Son GitLab da ƙiyayya da kwari? Kuna son inganta ingancin lambar tushen ku? Sannan kun zo wurin da ya dace. A yau za mu gaya muku yadda ake saita PVS-Studio C # analyzer don bincika buƙatun haɗuwa. Yi yanayi na unicorn da karatun farin ciki ga kowa da kowa.
kayan aiki ne don gano kurakurai da yuwuwar lahani a cikin lambar tushe na shirye-shiryen da aka rubuta a C, C++, C # da Java. Yana aiki akan tsarin 64-bit akan Windows, Linux da macOS. Za a iya yin nazarin lambar da aka ƙera don 32-bit, 64-bit da dandamali na ARM da aka haɗa.
Af, mun saki PVS-Studio 7.08, wanda muka yi abubuwa da yawa . Alal misali:
- C # analyzer don Linux da macOS;
- plugin don Rider;
- sabon yanayin duba lissafin fayil.
Yanayin duba lissafin fayil
A baya can, don bincika wasu fayiloli, ya zama dole a wuce .xml tare da jerin fayiloli zuwa mai nazari. Amma tun da wannan bai dace sosai ba, mun ƙara ikon canja wurin .txt, wanda ya sa rayuwa ta kasance mai sauƙi.
Domin duba takamaiman fayiloli, dole ne ka saka tuta --sourceFiles (-f) da kuma canja wurin .txt tare da jerin fayiloli. Ga alama kamar haka:
pvs-studio-dotnet -t path/to/solution.sln -f fileList.txt -o project.jsonIdan kuna sha'awar saita ƙaddamar da bincike ko ja buƙatun, kuna iya yin hakan ta amfani da wannan yanayin. Bambancin zai kasance a cikin samun jerin fayiloli don tantancewa kuma zai dogara da irin tsarin da kuke amfani da su.
Ka'idar duba buƙatar haɗuwa
Babban mahimmancin rajistan shine don tabbatar da cewa matsalolin da mai nazari ya gano lokacin haɗuwa ba su fada cikin master reshe. Har ila yau, ba ma so mu bincika dukan aikin kowane lokaci. Bugu da ƙari, lokacin haɗa rassan, muna da jerin fayilolin da aka canza. Don haka, ina ba da shawarar ƙara rajistan neman haɗin kai.
Wannan shine yadda buƙatar haɗin kai ke kama kafin aiwatar da na'urar tantancewa a tsaye:
Wato duk kurakuran da ke cikin reshen canje-canje, zai matsa zuwa babban reshe. Tun da ba za mu so wannan ba, muna ƙara bincike, kuma yanzu zane yayi kama da haka:
Muna nazari canje-canje2 kuma, idan babu kurakurai, mun yarda da buƙatar haɗuwa, in ba haka ba mun ƙi shi.
Af, idan kuna sha'awar nazarin ayyukan da ja buƙatun C/C++, to kuna iya karantawa game da shi. .
GitLab
kayan aiki ne na tushen tushen gidan yanar gizo na DevOps wanda ke ba da tsarin sarrafa ma'ajiyar lambar don Git tare da wiki nasa, tsarin bin diddigin batun, bututun CI / CD da sauran fasalulluka.
Kafin ka fara nazarin buƙatun haɗin kai, kuna buƙatar yin rajista da loda aikinku. Idan ba ku san yadda ake yin wannan ba, to ina ba da shawarar abokin aikina.
Примечание. Hanyar kafa yanayin da aka bayyana a kasa yana daya daga cikin masu yiwuwa. Manufar ita ce nuna matakan kafa yanayin da ake bukata don nazari da ƙaddamar da mai nazari. Wataƙila a cikin yanayin ku zai zama mafi kyau duka don raba matakan shirye-shiryen muhalli (ƙara wuraren ajiya, shigar da mai nazari) da bincike: alal misali, shirya hotunan Docker tare da yanayin da ya dace da amfani da su, ko wata hanyar.
Don ƙarin fahimtar abin da zai faru a yanzu, ina ba da shawarar duba wannan zane mai zuwa:
Mai nazari yana buƙatar NET Core SDK 3 don aiki, don haka kafin shigar da na'urar ana buƙatar ƙara ma'ajin Microsoft wanda daga ciki za a shigar da abubuwan dogaro da ake buƙata don na'urar. Ƙara ma'ajiyar Microsoft don rabawa Linux daban-daban .
