From 203ea29e734f708d0b5657534d88115b6a2c05ed Mon Sep 17 00:00:00 2001 From: nojaf Date: Mon, 16 Oct 2023 16:54:11 +0200 Subject: [PATCH 1/2] Add basic documentation for CI support. --- docs/content/Running during CI.md | 44 +++++++++++++++++++++++++++++++ docs/content/Unit Testing.fsx | 1 + 2 files changed, 45 insertions(+) create mode 100644 docs/content/Running during CI.md diff --git a/docs/content/Running during CI.md b/docs/content/Running during CI.md new file mode 100644 index 0000000..5274f62 --- /dev/null +++ b/docs/content/Running during CI.md @@ -0,0 +1,44 @@ +--- +category: end-users +categoryindex: 1 +index: 5 +--- + +# Running analyzers during continuous integration + +Similar to unit tests and coding formatting, analyzers are a tool you want to enforce when modifying a code repository. +Especially, in the context of a team, you want to ensure everybody is adhering to the warnings produced by analyzers. + +## Command line options + +Use the `--report` command line argument to produce a [sarif](https://sarifweb.azurewebsites.net/) report json. +Most *CI/CD* system should be able to process this afterwards to capture the reported information by the analyzers. + +Example usage: + +```shell +dotnet fsharp-analyzers / + --project MyProject.fsproj / + --analyzers-path ./MyFolderWithAnalyzers / + --report ./analysis.sarif +``` + +### GitHub Actions + +If you are using [GitHub Actions](https://docs.github.com/en/code-security/codeql-cli/using-the-advanced-functionality-of-the-codeql-cli/sarif-output) you can easily send the *sarif file* to [CodeQL](https://codeql.github.com/). + +```yml + # checkout code, build, run analyzers, ... + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: analysis.sarif +``` + +Sample: + +![Example](https://user-images.githubusercontent.com/2621499/275484611-e38461f8-3689-4bf0-8ab8-11a6318e01aa.png) + +See [fsproject/fantomas#2962](https://github.com/fsprojects/fantomas/pull/2962) for more information. + +[Previous]({{fsdocs-previous-page-link}}) diff --git a/docs/content/Unit Testing.fsx b/docs/content/Unit Testing.fsx index 2014150..880820c 100644 --- a/docs/content/Unit Testing.fsx +++ b/docs/content/Unit Testing.fsx @@ -69,4 +69,5 @@ let notUsed() = (** [Previous]({{fsdocs-previous-page-link}}) +[Next]({{fsdocs-next-page-link}}) *) From 42dbcbe8f14abe3b11c1817a9126d3a7a0503aca Mon Sep 17 00:00:00 2001 From: Florian Verdonck Date: Tue, 17 Oct 2023 09:11:39 +0200 Subject: [PATCH 2/2] Apply suggestions from code review Co-authored-by: dawe --- docs/content/Running during CI.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/content/Running during CI.md b/docs/content/Running during CI.md index 5274f62..6504e9c 100644 --- a/docs/content/Running during CI.md +++ b/docs/content/Running during CI.md @@ -6,13 +6,13 @@ index: 5 # Running analyzers during continuous integration -Similar to unit tests and coding formatting, analyzers are a tool you want to enforce when modifying a code repository. +Similar to unit tests and code formatting, analyzers are a tool you want to enforce when modifying a code repository. Especially, in the context of a team, you want to ensure everybody is adhering to the warnings produced by analyzers. ## Command line options Use the `--report` command line argument to produce a [sarif](https://sarifweb.azurewebsites.net/) report json. -Most *CI/CD* system should be able to process this afterwards to capture the reported information by the analyzers. +Most *CI/CD* systems should be able to process this afterwards to capture the reported information by the analyzers. Example usage: