Merge pull request #34680 from ClickHouse/drop-pvs

Remove PVS test

.github/workflows/pull_request.yml

@@ -168,35 +168,6 @@ jobs:
           docker kill "$(docker ps -q)" ||:
           docker rm -f "$(docker ps -a -q)" ||:
           sudo rm -fr "$TEMP_PATH" "$CACHES_PATH"
-  PVSCheck:
-    needs: [DockerHubPush, FastTest]
-    runs-on: [self-hosted, func-tester]
-    steps:
-      - name: Set envs
-        run: |
-          cat >> "$GITHUB_ENV" << 'EOF'
-          TEMP_PATH=${{runner.temp}}/pvs_check
-          REPO_COPY=${{runner.temp}}/pvs_check/ClickHouse
-          EOF
-      - name: Clear repository
-        run: |
-          sudo rm -fr "$GITHUB_WORKSPACE" && mkdir "$GITHUB_WORKSPACE"
-      - name: Check out repository code
-        uses: actions/checkout@v2
-        with:
-          submodules: 'true'
-      - name: PVS Check
-        run: |
-          sudo rm -fr "$TEMP_PATH"
-          mkdir -p "$TEMP_PATH"
-          cp -r "$GITHUB_WORKSPACE" "$TEMP_PATH"
-          cd "$REPO_COPY/tests/ci" && python3 pvs_check.py
-      - name: Cleanup
-        if: always()
-        run: |
-          docker kill "$(docker ps -q)" ||:
-          docker rm -f "$(docker ps -a -q)" ||:
-          sudo rm -fr "$TEMP_PATH"
   CompatibilityCheck:
     needs: [BuilderDebRelease]
     runs-on: [self-hosted, style-checker]
@@ -3096,7 +3067,6 @@ jobs:
       - PerformanceComparison1
       - PerformanceComparison2
       - PerformanceComparison3
-      - PVSCheck
       - UnitTestsAsan
       - UnitTestsTsan
       - UnitTestsMsan

contrib/re2-cmake/CMakeLists.txt

@@ -71,7 +71,6 @@ foreach (FILENAME mutex.h)
     add_dependencies (re2_st transform_${FILENAME})
 endforeach ()
 
-# NOTE: you should not change name of library here, since it is used for PVS
-# (see docker/test/pvs/Dockerfile), to generate required header (see above)
+# NOTE: you should not change name of library here, since it is used to generate required header (see above)
 add_library(ch_contrib::re2 ALIAS re2)
 add_library(ch_contrib::re2_st ALIAS re2_st)

docker/images.json

@@ -7,7 +7,6 @@
         "name": "clickhouse/binary-builder",
         "dependent": [
             "docker/test/split_build_smoke_test",
-            "docker/test/pvs",
             "docker/test/codebrowser"
         ]
     },
@@ -31,11 +30,6 @@
         "name": "clickhouse/performance-comparison",
         "dependent": []
     },
-    "docker/test/pvs": {
-        "only_amd64": true,
-        "name": "clickhouse/pvs-test",
-        "dependent": []
-    },
     "docker/test/util": {
         "name": "clickhouse/test-util",
         "dependent": [