Don shigar da PVS-Studio ta hanyar mai sarrafa fakiti, kuna buƙatar ƙara ma'ajiyar PVS-Studio. Ƙara wuraren ajiya don rabawa daban-daban an kwatanta su dalla-dalla a ciki .
Mai nazari yana buƙatar maɓallin lasisi don aiki. Kuna iya samun lasisin gwaji a .
Примечание. Lura cewa siffanta yanayin aiki (nazarin buƙatun haɗin kai) yana buƙatar lasisin Kasuwanci. Don haka, idan kuna son gwada wannan yanayin aiki, kar ku manta da nuna a cikin filin “Saƙo” cewa kuna buƙatar lasisin Kasuwanci.
Idan buƙatar haɗuwa ta faru, to kawai muna buƙatar bincika jerin fayilolin da aka canza, in ba haka ba muna nazarin duk fayiloli. Bayan bincike, muna buƙatar canza rajistan ayyukan zuwa tsarin da muke buƙata.
Yanzu, samun algorithm na aiki a gaban idanunku, zaku iya ci gaba zuwa rubuta rubutun. Don yin wannan, kuna buƙatar canza fayil ɗin .gitlab-ci.yml ko, idan babu shi, ƙirƙira shi. Don ƙirƙirar shi, kuna buƙatar danna sunan aikin ku -> Saita CI/CD.
Yanzu mun shirya don rubuta rubutun. Bari mu fara rubuta lambar da za ta shigar da mai nazari kuma mu shigar da lasisi:
before_script:
- apt-get update && apt-get -y install wget gnupg
- apt-get -y install git
- wget https://packages.microsoft.com/config/debian/10/
packages-microsoft-prod.deb -O packages-microsoft-prod.deb
- dpkg -i packages-microsoft-prod.deb
- apt-get update
- apt-get install apt-transport-https
- apt-get update
- wget -q -O - https://files.viva64.com/etc/pubkey.txt | apt-key add -
- wget -O /etc/apt/sources.list.d/viva64.list
https://files.viva64.com/etc/viva64.list
- apt-get update
- apt-get -y install pvs-studio-dotnet
- pvs-studio-analyzer credentials $PVS_NAME $PVS_KEY
- dotnet restore "$CI_PROJECT_DIR"/Test/Test.slnTunda shigarwa da kunnawa dole ne su faru kafin duk sauran rubutun, muna amfani da lakabi na musamman kafin_rubutu. Bari in dan yi bayanin wannan guntun.
Ana shirye-shiryen shigar da analyzer:
- wget https://packages.microsoft.com/config/debian/10/
packages-microsoft-prod.deb -O packages-microsoft-prod.deb
- dpkg -i packages-microsoft-prod.deb
- apt-get update
- apt-get install apt-transport-https
- apt-get updateƘara ma'ajiyar PVS-Studio da mai nazari:
- wget -q -O - https://files.viva64.com/etc/pubkey.txt | apt-key add -
- wget -O /etc/apt/sources.list.d/viva64.list
https://files.viva64.com/etc/viva64.list
- apt-get update
- apt-get -y install pvs-studio-dotnetKunna lasisi:
- pvs-studio-analyzer credentials $PVS_NAME $PVS_KEY$PVS_NAME - Sunan mai amfani.
$PVS_KEY - maɓallin samfur.
Maido da dogaron aikin inda $CI_PROJECT_DIR – Cikakkun hanyar zuwa kundin tsarin aiki:
- dotnet restore "$CI_PROJECT_DIR"/Path/To/Solution.slnDon ingantaccen bincike, dole ne a gina aikin cikin nasara, kuma dole ne a dawo da abubuwan dogaronsa (misali, dole ne a zazzage fakitin NuGet masu mahimmanci).
Kuna iya saita masu canjin yanayi mai ɗauke da bayanan lasisi ta danna Kafa, da kuma bayan - on CI/CD.
A cikin taga da yake buɗewa, nemo abu canji, danna maballin dama Expand kuma ƙara masu canji. Sakamakon yakamata yayi kama da haka:
Yanzu zaku iya ci gaba zuwa bincike. Da farko, bari mu ƙara rubutun don cikakken bincike. Zuwa tuta -t mun wuce hanyar mafita ga tuta -o rubuta hanyar zuwa fayil ɗin da za a rubuta sakamakon bincike. Muna kuma sha'awar lambar dawowa. A wannan yanayin, muna sha'awar tsayawar aiki lokacin da lambar dawowa ta ƙunshi bayanin cewa an ba da gargaɗi yayin bincike. Ga yadda wannan guntun ya yi kama da:
job:
script:
- exit_code=0
- pvs-studio-dotnet -t "$CI_PROJECT_DIR"/Test/Test.sln -o
PVS-Studio.json || exit_code=$?
