feat: add the cppcheck runner (#1)

* feat: add the cppcheck runner

just the rust code for the cppcheck deepsource runner

* feat: add the Dockerfile

* feat: add cloudbuild to push image to dev

* fix: dockerfile target binary path

* fix: naming

* add: OWNERS list & enable DeepSource

* add: base image

* fix: Dockerfile

* fix: add proper issue code mapping

* add: spdlog to image

* chore: log cppcheck start and end time

* fix

* log more

* use multi threading for cppcheck

* chore: only lint on c family of files

* pipe command output to stdout & stderr

* feat: add support for caching

* fix: add comments and cleanup

* ci: add production cloudbuild depl

* fix: install cppcheck from source

* fix: pin version of cppcheck

* chore: update dockerfile

update libs to latests & support multiple destinations for prod build

* chore: cleanup dockerfile & don't run on header files

Author: swarnim-deepsource

.deepsource.toml

@@ -0,0 +1,23 @@
+version = 1
+
+test_patterns = [
+  "**/tests/**",
+  "**/*tests.rs"
+]
+
+exclude_patterns = [
+  "tests/**",
+  "**/tests/**",
+]
+
+[[analyzers]]
+name = "rust"
+
+  [analyzers.meta]
+  msrv = "stable"
+
+[[analyzers]]
+name = "secrets"
+
+[[transformers]]
+name = "rustfmt"

.github/CODEOWNERS

@@ -0,0 +1 @@
+*   @raghav-deepsource @srijan-deepsource @swarnim-deepsource @prajwal-deepsource

.gitignore

@@ -0,0 +1,3 @@
+/target
+/cppcheck_result.json
+/cppcheck_error.xml

Cargo.lock

@@ -0,0 +1,18 @@
+[package]
+name = "cppcheck-deepsource"
+version = "0.2.0"
+edition = "2021"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+# serialize & deserialize
+serde = { version = "1.0.144", features = ["derive"] }
+# json support
+serde_json = "1.0.85"
+log = { version = "0.4.17" }
+atty = "0.2.14"
+walkdir = "2.3.2"
+quick-xml = { version = "0.28.0", features = ["serialize"] }
+
+env_struct = "0.1.3"

Cargo.toml

@@ -0,0 +1,65 @@
+# -----------------------------------------------------------
+# Base Image with LLVM
+# -----------------------------------------------------------
+FROM ubuntu:22.04 as ubuntu_llvm
+ENV DEBIAN_FRONTEND=noninteractive
+
+# update the system and install any dependencies
+RUN apt-get update \
+    && apt-get upgrade -y libksba-dev \
+    && apt-get install -y git cmake build-essential byacc libpcre3 libpcre3-dev grep lsb-release wget software-properties-common gnupg libcurl4-openssl-dev unzip lcov --no-install-recommends # skipcq: DOK-DL3018
+
+# Get LLVM
+ARG LLVM_VER=15
+RUN wget --no-verbose https://apt.llvm.org/llvm.sh
+RUN chmod +x ./llvm.sh \
+  && ./llvm.sh ${LLVM_VER} \
+  && apt-get -y install libclang-${LLVM_VER}-dev libclang-cpp${LLVM_VER}-dev --no-install-recommends \
+  && apt-get clean \
+  && rm -rf /var/lib/apt/lists/*
+
+# Add environment variables for build
+ENV PATH="$PATH:/usr/lib/llvm-${LLVM_VER}/bin"
+ENV LLVM_INSTALL_DIR "/usr/lib/llvm-${LLVM_VER}"
+ENV SENTRY_INSTALL_DIR="/usr/lib/sentry-sdk"
+
+# Get Sentry
+ARG SENTRY_TAG=0.6.3
+RUN mkdir /sentry-sdk \
+  && cd /sentry-sdk \
+  && wget --no-verbose "https://github.com/getsentry/sentry-native/releases/download/${SENTRY_TAG}/sentry-native.zip" \
+  && unzip sentry-native.zip \
+  && cmake -B ./build \
+  && cmake --build ./build --parallel \
+  && cmake --install ./build --prefix "${SENTRY_INSTALL_DIR}"
+
+# Install spdlog
+RUN git clone --depth=1 --branch v1.11.0 https://github.com/gabime/spdlog.git \
+  && cd spdlog \
+  && cmake -B build \
+  && cmake --build build --parallel \
+  && cd build && make install
+
+# Install cppcheck
+RUN git clone --depth=1 --branch 2.10.3 https://github.com/danmar/cppcheck.git \
+  && cd cppcheck \
+  && cmake -B build -DHAVE_RULES=ON -DUSE_MATCHCOMPILER=ON -DCMAKE_BUILD_TYPE=RELEASE \
+  && cmake --build build --parallel 4 \
+  && cd build && make install
+
+# -----------------------------------------------------------
+# End
+# -----------------------------------------------------------
+
+FROM rust:slim-bookworm AS rs_builder
+
+RUN mkdir -p /code
+ADD . /code
+WORKDIR /code
+
+RUN cargo b --release
+
+FROM ubuntu_llvm
+
+RUN mkdir -p /toolbox
+COPY --from=rs_builder /code/target/release/cppcheck-deepsource /toolbox/

Dockerfile

@@ -0,0 +1 @@
+{ "files": [ "test.c" ] }

analysis_config.json

@@ -0,0 +1,13 @@
+timeout: 30m0s
+
+steps:
+  - name: 'gcr.io/kaniko-project/executor:v1.0.0'
+    args:
+    - --destination=us.gcr.io/deepsource-production/cppcheck-deepsource:$TAG_NAME
+    - --destination=us.gcr.io/deepsource-production/cppcheck-deepsource:latest
+    - --dockerfile=Dockerfile
+    - --cache=false
+    - --snapshotMode=redo
+
+options:
+  machineType: 'E2_HIGHCPU_8'

cloudbuild_depl.yaml

@@ -0,0 +1,13 @@
+timeout: 30m0s
+
+steps:
+- name: 'gcr.io/kaniko-project/executor:v1.0.0'
+  args:
+  - --destination=us.gcr.io/deepsource-dev/cppcheck-deepsource:dev
+  - --dockerfile=Dockerfile
+  - --cache=true
+  - --cache-ttl=24h
+  - --snapshotMode=redo
+
+options:
+  machineType: 'E2_HIGHCPU_8'

cloudbuild_depl_dev.yaml

@@ -0,0 +1,38 @@
+use std::path::PathBuf;
+
+use serde::Deserialize;
+
+#[derive(Default, Deserialize, Debug)]
+pub struct AnalyzerConfig {
+    files: Vec<PathBuf>,
+    #[serde(default)]
+    pub analyzer_meta: AnalyzerMeta,
+}
+
+impl AnalyzerConfig {
+    pub fn cxx_files(self) -> Vec<PathBuf> {
+        self.files
+            .into_iter()
+            .filter(|f| !f.is_symlink())
+            .filter(|f| f.is_file())
+            .filter(|f| {
+                f.extension()
+                    .map(|x| x.eq("cpp") | x.eq("c"))
+                    .unwrap_or_default()
+            })
+            // ignore files > ~25MB in size
+            .filter(|f| {
+                !f.metadata()
+                    .map(|x| x.len() > 25_000_000)
+                    .unwrap_or_default()
+            })
+            .collect()
+    }
+}
+
+#[derive(Deserialize, Default, Debug)]
+pub struct AnalyzerMeta {
+    pub name: String,
+    pub enabled: bool,
+    // todo(swarnim): add misra_compliance: bool
+}