I'm going to give an answer, although it isn't a very good one, it is the best I've been able to find. I'm also not familiar with the precise tools you are using, though I suspect this approach will work, given enough massaging.
We use cppcheck for our static analysis. The cppcheck executable (and dll) are checked into the source repository (you can use a separate /tools folder to keep things discrete).
We have a ruby (substitute a scripting language of your choice) script that handles actually running cppcheck with the appropriate arguments. (It also includes some clever logic to run things in parallel, although that's not necessary.)
In rubyesque pseudocode, the master script looks like this:
all_files = get_all_files() # Reads the build scripts to find all the files that are relevant to the project.
all_files.each {|file|
output_base = static_analysis_ouput/"+strip_filename(file)
run_cppcheck(file, output_base + ".txt")
convert_to_junit_xml(output_base + ".txt", output_base + ".xml")
}
Of course, the get_all_files() function will depend on your project and may or may not be as simple as ours. Our projects build with msbuild, so we just use an xml parser to read them and get the source filenames.
Since it looks like you use Java, you may be able to skip the convert_to_junit_xml() call, if your tools output JUnit tests directly. What I do is have it convert each file to a single unit test. If the txt file has no static analysis warnings, then I issue a successful unit test. Otherwise, I include the text of the failures as the output of the test and mark the test as failed.
So each xml file looks like one of these:
Success
<testsuites tests='1' failures='0' disabled='0' errors='0' time='0' name='FailedCppChecks'>
<testsuite name='FailedCppCheck' tests='1' failures='0' disabled='0' errors='0' time='0'>
<testcase name='derived.from.file' status='run' time='0' classname='CppCheck'/>
</testsuite>
</testsuites>
Failure
<testsuites tests='1' failures='1' disabled='0' errors='0' time='0' name='FailedCppChecks'>
<testsuite name='FailedCppCheck' tests='1' failures='1' disabled='0' errors='0' time='0'>
<testcase name='derived.from.file' status='run' time='0' classname='CppCheck'>
<failure message='{number of static analysis warnings} failures' type=''>{text of static analysis warnings}</failure>
</testcase>
</testsuite>
</testsuites
By converting each file to a single unit test (with a name derived from the file), I get a predictable set of "unit tests". If I decide that a particular file isn't worth fixing yet, I can quarantine it. (Not a great solution, since the introduction of new warnings in that file will go unnoticed.) Also, if you have too many unit tests, Bamboo gets more than a little slow accessing those pages.
I truly hope this isn't the best answer you get, because it isn't very good and requires a fair bit of work on your part to implement and maintain. But it works for me and it is better than no answer at all.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.