docker/test/pvs/Dockerfile

@@ -1,50 +0,0 @@
-# rebuild in #33610
-# docker build -t clickhouse/pvs-test .
-
-ARG FROM_TAG=latest
-FROM clickhouse/binary-builder:$FROM_TAG
-
-RUN apt-get update --yes \
-    && apt-get install \
-        bash \
-        wget \
-        software-properties-common \
-        gpg-agent \
-        debsig-verify \
-        strace \
-        protobuf-compiler \
-        protobuf-compiler-grpc \
-        libprotoc-dev \
-        libgrpc++-dev \
-        libc-ares-dev \
-        --yes --no-install-recommends
-
-#RUN wget -nv -O - http://files.viva64.com/etc/pubkey.txt | sudo apt-key add -
-#RUN sudo wget -nv -O /etc/apt/sources.list.d/viva64.list http://files.viva64.com/etc/viva64.list
-#
-#RUN apt-get --allow-unauthenticated update -y \
-#    && env DEBIAN_FRONTEND=noninteractive \
-#        apt-get --allow-unauthenticated install --yes --no-install-recommends \
-#            pvs-studio
-
-ENV PKG_VERSION="pvs-studio-latest"
-
-RUN set -x \
-    && export PUBKEY_HASHSUM="ad369a2e9d8b8c30f5a9f2eb131121739b79c78e03fef0f016ea51871a5f78cd4e6257b270dca0ac3be3d1f19d885516" \
-    && wget -nv https://files.viva64.com/etc/pubkey.txt -O /tmp/pubkey.txt \
-    && echo "${PUBKEY_HASHSUM} /tmp/pubkey.txt" | sha384sum -c \
-    && apt-key add /tmp/pubkey.txt \
-    && wget -nv "https://files.viva64.com/${PKG_VERSION}.deb" \
-    && { debsig-verify ${PKG_VERSION}.deb \
-    || echo "WARNING: Some file was just downloaded from the internet without any validation and we are installing it into the system"; } \
-    && dpkg -i "${PKG_VERSION}.deb"
-
-ENV CCACHE_DIR=/test_output/ccache
-
-CMD echo "Running PVS version $PKG_VERSION" && mkdir -p $CCACHE_DIR && cd /repo_folder && pvs-studio-analyzer credentials $LICENCE_NAME $LICENCE_KEY -o ./licence.lic  \
-    && cmake . -D"ENABLE_EMBEDDED_COMPILER"=OFF -D"DISABLE_HERMETIC_BUILD"=ON -DCMAKE_C_COMPILER=clang-13 -DCMAKE_CXX_COMPILER=clang\+\+-13 \
-    && ninja re2_st clickhouse_grpc_protos \
-    && pvs-studio-analyzer analyze -o pvs-studio.log -e contrib -j "$(nproc)" -l ./licence.lic; \
-    cp /repo_folder/pvs-studio.log /test_output; \
-    plog-converter -a GA:1,2 -t fullhtml -o /test_output/pvs-studio-html-report pvs-studio.log; \
-    plog-converter -a GA:1,2 -t tasklist -o /test_output/pvs-studio-task-report.txt pvs-studio.log

docs/en/development/continuous-integration.md

@@ -76,15 +76,6 @@ If it fails, fix the style errors following the [code style guide](style.md).
 - `output.txt` contains the check resulting errors (invalid tabulation etc), blank page means no errors. [Successful result example](https://clickhouse-test-reports.s3.yandex.net/12550/659c78c7abb56141723af6a81bfae39335aa8cb2/style_check/output.txt).
 
 
-## PVS Check
-Check the code with [PVS-studio](https://www.viva64.com/en/pvs-studio/), a static analysis tool. Look at the report to see the exact errors. Fix them if you can, if not -- ask a ClickHouse maintainer for help.
-
-### Report Details
-- [Status page example](https://clickhouse-test-reports.s3.yandex.net/12550/67d716b5cc3987801996c31a67b31bf141bc3486/pvs_check.html)
-- `test_run.txt.out.log` contains the building and analyzing log file. It includes only parsing or not-found errors.
-- `HTML report` contains the analysis results. For its description visit PVS's [official site](https://www.viva64.com/en/m/0036/#ID14E9A2B2CD).
-
-
 ## Fast Test
 Normally this is the first check that is ran for a PR. It builds ClickHouse and
 runs most of [stateless functional tests](tests.md#functional-tests), omitting

docs/en/development/tests.md

@@ -263,7 +263,7 @@ People from Yandex Security Team did some basic overview of ClickHouse capabilit
 
 ## Static Analyzers {#static-analyzers}
 
-We run `clang-tidy` and `PVS-Studio` on per-commit basis. `clang-static-analyzer` checks are also enabled. `clang-tidy` is also used for some style checks.
+We run `clang-tidy` on per-commit basis. `clang-static-analyzer` checks are also enabled. `clang-tidy` is also used for some style checks.
 
