These are the workflows that should be followed when using the SAFe Toolset:
C/C++:
- Get the codebase
- Compile the codebase
- Obtain the Compilation Database
- Normalize the Compilation Database
- Generate the Static Analyzers Configuration Files according to your needs
- Run the Static Analyzers
- Configure SonarQube Analyses
- Gather Static Analyzers Results into SonarQube
- Review Results
Steps in red are performed manually or with the help of third part tools; steps in black are performed with the help of the SAFacilitator (Static Analysis Facilitator); steps in blue are performed from within SonarQube user interface.
From the Sources to the Analyses Results
From the Analyses Results to the Review in SonarQube
This is an actual example where the workflow is followed to analyze the Crazyflie version 2.1 codebase.
Java:
- Get the codebase
- Activate Integration between build tool (Gradle/Maven) and SonarQube
- Configure SonarQube Analyses
- Run Analyses
- Review Results
Steps in red are performed manually or with the help of third part tools; steps in black are performed with the help of the SAFacilitator (Static Analysis Facilitator); steps in blue are performed from within SonarQube user interface.
Java Workflow