Parasoft C/C++test Extension for Microsoft Azure DevOps

This extension enables you to run code analysis with Parasoft C/C++test Standard and review analysis results directly in Azure Pipelines. To run code analysis with C/C++test Professional, the Run C/C++test task provided by this extension must be customized with additional options; see Customizing the Task to Run C/C++test Professional.

Parasoft C/C++test uses a comprehensive set of analysis techniques, including pattern-based static analysis, dataflow analysis, metrics, code coverage, unit testing, and more, to help you verify code quality and ensure compliance with industry standards, such as MISRA, AUTOSAR, and CERT.

Request a free trial to receive access to Parasoft C/C++test's features and capabilities.
See the user guide for information about Parasoft C/C++test's capabilities and usage.

Please visit the official Parasoft website for more information about Parasoft C/C++test and other Parasoft products.

Quick start
Example Pipelines
Configuring Analysis with C/C++test
Task Parameters
Customizing the Task to Run C/C++test Professional

Quick start

To analyze your code with Parasoft C/C++test and review analysis results in Azure Pipelines, you need to customize your pipeline to include:

Integration with your C/C++ build to determine the scope of analysis.
The task to run C/C++test provided by this extension.
The task to upload the C/C++test analysis report in the SARIF format.
The task to upload the C/C++test analysis reports in other formats (XML, HTML, etc.) as pipeline artifacts.

Prerequisites

This extension requires Parasoft C/C++test with a valid Parasoft license.
The SARIF SAST Scans Tab extension must be installed in your Azure DevOps organization.
We recommend that you execute the pipeline on a self-hosted runner with the following components installed and configured on the runner:
- C/C++ build toolchain
- Parasoft C/C++test

Installing Required Extensions

Sign into the Visual Studio Marketplace and click the Azure DevOps tab.
Use the search box to find the C/C++test extension.
Select the extension and choose Get it free.
Select your organization from the drop-down menu and choose Install.
Repeat the above steps to install the SARIF SAST Scans Tab extension (if not already installed). This will add a Scans tab to each build result for displaying C/C++test analysis results.

Adding the Run C/C++test Task to a Pipeline

Add the Run C/C++test (RunCpptest) task to your pipeline to launch code analysis with Parasoft C/C++test.

Depending on the project type and the build system you are using (Make, CMake, etc.), you may need to adjust the workflow to collect the required input data for C/C++test. See the C/C++test User Guide for details.

# Runs code analysis with C/C++test.      
- task: RunCpptest@1
  inputs:
    input: 'build/compile_commands.json'
    testConfig: 'builtin://MISRA C++ 2023'
    compilerConfig: 'clang_10_0'

Uploading Analysis Results to Azure Pipelines

By default, the Run C/C++test task generates analysis reports in the SARIF, XML, and HTML format.

When you upload the SARIF report to Azure Pipelines, the results will be presented on the Scans tab. This allows you to review the results of code analysis with Parasoft C/C++test directly in Azure Pipleines as part of your project.

To upload the SARIF report, modify your pipeline by adding the PublishBuildArtifacts task. Be sure to use CodeAnalysisLogs as the artifact name.

# Uploads analysis results in the SARIF format, so that they can be accessed in the 'Scans' tab.
- task: PublishBuildArtifacts@1
  inputs:
    # For C/C++test Standard version 2023.2 and earlier, use "PathtoPublish: 'reports/report.sarif'".
    PathtoPublish: 'reports/report_azure.sarif' 
    ArtifactName: 'CodeAnalysisLogs'
    publishLocation: 'Container'

To upload reports in other formats (.xml, .html), modify your pipeline by adding another PublishBuildArtifacts task. We recommend using CpptestReports as the artifact name.

