mirror of
https://gitlab.isc.org/isc-projects/kea
synced 2025-08-22 09:57:41 +00:00
86 lines
2.8 KiB
Plaintext
86 lines
2.8 KiB
Plaintext
// Copyright (C) 2023-2025 Internet Systems Consortium, Inc. ("ISC")
|
|
//
|
|
// This Source Code Form is subject to the terms of the Mozilla Public
|
|
// License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
/**
|
|
@page qaIntro Quality Assurance in Kea
|
|
|
|
This is only a brief excerpt about some QA systems used at ISC. For more
|
|
information, please refer to the DHCP QA department.
|
|
|
|
@section ciGithub Running CI pipeline on Github
|
|
|
|
While our primary environment for running CI pipeline is Jenkins hosted on AWS,
|
|
there are some tools that are only available on github. One of such tools is
|
|
CodeQL. CodeQL is a static analysis tool that can be used to find security
|
|
vulnerabilities in the code. It is a part of Github Advanced Security suite.
|
|
Github Advanced Security suite is available for free for open source projects.
|
|
|
|
The job is defined in `.github/workflows/codeql.yml` file. It is configured
|
|
to run once per week on `master` and `ci` branches. Sadly, it requires Kea
|
|
compilation. With the runners provided on github having only 2 CPUs, it's
|
|
a slow process. But we don't care that much - we get the results once per
|
|
week. The results are available in the `Security` tab of the repository
|
|
(see https://github.com/isc-projects/kea/security). This tab is only visible to
|
|
logged in members of the isc-projects organization.
|
|
|
|
@section ciGitlab Running CI pipeline on Gitlab
|
|
|
|
There are several jobs configured with Gitlab CI:
|
|
|
|
- are-database-scripts-in-sync
|
|
- bandit
|
|
- check-for-json-errors-in-doc
|
|
- danger
|
|
- duplicate-includes
|
|
- duplicate-log-messages
|
|
- missing-api-commands
|
|
- missing-config-h-include
|
|
- missing-git-attribute
|
|
- pycodestyle
|
|
- pylint
|
|
- shellcheck
|
|
- uninstalled-headers
|
|
- sast-analyzer
|
|
- flawfinder-sast
|
|
|
|
The pipeline can be inspected and configured here:
|
|
https://gitlab.isc.org/isc-projects/kea/-/ci/editor
|
|
|
|
@section ciJenkins Running CI pipeline on Jenkins
|
|
|
|
Jenkins is the primary CI environment. It is hosted on AWS. For details,
|
|
see internal QA-DHCP wiki, ask on QA channel on mattermost or take a look at the
|
|
internal `qa-dhcp` repository.
|
|
|
|
@section ciCppcheck Running Cppcheck locally
|
|
|
|
There are targets that run the cppcheck static analyzer on the Kea codebase.
|
|
After running the following procedure, you should get an HTML report at `build/report/index.html`:
|
|
|
|
@code
|
|
$ meson setup build
|
|
$ meson compile -C build cppcheck
|
|
$ meson compile -C build cppcheck-report
|
|
@endcode
|
|
|
|
@section ciValgrind Running Valgrind locally
|
|
|
|
To detect memory leaks, you can run unit tests under valgrind locally with the following procedure:
|
|
|
|
@code
|
|
$ meson setup build
|
|
$ meson test -C build -v --setup valgrind
|
|
@endcode
|
|
|
|
Alternatively, you can customize the valgrind command with:
|
|
|
|
@code
|
|
$ meson setup build
|
|
$ meson test -C build -v --wrapper='valgrind --leak-check=full'
|
|
@endcode
|
|
|
|
*/
|