Qodana for C/C++

The Docker image for the Qodana for C/C++ linter is provided to support different usage scenarios:

Running analyses on a regular basis as part of your continuous integration (CI-based execution)
Single-shot analyses (for example, performed locally)

Run analysis locally

Do the following to run the Dockerized version of the Qodana for C/C++ linter:

Pull the image from Docker Hub:
docker pull jetbrains/qodana-clang:2024.1-eap
Run the following command:
docker run \ -v <source-directory>/:/data/project/ \ -v <output-directory>/:/data/results/ \ -e QODANA_TOKEN="<cloud-project-token>" \ jetbrains/qodana-clang:2024.1-eap
where source-directory and output-directory are full local paths to the project source code directory and the analysis results directory, respectively. The QODANA_TOKEN variable refers to the project token required by the Ultimate and Ultimate Plus linters.

The output-directory will contain all the necessary results. You can further tune the command as described in the technical guide.

If you run the analysis several times in a row, make sure you've cleaned the results directory before using it in docker run again.

Run analysis in CI

Run analysis in GitHub

In GitHub, Qodana is implemented as the Qodana Scan GitHub action. To configure it, save the .github/workflows/code_quality.yml file containing the workflow configuration:

                    name: Qodana
                    on:
                      workflow_dispatch:
                      pull_request:
                      push:
                        branches:
                          - main
                          - 'releases/*'

                    jobs:
                      qodana:
                        runs-on: ubuntu-latest
                        steps:
                          - uses: actions/checkout@v3
                            with:
                              fetch-depth: 0
                          - name: 'Qodana Scan'
                            uses: JetBrains/qodana-action@v2024.1
                            with:
                             args: -l jetbrains/qodana-clang:2024.1-eap

                

Using this workflow, Qodana will run on the main branch, release branches, and on the pull requests coming to your repository.

To authorize in Qodana Cloud and forward reports to it, follow these steps:

In the GitHub UI, create the QODANA_TOKEN encrypted secret and save the project token as its value.
In a GitHub workflow, add this snippet to invoke the Qodana Scan action:
- name: 'Qodana Scan' uses: JetBrains/qodana-action@v2024.1 with: args: -l jetbrains/qodana-clang:2024.1-eap env: QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}

Configure via qodana.yaml

Qodana recognizes the qodana.yaml file for the analysis configuration, so that you don't need to pass any additional parameters. For Qodana for C/C++, you can configure:

Inspections using the include and exclude options. See the YAML file section for details.
Commands that will run before the linter using the boostrap option.
Quality gate using the fail-threshold option.

Usage statistics

According to the JetBrains EAP user agreement, we can use third-party services to analyze the usage of our features to further improve the user experience. All data is collected anonymously. To disable the statistics, use the --no-statistics=true CLI option.

Last modified: 28 June 2024