# Uploads all report files (.xml, .html, .sarif) as build artifacts.
- task: PublishBuildArtifacts@1
  inputs:
    PathtoPublish: 'reports'
    ArtifactName: 'CpptestReports'
    publishLocation: 'Container'

Example Pipelines

The following examples show simple pipelines for Make and CMake-based projects. The examples assume that C/C++test is run on a self-hosted runner (from the self-hosted-cpptest pool) and the path to the cpptestcli executable is available on $PATH.

Run C/C++test with CMake project

# This is an example pipeline to help you get started with the Run C/C++test task for a CMake-based project.

# Triggers the pipeline on push or pull request events but only for the master (main) branch.
trigger:
- master
- main

# Specifies the type of runner that the pipeline will run on.
pool:
  name: self-hosted-cpptest

steps:

# Configures your CMake project. Be sure the compile_commands.json file is created.
- task: CMake@1
  inputs:
      workingDirectory: '.'
      cmakeArgs: '-DCMAKE_EXPORT_COMPILE_COMMANDS=1 -S . -B build'

# Builds your CMake project. This step is optional, as it is not required for code analysis.
- task: CMake@1
  inputs:
      workingDirectory: '.'
      cmakeArgs: '--build build'

# Runs code analysis with C/C++test.      
- task: RunCpptest@1
  inputs:
    # For CMake-based projects, use a compile_commands.json file as the input for analysis.
    input: 'build/compile_commands.json'

# Uploads analysis results in the SARIF format, so that they can be accessed in the 'Scans' tab.
- task: PublishBuildArtifacts@1
  inputs:
    # For C/C++test Standard version 2023.2 and earlier, use "PathtoPublish: 'reports/report.sarif'".
    PathtoPublish: 'reports/report_azure.sarif'
    ArtifactName: 'CodeAnalysisLogs'
    publishLocation: 'Container'

# Uploads all report files (.xml, .html, .sarif) as build artifacts.
- task: PublishBuildArtifacts@1
  inputs:
    PathtoPublish: 'reports'
    ArtifactName: 'CpptestReports'
    publishLocation: 'Container'

Run C/C++test with Make project

# This is an example pipeline to help you get started with the Run C/C++test task for a Make-based project.

# Triggers the pipeline on push or pull request events but only for the master (main) branch.
trigger:
- master
- main

# Specifies the type of runner that the pipeline will run on.
pool:
  name: self-hosted-cpptest

steps:

# Builds your Make project using 'cpptesttrace' to collect input data for code analysis.
# Be sure 'cpptesttrace' is available on $PATH.
- task: CmdLine@2
  displayName: Build project
  inputs:
    script: |
            cpptesttrace make clean all

# Runs code analysis with C/C++test.      
- task: RunCpptest@1
  # cpptestscan.bdf file, produced by 'cpptesttrace' in the build step, will be used as the input for analysis.

# Uploads analysis results in the SARIF format, so that they can be accessed in the 'Scans' tab.
- task: PublishBuildArtifacts@1
  inputs:
    # For C/C++test Standard version 2023.2 and earlier, use "PathtoPublish: 'reports/report.sarif'".
    PathtoPublish: 'reports/report_azure.sarif'
    ArtifactName: 'CodeAnalysisLogs'
    publishLocation: 'Container'

# Uploads all report files (.xml, .html, .sarif) as build artifacts.
- task: PublishBuildArtifacts@1
  inputs:
    PathtoPublish: 'reports'
    ArtifactName: 'CpptestReports'
    publishLocation: 'Container'

Configuring Analysis with C/C++test

You can configure analysis with Parasoft C/C++test in the following ways:

By customizing the Run C/C++test task directly in your Azure pipeline. See Task Parameters for a complete list of available parameters.
By configuring options in Parasoft C/C++test tool. We recommend creating a cpptestcli.properties file that includes all the configuration options and adding the file to C/C++test's working directory - typically, the root directory of your repository. This allows C/C++test to automatically read all the configuration options from that file. See Parasoft C/C++test User Guide for details.

Examples

This section includes practical examples of how the Run C/C++test task can be customized directly in the YAML file of your pipeline.