- exit_code=$((($exit_code & 8)/8))
- if [[ $exit_code == 1 ]]; then exit 1; else exit 0; fiLambobin dawowa suna aiki akan ƙa'idar abin rufe fuska. Misali, idan an yi gargadin sakamakon binciken, to lambar dawowa zata kasance daidai da 8. Idan lasisin ya ƙare a cikin wata ɗaya, lambar dawowa zata kasance daidai da 4. Idan an gano kurakurai yayin bincike. kuma lasisin ya ƙare a cikin wata ɗaya, dawowar lambar, za a rubuta ƙimar duka biyu: ƙara lambobi tare kuma sami lambar dawowa ta ƙarshe - 8+4=12. Don haka, ta hanyar bincika ɓangarorin da suka dace, ana iya samun bayanai game da jihohi daban-daban yayin bincike. An kwatanta lambobin dawowa dalla-dalla a cikin "pvs-studio-dotnet (Linux / macOS) Lambobin dawowa" na takaddar "".
A wannan yanayin, muna sha'awar duk lambobin dawowa inda 8 ya bayyana.
- exit_code=$((($exit_code & 8)/8))Za mu karɓi 1 lokacin da lambar dawowa ta ƙunshi ɗan adadin lambar da muke sha'awar, in ba haka ba za mu karɓi 0.
Lokaci ya yi da za a ƙara nazarin buƙatar haɗuwa. Kafin mu yi haka, bari mu shirya wuri don rubutun. Muna buƙatar aiwatar da shi ne kawai lokacin da buƙatar haɗuwa ta faru. Ga alama kamar haka:
merge:
script:
only:
- merge_requestsBari mu matsa zuwa ga rubutun da kansa. Na fuskanci gaskiyar cewa injin kama-da-wane bai san komai ba asali / master. Don haka bari mu taimaka mata kadan:
- git fetch originYanzu mun sami bambanci tsakanin rassan kuma ajiye sakamakon a ciki txt fayil:
- git diff --name-only origin/master $CI_COMMIT_SHA > pvs-fl.txtInda $CI_COMMIT_SHA – zanta na karshe aikata.
Na gaba, za mu fara nazarin jerin fayiloli ta amfani da tuta -f. Muna canja wurin fayil ɗin .txt da aka karɓa zuwa gare shi. To, ta hanyar kwatanci tare da cikakken bincike, muna kallon lambobin dawowa:
- exit_code=0
- pvs-studio-dotnet -t "$CI_PROJECT_DIR"/Test/Test.sln -f
pvs-fl.txt -o PVS-Studio.json || exit_code=$?
- exit_code=$((($exit_code & 8)/8))
- if [[ $exit_code == 1 ]]; then exit 1; else exit 0; fiCikakken rubutun don duba buƙatar haɗin kai zai yi kama da haka:
merge:
script:
- git fetch origin
- git diff --name-only origin/master $CI_COMMIT_SHA > pvs-fl.txt
- exit_code=0
- pvs-studio-dotnet -t "$CI_PROJECT_DIR"/Test/Test.sln -f
pvs-fl.txt -o PVS-Studio.json || exit_code=$?
- exit_code=$((($exit_code & 8)/8))
- if [[ $exit_code == 1 ]]; then exit 1; else exit 0; fi
only:
- merge_requestsAbin da ya rage shi ne ƙara jujjuya bayanan log bayan an sarrafa duk rubutun. Muna amfani da lakabin bayan_rubutu da amfani plog-converter:
after_script:
- plog-converter -t html -o eLog ./PVS-Studio.jsonMai amfani wani buɗaɗɗen aiki ne wanda ake amfani da shi don canza rahoton kuskuren parser zuwa nau'i daban-daban, kamar HTML. An ba da ƙarin cikakkun bayanai game da kayan aiki a cikin sashin "Plog Converter Utility" .
Af, idan kuna son yin aiki da dacewa tare da rahoton .json a gida daga IDE, to ina ba da shawarar mu. don IDE Rider. An bayyana amfani da shi a cikin ƙarin daki-daki .
