIALS }}
+          cmake examples -B build -G Ninja -DBOARD=${{ matrix.board }} -DCMAKE_BUILD_TYPE=MinSizeRel
+          cmake --build build
+          pvs-studio-analyzer analyze -f build/compile_commands.json -j --exclude-path hw/mcu/ --exclude-path lib/
+          plog-converter -t sarif -o pvs.sarif PVS-Studio.log
+
+      - name: Upload SARIF
+        uses: github/codeql-action/upload-sarif@v4
+        with:
+          sarif_file: pvs.sarif
+          category: PVS-Studio