Configuring the Path to the C/C++test Installation Directory

If cpptestcli executable is not on $PATH, you can configure the path to the installation directory of Parasoft C/C++test by configuring the installDir parameter:

- task: RunCpptest@1
  inputs:
    installDir: '/opt/parasoft/cpptest'

Defining the Scope of Analysis

You can configure the input parameter to provide the path to a file that defines the scope of analysis (includes a list of source files and compile commands). This parameter depends on the project type and the build system you are using. See the C/C++test User Guide for details.

- task: RunCpptest@1
  inputs:
    input: 'build/compile_commands.json'

Configuring a C/C++test Test Configuration

Code analysis with C/C++test is performed by using a test configuration - a set of static analysis rules that enforce best coding practices or compliance guidelines. Parasoft C/C++test ships with a wide range of built-in test configurations. To specify a test configuration directly in your pipeline, add the testConfig parameter to the Run C/C++test task and specify the URL of the test configuration you want to use:

- task: RunCpptest@1
  inputs:
    testConfig: 'builtin://MISRA C++ 2023'

Configuring a C/C++test Compiler Configuration

In order to run analysis, C/C++test needs to be configured for a specific compiler. You need to specify the configuration that matches your compiler with the compilerConfig parameter. See Supported Compilers for information about supported compilers.

- task: RunCpptest@1
  inputs:
    compilerConfig: 'clang_10_0'

Failing the Pipeline When Code Analysis Findings Are Detected

To configure your pipeline to fail when C/C++test code analysis findings are detected, specify the additional parameter -fail. Ensure the pipeline will continue on error by configuring the continueOnError: true option.

- task: RunCpptest@1
  inputs:
    additionalParams: -fail
  continueOnError: true

Task Parameters

The following inputs are available for the Run C/C++test task:

Input	Description
`installDir`	Installation folder of Parasoft C/C++test. If not specified, the `cpptestcli` executable must be added to `$PATH`.
`workingDir`	Working directory for running C/C++test. If not specified, `$(System.DefaultWorkingDirectory)` will be used.
`compilerConfig`	Identifier of a compiler configuration. Ensure you specify the configuration that matches your compiler. If not specified, the `gcc_9-64` configuration will be used.
`testConfig`	Test configuration to be used for code analysis. The default is `builtin://Recommended Rules`.
`reportDir`	Output folder for reports from code analysis. If not specified, report files will be created in the `reports` folder.
`reportFormat`	Format of reports from code analysis. The default is `xml,html,sarif-azure`.
`input`	Input scope for analysis (typically, `cpptestscan.bdf` or `compile_commands.json`, depending on the project type and the build system). The default is `cpptestscan.bdf`.
`additionalParams`	Additional parameters for the `cpptestcli` executable.
`commandLinePattern`	Command line pattern for running C/C++test. It should only be modified in advanced scenarios. The default is: `${cpptestcli} -workspace "$(Pipeline.Workspace)" -compiler "${compilerConfig}" -config "${testConfig}" -property report.format=${reportFormat} -report "${reportDir}" -module "$(Build.Repository.Name)=." -input "${input}" ${scm} ${additionalParams}`

Customizing the Task to Run C/C++test Professional

This section describes how to customize the Run C/C++test task to run code analysis with Parasoft C/C++test Professional.

Updating the Command Line for C/C++test Professional

Use the commandLinePattern parameter to modify the command line for cpptestcli executable. The command line pattern depends on your project and the setup of the workspace. Example:

- task: RunCpptest@1
  inputs:
    # C/C++test workspace will be created in '$(Pipeline.Workspace)/workspace'.
    # C/C++test will create a new project based on the provided .bdf file.
    commandLinePattern: '${cpptestcli} -data "$(Pipeline.Workspace)/workspace" -config "${testConfig}" -report "${reportDir}" -bdf "${input}" ${scm} ${additionalParams}'

Note: The compilerConfig and reportFormat action parameters are not directly applicable to the C/C++test Professional command line.