Domin saukakawa, ga shi nan .gitlab-ci.yml a cike:
image: debian
before_script:
- apt-get update && apt-get -y install wget gnupg
- apt-get -y install git
- wget https://packages.microsoft.com/config/debian/10/
packages-microsoft-prod.deb -O packages-microsoft-prod.deb
- dpkg -i packages-microsoft-prod.deb
- apt-get update
- apt-get install apt-transport-https
- apt-get update
- wget -q -O - https://files.viva64.com/etc/pubkey.txt | apt-key add -
- wget -O /etc/apt/sources.list.d/viva64.list
https://files.viva64.com/etc/viva64.list
- apt-get update
- apt-get -y install pvs-studio-dotnet
- pvs-studio-analyzer credentials $PVS_NAME $PVS_KEY
- dotnet restore "$CI_PROJECT_DIR"/Test/Test.sln
merge:
script:
- git fetch origin
- git diff --name-only origin/master $CI_COMMIT_SHA > pvs-fl.txt
- exit_code=0
- pvs-studio-dotnet -t "$CI_PROJECT_DIR"/Test/Test.sln -f
pvs-fl.txt -o PVS-Studio.json || exit_code=$?
- exit_code=$((($exit_code & 8)/8))
- if [[ $exit_code == 1 ]]; then exit 1; else exit 0; fi
only:
- merge_requests
job:
script:
- exit_code=0
- pvs-studio-dotnet -t "$CI_PROJECT_DIR"/Test/Test.sln -o
PVS-Studio.json || exit_code=$?
- exit_code=$((($exit_code & 8)/8))
- if [[ $exit_code == 1 ]]; then exit 1; else exit 0; fi
after_script:
- plog-converter -t html -o eLog ./PVS-Studio.jsonDa zarar kun ƙara komai zuwa fayil ɗin, danna kan Aiwatar da canje-canje. Domin ganin cewa komai daidai ne, je zuwa CI / CD -> Bututun ruwa -> Running. Za a buɗe taga injin kama-da-wane, a ƙarshensa ya kamata ya kasance masu zuwa:
gani Ayuba ya yi nasara - nasara, komai yana da kyau. Yanzu za ku iya gwada abin da kuka yi.
Misalai na aiki
Misalin aiki, bari mu ƙirƙiri aiki mai sauƙi (in master) wanda zai ƙunshi fayiloli da yawa. Bayan haka, a cikin wani reshe za mu canza fayil ɗaya kawai kuma muyi ƙoƙarin yin buƙatar haɗin gwiwa.
Bari mu yi la'akari da lokuta biyu: lokacin da fayil ɗin da aka gyara ya ƙunshi kuskure kuma lokacin da ba haka ba. Na farko, misali tare da kuskure.
Bari mu ce akwai fayil a cikin babban reshe Shirin.cs, wanda ba ya ƙunshi kurakurai, amma a wani reshe mai haɓakawa ya ƙara lambar kuskure kuma yana son yin buƙatar haɗin kai. Wane irin kuskuren da ya yi ba shi da mahimmanci, babban abu shi ne cewa akwai. Misali, mai aiki ya manta Jefa (Iya, ):
void MyAwesomeMethod(String name)
{
if (name == null)
new ArgumentNullException(....);
// do something
....
}Bari mu dubi sakamakon nazarin misali tare da kuskure. Har ila yau, don tabbatar da cewa fayil ɗaya ne kawai aka yi parsed, na ƙara tuta -r zuwa layin ƙaddamar da pvs-studio-dotnet:
Mun ga cewa mai nazari ya sami kuskure kuma bai yarda da haɗa rassan ba.
Bari mu duba misalin ba tare da kuskure ba. Gyara lambar:
void MyAwesomeMethod(String name)
{
if (name == null)
throw new ArgumentNullException(....);
// do something
....
}Haɗa sakamakon binciken nema:
Kamar yadda muke iya gani, ba a sami kurakurai ba, kuma aikin ya yi nasara, wanda shine abin da muke so mu bincika.
ƙarshe
Weeding fitar da mummunan code kafin haɗe rassan yana da matukar dacewa kuma mai daɗi. Don haka idan kuna amfani da CI/CD, gwada saka na'urar nazari a tsaye don dubawa. Haka kuma, ana yin wannan a sauƙaƙe.
Gode muku da hankali.
Idan kuna son raba wannan labarin tare da masu sauraron Ingilishi, da fatan za a yi amfani da hanyar fassarar: Nikolay Mironov. .
source: www.habr.com