 We have evaluated `clang-tidy`, `Coverity`, `cppcheck`, `PVS-Studio`, `tscancode`, `CodeQL`. You will find instructions for usage in `tests/instructions/` directory. Also you can read [the article in russian](https://habr.com/company/yandex/blog/342018/).
 

docs/zh/development/continuous-integration.md

@@ -46,14 +46,6 @@ git push
 -  [状态页示例](https://clickhouse-test-reports.s3.yandex.net/12550/659c78c7abb56141723af6a81bfae39335aa8cb2/style_check.html)
 -  `docs_output.txt`记录了查结果错误(无效表格等), 空白页表示没有错误. [成功结果案例](https://clickhouse-test-reports.s3.yandex.net/12550/659c78c7abb56141723af6a81bfae39335aa8cb2/style_check/output.txt)
 
-### PVS 检查 {#pvs-check}
-使用静态分析工具[PVS-studio](https://www.viva64.com/en/pvs-studio/)检查代码. 查看报告以查看确切的错误.如果可以则修复它们, 如果不行, 可以向ClickHouse的维护人员寻求帮忙.
-
-### 报告详情 {#report-details}
--  [状态页示例](https://clickhouse-test-reports.s3.yandex.net/12550/67d716b5cc3987801996c31a67b31bf141bc3486/pvs_check.html)
--  `test_run.txt.out.log`包含构建和分析日志文件.它只包含解析或未找到的错误.
--  `HTML report`包含分析结果.有关说明请访问PVS的[官方网站](https://www.viva64.com/en/m/0036/#ID14E9A2B2CD)
-
 ## 快速测试 {#fast-test}
 通常情况下这是PR运行的第一个检查.它构建ClickHouse以及大多数无状态运行测试, 其中省略了一些.如果失败，在修复之前不会开始进一步的检查. 查看报告以了解哪些测试失败, 然后按照[此处](./tests.md#functional-test-locally)描述的在本地重现失败.
 

docs/zh/development/tests.md

@@ -254,7 +254,7 @@ Yandex安全团队的人员从安全的角度对ClickHouse的功能做了一些
 
 ## 静态分析仪 {#static-analyzers}
 
-我们在每次提交的基础上运行 `clang-tidy` 和 `PVS-Studio`. `clang-static-analyzer` 检查也被启用. `clang-tidy` 也用于一些样式检查.
+我们在每次提交的基础上运行 `clang-tidy`. `clang-static-analyzer` 检查也被启用. `clang-tidy` 也用于一些样式检查.
 
 我们已经评估了 `clang-tidy`、`Coverity`、`cppcheck`、`PVS-Studio`、`tscancode`、`CodeQL`. 您将在 `tests/instructions/` 目录中找到使用说明. 你也可以阅读[俄文文章](https://habr.com/company/yandex/blog/342018/).
 

