Skip to content

Refactor the CI workflows#102

Open
lavrovvalera wants to merge 10 commits into
eclipse-score:mainfrom
lavrovvalera:vala_quality_jobs
Open

Refactor the CI workflows#102
lavrovvalera wants to merge 10 commits into
eclipse-score:mainfrom
lavrovvalera:vala_quality_jobs

Conversation

@lavrovvalera

Copy link
Copy Markdown
Contributor

Integrate score_cpp_policies as central C++ quality tooling

Closes #12
Closes #42
Closes #43

Changes

score_cpp_policies integration

  • Added score_cpp_policies dep with git_override to pick up the clang_tidy package not yet released in the registry (v0.0.1)
  • Upgraded aspect_rules_lint 1.5.32.7.1 and added toolchains_llvm 1.7.0 (LLVM 19.1.7) as required by score_cpp_policies clang-tidy API
  • Created tools/lint/BUILD + tools/lint/linters.bzl wiring make_clang_tidy_aspect with the S-CORE baseline .clang-tidy
  • Added sanitizer (asan_ubsan_lsan) and clang-tidy config blocks to .bazelrc

New CI workflows

  • sanitizers.yml — runs ASan/UBSan/LSan on PRs and main; non-blocking until code is clean (closes Add sanitizer CI (ASAN/TSAN/UBSAN) #43)
  • clang-tidy.yml — runs clang-tidy via score_cpp_policies on PRs and main; non-blocking until violations are resolved (closes Add Clang-Tidy CI workflow #42)
  • codeql.yml — nightly CodeQL scan with MISRA C++ pack via the cicd-workflows reusable workflow

CI workflow cleanup

  • Fixed broken/outdated action versions, excessive permissions, missing concurrency groups, stale triggers, and inconsistent runner pins across all existing workflows
  • Renamed 6 workflow files from underscore_style to hyphen-style
  • Applied name: Group / Job convention to all workflows for visual grouping in GitHub Actions UI

@github-actions

github-actions Bot commented Jun 24, 2026

Copy link
Copy Markdown

License Check Results

🚀 The license check job ran with the Bazel command:

bazel run //:license-check

Status: ⚠️ Needs Review

Click to expand output
[License Check Output]
Extracting Bazel installation...
Starting local Bazel server (8.3.0) and connecting to it...
INFO: Invocation ID: 95acd469-8d1e-4c2e-88ce-5a0f435d1f80
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Computing main repo mapping: 
Loading: 
Loading: 2 packages loaded
Loading: 2 packages loaded
    currently loading: 
Loading: 2 packages loaded
    currently loading: 
Loading: 2 packages loaded
    currently loading: 
Loading: 2 packages loaded
    currently loading: 
Loading: 2 packages loaded
    currently loading: 
Analyzing: target //:license-check (3 packages loaded, 0 targets configured)
Analyzing: target //:license-check (3 packages loaded, 0 targets configured)

Analyzing: target //:license-check (88 packages loaded, 10 targets configured)

Analyzing: target //:license-check (139 packages loaded, 682 targets configured)

Analyzing: target //:license-check (151 packages loaded, 5600 targets configured)

Analyzing: target //:license-check (153 packages loaded, 8003 targets configured)

Analyzing: target //:license-check (163 packages loaded, 8061 targets configured)

Analyzing: target //:license-check (163 packages loaded, 8061 targets configured)

Analyzing: target //:license-check (163 packages loaded, 8061 targets configured)

Analyzing: target //:license-check (166 packages loaded, 9949 targets configured)

Analyzing: target //:license-check (166 packages loaded, 9949 targets configured)

Analyzing: target //:license-check (166 packages loaded, 9949 targets configured)

Analyzing: target //:license-check (166 packages loaded, 9949 targets configured)

INFO: Analyzed target //:license-check (168 packages loaded, 10196 targets configured).
[3 / 7] checking cached actions
[9 / 16] checking cached actions
[11 / 16] checking cached actions
INFO: From Generating Dash formatted dependency file ...:
INFO: Successfully converted 2 packages from Cargo.lock to bazel-out/k8-fastbuild/bin/formatted.txt
[13 / 16] JavaToolchainCompileClasses external/rules_java+/toolchains/platformclasspath_classes; 0s disk-cache, processwrapper-sandbox
[14 / 16] checking cached actions
[14 / 16] [Prepa] JavaToolchainCompileBootClasspath external/rules_java+/toolchains/platformclasspath.jar
INFO: Found 1 target...
Target //:license.check.license_check up-to-date:
  bazel-bin/license.check.license_check
  bazel-bin/license.check.license_check.jar
INFO: Elapsed time: 42.207s, Critical Path: 2.45s
INFO: 16 processes: 12 internal, 3 processwrapper-sandbox, 1 worker.
INFO: Build completed successfully, 16 total actions
INFO: Running command line: bazel-bin/license.check.license_check ./formatted.txt <args omitted>
usage: org.eclipse.dash.licenses.cli.Main [-batch <int>] [-cd <url>]
       [-confidence <int>] [-ef <url>] [-excludeSources <sources>] [-help] [-lic
       <url>] [-project <shortname>] [-repo <url>] [-review] [-summary <file>]
       [-timeout <seconds>] [-token <token>]

@github-actions

Copy link
Copy Markdown

The created documentation from the pull request is available at: docu-html

MODULE.bazel.lock is gitignored; --lockfile_mode=error always fails on a
fresh checkout. Remove the flag to match how all other CI workflows run.

Also apply buildifier formatting to MODULE.bazel (3 missing blank lines).
- Add score_bazel_tools_cc 0.1.0 (dev_dependency) to MODULE.bazel
- Add python.single_version_override for 3.8.20 (required by
  score_bazel_tools_cc which registers Python 3.8 toolchains;
  rules_python 1.8.x removed 3.8 from default download list)
- Add clang_format_config BUILD target pointing to //:.clang-format
- Add build:clang_format config block to .bazelrc (uses LLVM toolchain
  so the clang-format binary is co-located with the C++ compiler)
- Add clang-format job to format.yml; non-blocking (continue-on-error)
  until existing violations in the codebase are resolved
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Status: In Progress

Development

Successfully merging this pull request may close these issues.

Add sanitizer CI (ASAN/TSAN/UBSAN) Add Clang-Tidy CI workflow Use the score_cpp_policies as central quality tooling

1 participant