PlatformIO Community

Full SonarQube Platformio CI/CD

Hi everyone.
Today I will not ask you anything, but rather share with the community weeks of work to setup a full-fledged CI/CD for PlatformIO projects using:

  • Gitlab
  • SonarQube/sonar-scanner/sonar-cxx plugin
  • cpplint/cppcheck
  • flawfinder
  • Dogyxen.

This CI/CD delivers:

  • a very complete set of code-quality measurements (see below)
  • a complete code documentation
  • compiled firmware(s)
  • code flaws reports

Here are some screenshots:

Finally, here is the .gitlab.yml file I created:

# Different stages the CI/CD pipeline will go through, in order.
# If more than one job is located

# References:
# - https://github.com/SonarOpenCommunity/sonar-cxx/blob/master/sonar-cxx-plugin/src/samples/SampleProject2/Makefile

stages:
  - document
  - test
  - unit_test
  - build

image:
  name: db99/sonar-scanner-cli:latest
  entrypoint: [""]
variables:
  SONAR_TOKEN: "yoursonartoken"
  SONAR_HOST_URL: "yoursonarserver"
  GIT_DEPTH: 0
sonarqube-check:
  stage: test
  script:
    - cppcheck --xml --xml-version=2 src lib include 2> cppcheck.xml 
    - sonar-scanner -X -Dsonar.projectKey=Sensors -Dsonar.sources=. -Dsonar.host.url=yoursonarserver -Dsonar.login=yourlogintoken -Dsonar.sourceEncoding=UTF-8 -Dsonar.cxx.cppcheck.reportPath=cppcheck.xml
  allow_failure: true

cpplint:
  stage: test
  image: python:latest
  script: 
    - python -m pip install cpplint
    - cpplint --filter=-whitespace,-legal/copyright,-readability/multiline_comment --linelength=180 --recursive src/* include/* &> cpplint.txt
  artifacts:
    paths:
      - cpplint.txt

flawfinder:
  stage: test
  image: python:latest
  script: 
    - python -m pip install flawfinder
    - flawfinder --html . > flawfinder.html
  artifacts:
    paths:
      - flawfinder.html
  allow_failure: true

documentation:
  stage: document
  image: ubuntu:latest
  script:
    - apt-get update
    - apt-get install -y doxygen
    - doxygen documentation/doxyfile
    - tar czf documentation.tar.gz documentation/doxygen/html/
  artifacts:
    paths:
      - documentation.tar.gz

build:
  stage: build
  image: python:latest
  script: 
    - pip install -U platformio
    - platformio run -e esp12e -e esp32dev
    - mv .pio/build/esp12e/firmware.bin firmware_esp12e.bin
    - mv .pio/build/esp32dev/firmware.bin firmware_esp32dev.bin
  variables: {PLATFORMIO_CI_SRC: "src/main.cpp"}
  artifacts:
    paths:
      - firmware_esp12e.bin
      - firmware_esp32dev.bin

And, icing on the cake, the Dockerfile I use to create my custom sonar-scanner image (used below):

FROM openjdk:8u242-stretch

RUN set -x
RUN apt-get update
RUN apt-get install unzip cppcheck shellcheck -y
RUN curl -o /tmp/sonar-scanner-cli.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.2.0.1873-linux.zip
RUN unzip -d /opt /tmp/sonar-scanner-cli.zip
RUN ln -s /opt/sonar-scanner-4.2.0.1873-linux/bin/sonar-scanner /usr/local/bin/sonar-scanner
RUN ln -sf ${JAVA_HOME}/bin/java /opt/sonar-scanner-4.2.0.1873-linux/jre/bin/java
RUN rm /tmp/sonar-scanner-cli.zip

WORKDIR /scan

ENTRYPOINT ["sonar-scanner"]

I created this dockerfile in order to integrate shellcheck in it.

Ok, I hope you will enjoy it. And when I told you at the beginning that I wouldn’t ask you anything I, in a way, not told the exact truth. I’m always searching for ways to improve my CI/CD process to produce the best code possible. I you have any idea for improvements, please let me know.

Thanks a lot, and have fun.

5 Likes

Great tutorial! Thanks!

You do not need this if use pio run command. This env var for pio ci shortcut.

2 Likes