tests/ci/pvs_check.py

@@ -1,128 +0,0 @@
-#!/usr/bin/env python3
-
-# pylint: disable=line-too-long
-
-import os
-import json
-import logging
-import sys
-from github import Github
-
-from env_helper import REPO_COPY, TEMP_PATH, GITHUB_RUN_ID, GITHUB_REPOSITORY, GITHUB_SERVER_URL
-from s3_helper import S3Helper
-from pr_info import PRInfo
-from get_robot_token import get_best_robot_token, get_parameter_from_ssm
-from upload_result_helper import upload_results
-from commit_status_helper import get_commit
-from clickhouse_helper import ClickHouseHelper, prepare_tests_results_for_clickhouse
-from stopwatch import Stopwatch
-from rerun_helper import RerunHelper
-from tee_popen import TeePopen
-
-NAME = 'PVS Studio (actions)'
-LICENCE_NAME = 'Free license: ClickHouse, Yandex'
-HTML_REPORT_FOLDER = 'pvs-studio-html-report'
-TXT_REPORT_NAME = 'pvs-studio-task-report.txt'
-
-
-def _process_txt_report(path):
-    warnings = []
-    errors = []
-    with open(path, 'r') as report_file:
-        for line in report_file:
-            if 'viva64' in line:
-                continue
-
-            if 'warn' in line:
-                warnings.append(':'.join(line.split('\t')[0:2]))
-            elif 'err' in line:
-                errors.append(':'.join(line.split('\t')[0:2]))
-
-    return warnings, errors
-
-
-if __name__ == "__main__":
-    logging.basicConfig(level=logging.INFO)
-
-    stopwatch = Stopwatch()
-
-    repo_path = REPO_COPY
-    temp_path = TEMP_PATH
-
-    pr_info = PRInfo()
-    # this check modify repository so copy it to the temp directory
-    logging.info("Repo copy path %s", repo_path)
-
-    gh = Github(get_best_robot_token())
-    rerun_helper = RerunHelper(gh, pr_info, NAME)
-    if rerun_helper.is_already_finished_by_status():
-        logging.info("Check is already finished according to github status, exiting")
-        sys.exit(0)
-
-    images_path = os.path.join(temp_path, 'changed_images.json')
-    docker_image = 'clickhouse/pvs-test'
-    if os.path.exists(images_path):
-        logging.info("Images file exists")
-        with open(images_path, 'r') as images_fd:
-            images = json.load(images_fd)
-            logging.info("Got images %s", images)
-            if 'clickhouse/pvs-test' in images:
-                docker_image += ':' + images['clickhouse/pvs-test']
-
-    logging.info("Got docker image %s", docker_image)
-
-    s3_helper = S3Helper('https://s3.amazonaws.com')
-
-    licence_key = get_parameter_from_ssm('pvs_studio_key')
-    cmd = f"docker run -u $(id -u ${{USER}}):$(id -g ${{USER}}) --volume={repo_path}:/repo_folder --volume={temp_path}:/test_output -e LICENCE_NAME='{LICENCE_NAME}' -e LICENCE_KEY='{licence_key}' {docker_image}"
-    commit = get_commit(gh, pr_info.sha)
-
-    run_log_path = os.path.join(temp_path, 'run_log.log')
-
-    with TeePopen(cmd, run_log_path) as process:
-        retcode = process.wait()
-        if retcode != 0:
-            logging.info("Run failed")
-        else:
-            logging.info("Run Ok")
-
-    if retcode != 0:
-        commit.create_status(context=NAME, description='PVS report failed to build', state='error',
-                             target_url=f"{GITHUB_SERVER_URL}/{GITHUB_REPOSITORY}/actions/runs/{GITHUB_RUN_ID}")
-        sys.exit(1)
-
-    try:
-        s3_path_prefix = str(pr_info.number) + "/" + pr_info.sha + "/" + NAME.lower().replace(' ', '_')
-        html_urls = s3_helper.upload_test_folder_to_s3(os.path.join(temp_path, HTML_REPORT_FOLDER), s3_path_prefix)
-        index_html = None
-
-        for url in html_urls:
-            if 'index.html' in url:
-                index_html = '<a href="{}">HTML report</a>'.format(url)
-                break
-
-        if not index_html:
-            commit.create_status(context=NAME, description='PVS report failed to build', state='error',
-                                 target_url=f"{GITHUB_SERVER_URL}/{GITHUB_REPOSITORY}/actions/runs/{GITHUB_RUN_ID}")
-            sys.exit(1)
-
-        txt_report = os.path.join(temp_path, TXT_REPORT_NAME)
-        warnings, errors = _process_txt_report(txt_report)
-        errors = errors + warnings
-
-        status = 'success'
-        test_results = [(index_html, "Look at the report"), ("Errors count not checked", "OK")]
-        description = "Total errors {}".format(len(errors))
-        additional_logs = [txt_report, os.path.join(temp_path, 'pvs-studio.log')]
-        report_url = upload_results(s3_helper, pr_info.number, pr_info.sha, test_results, additional_logs, NAME)
-
-        print("::notice ::Report url: {}".format(report_url))
-        commit = get_commit(gh, pr_info.sha)
-        commit.create_status(context=NAME, description=description, state=status, target_url=report_url)
-
-        ch_helper = ClickHouseHelper()
-        prepared_events = prepare_tests_results_for_clickhouse(pr_info, test_results, status, stopwatch.duration_seconds, stopwatch.start_time_str, report_url, NAME)
-        ch_helper.insert_events_into(db="gh-data", table="checks", events=prepared_events)
-    except Exception as ex:
-        print("Got an exception", ex)
-        sys.exit(1)

tests/instructions/pvs-studio.txt

@@ -1,15 +0,0 @@
-https://www.viva64.com/ru/m/0036/
-
-# Analyze project with 4 threads. It takes about six minutes.
-
-pvs-studio-analyzer analyze -o pvs-studio.log -e contrib -j 4
-
-# Generate a report with "general" diagnostics of severity 1 and 2, in "tasks" format (simple text file):
-
-plog-converter -a GA:1,2 -t tasklist -o project.tasks pvs-studio.log
-
-# Generate an HTML report:
-
-plog-converter -a GA:1,2 -t fullhtml -o ./pvs-studio-html-report pvs-studio.log
-
-# Open ./pvs-studio-html-report/index.html in your browser.