Using Additional Configuration Options

Create a config.properties file with additional configuration options for C/C++test Professional, such as reporting options, compiler configuration etc. Then pass the configuration file to cpptestcli with the -localsettings config.properties option:

- task: RunCpptest@1
  inputs:
    # C/C++test will use options from 'config.properties'.
    additionalParams: '-localsettings config.properties'
    commandLinePattern: '${cpptestcli} -data "$(Pipeline.Workspace)/workspace" -config "${testConfig}" -report "${reportDir}" -bdf "${input}" ${scm} ${additionalParams}'

Generating SARIF Reports with C/C++test Professional

To enable generating SARIF reports, add the following option to the config.properties file:

report.format=sarif-azure

Hints for Using C/C++test's Automatically Generated Projects in Azure Pipelines

Set the project name to the repository name by modifying the build step to include the --cpptesttraceProjectName=$(Build.Repository.Name) option:

- task: CmdLine@2
  displayName: Build project
  inputs:
    script: |
            cpptesttrace --cpptesttraceProjectName=$(Build.Repository.Name) make clean all

Set the root location of the automatically generated project to the source location (the default working directory of cpptestcli) by adding the following option to the config.properties file:

bdf.import.location=.

Remove the C/C++test's workspace folder before starting the analysis:

- task: DeleteFiles@1
  inputs:
    SourceFolder: $(Pipeline.Workspace)/workspace
    Contents: '*' 
    RemoveSourceFolder: true

An example pipeline for C/C++test Professional with an automatically generated project:

# This is an exemplary pipeline to help you get started with the Run C/C++test task for a Make-based project with C/C++test Professional.

# Triggers the pipeline on push or pull request events but only for the master (main) branch.
trigger:
- master
- main

# Specifies the type of runner that the pipeline will run on.
pool:
  name: self-hosted-cpptest

steps:

# Builds your Make project using 'cpptesttrace' to collect input data for code analysis.
# Be sure 'cpptesttrace' is available on $PATH.
- task: CmdLine@2
  displayName: Build project
  inputs:
    script: |
            cpptesttrace --cpptesttraceProjectName=$(Build.Repository.Name) make clean all
            
# Creates the settings file for C/C++test.
- task: CmdLine@2
  displayName: Generate properties
  inputs:
    workingDirectory: $(System.DefaultWorkingDirectory)
    script: |
            echo 'report.format=sarif-azure' > config.properties
            echo 'bdf.import.location=.' >> config.properties

# Removes the C/C++test workspace folder.
- task: DeleteFiles@1
  inputs:
    SourceFolder: $(Pipeline.Workspace)/workspace
    Contents: '*' 
    RemoveSourceFolder: true
    RemoveDotFiles: true

# Runs code analysis with C/C++test Professional.      
- task: RunCpptest@1
  inputs:
    # C/C++test workspace will be created in '$(Pipeline.Workspace)/workspace'.
    # C/C++test will create a new project based on the provided .bdf file.
    additionalParams: -localsettings config.properties
    commandLinePattern: '${cpptestcli} -data "$(Pipeline.Workspace)/workspace" -config "${testConfig}" -report "${reportDir}" -bdf "${input}" ${scm} ${additionalParams}'

# Uploads analysis results in the SARIF format, so that they can be accessed in the 'Scans' tab.
- task: PublishBuildArtifacts@1
  inputs:
    # For C/C++test Professional version 2023.1 and earlier, use "PathtoPublish: 'reports/report.sarif'".
    PathtoPublish: 'reports/report_azure.sarif'
    ArtifactName: 'CodeAnalysisLogs'
    publishLocation: 'Container'

# Uploads all report files (.xml, .html, .sarif) as build artifacts.
- task: PublishBuildArtifacts@1
  inputs:
    PathtoPublish: 'reports'
    ArtifactName: 'CpptestReports'
    publishLocation: 'Container'

C/C++test

Parasoft