github: Remove obsolete LGTM workflow

lgtm.com will be shutdown soon.

.github/workflows/lgtm.yml

@@ -1,37 +0,0 @@
-name: lgtm.com
-
-on: [push]
-
-env:
-  OS_NAME: linux
-
-jobs:
-  pre-check:
-    runs-on: ubuntu-latest
-    outputs:
-      should_skip: ${{ steps.skip-check.outputs.should_skip }}
-    steps:
-      - id: skip-check
-        uses: fkirc/skip-duplicate-actions@master
-        with:
-          concurrent_skipping: 'same_content'
-
-  lgtm:
-    needs: pre-check
-    if: ${{ needs.pre-check.outputs.should_skip != 'true' }}
-    runs-on: ubuntu-latest
-    env:
-      TEST: lgtm
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-      # we don't use github/codeql-action because we can't exclude queries there,
-      # so we continue to use the approach we used on Travis
-      - env:
-          LGTM_TOKEN: ${{ secrets.LGTM_TOKEN }}
-          LGTM_PROJECT: ${{ secrets.LGTM_PROJECT }}
-          BUILD_NUMBER: ${{ github.run_number }}
-          COMMIT_ID: ${{ github.sha }}
-          COMMIT_BASE: ${{ github.event.before }}
-        uses: ./.github/actions/default

.lgtm.yml

@@ -1,61 +0,0 @@
-queries:
-  - exclude: cpp/fixme-comment
-  # this rule produces too many false positives due to our custom specifiers and
-  # the use of void pointers in swanctl
-  - exclude: cpp/wrong-type-format-argument
-
-extraction:
-  cpp:
-    prepare:
-      packages:
-        # for tss2
-        - libssl-dev
-        - libjson-c-dev
-        - libcurl4-openssl-dev
-    after_prepare:
-      - export DEPS_BUILD_DIR=$LGTM_WORKSPACE/deps
-      - mkdir -p $DEPS_BUILD_DIR
-      - export DEPS_PREFIX=$DEPS_BUILD_DIR/usr
-      - mkdir -p $DEPS_PREFIX
-      - export PKG_CONFIG_PATH="$DEPS_PREFIX/lib/pkgconfig:$PKG_CONFIG_PATH"
-      - export LD_LIBRARY_PATH="$DEPS_PREFIX/lib:$LD_LIBRARY_PATH"
-      - mkdir -p $LGTM_WORKSPACE/bin
-      # sudo doesn't work on the build hosts
-      - ln -s /usr/bin/nice $LGTM_WORKSPACE/bin/sudo
-      # for ldconfig we don't have enough permissions
-      - ln -s /bin/true $LGTM_WORKSPACE/bin/ldconfig
-      # likewise for apt-get
-      - ln -s /bin/echo $LGTM_WORKSPACE/bin/apt-get
-      - export PATH=$LGTM_WORKSPACE/bin:$PATH
-      - export TEST=all
-      - ./scripts/test.sh build-deps
-      - rm $LGTM_WORKSPACE/bin/*
-    configure:
-      command:
-        # follows the "all" build in test.sh (without custom-compiled stuff)
-        - ./autogen.sh
-        - ./configure --enable-all
-            --disable-af-alg
-            --disable-android-dns
-            --disable-android-log
-            --disable-asan
-            --disable-coverage
-            --disable-dbghelp-backtraces
-            --disable-fuzzing
-            --disable-kernel-iph
-            --disable-kernel-pfroute
-            --disable-kernel-wfp
-            --disable-keychain
-            --disable-leak-detective
-            --disable-lock-profiler
-            --disable-monolithic
-            --disable-osx-attr
-            --disable-padlock
-            --disable-python-eggs-install
-            --disable-socket-win
-            --disable-svc
-            --disable-tkm
-            --disable-uci
-            --disable-unwind-backtraces
-            --disable-warnings
-            --disable-winhttp

scripts/test.sh

@@ -397,68 +397,6 @@ apidoc)
 	CONFIG="--disable-defaults"
 	TARGET=apidoc
 	;;
-lgtm)
-	if [ -z "$LGTM_PROJECT" -o -z "$LGTM_TOKEN" ]; then
-		echo "The LGTM_PROJECT and LGTM_TOKEN environment variables" \
-			 "are required to run this test"
-		exit 0
-	fi
-	DEPS="jq"
-	if test -z "$1"; then
-		base=$COMMIT_BASE
-		# after rebases or for new/duplicate branches, the passed base commit
-		# ID might not be valid
-		git rev-parse -q --verify $base^{commit}
-		if [ $? != 0 ]; then
-			# this will always compare against master, while via base we
-			# otherwise only contains "new" commits
-			base=$(git merge-base origin/master ${COMMIT_ID})
-		fi
-		base=$(git rev-parse $base)
-
-		echo "Starting code review for $COMMIT_ID (base $base) on lgtm.com"
-		git diff --binary $base > lgtm.patch || exit $?
-		curl -s -X POST --data-binary @lgtm.patch \
-			"https://lgtm.com/api/v1.0/codereviews/${LGTM_PROJECT}?base=${base}&external-id=${BUILD_NUMBER}" \
-			-H 'Content-Type: application/octet-stream' \
-			-H 'Accept: application/json' \
-			-H "Authorization: Bearer ${LGTM_TOKEN}" > lgtm.res || exit $?
-		lgtm_check_url=$(jq -r '."task-result-url"' lgtm.res)
-		if [ -z "$lgtm_check_url" -o "$lgtm_check_url" = "null" ]; then
-			cat lgtm.res
-			exit 1
-		fi
-		lgtm_url=$(jq -r '."task-result"."results-url"' lgtm.res)
-		echo "Progress and full results: ${lgtm_url}"
-
-		echo -n "Waiting for completion: "
-		lgtm_status=pending
-		while [ "$lgtm_status" = "pending" ]; do
-			sleep 15
-			curl -s -X GET "${lgtm_check_url}" \
-				-H 'Accept: application/json' \
-				-H "Authorization: Bearer ${LGTM_TOKEN}" > lgtm.res
-			if [ $? != 0 ]; then
-				echo -n "-"
-				continue
-			fi
-			echo -n "."
-			lgtm_status=$(jq -r '.status' lgtm.res)
-		done
-		echo ""
-
-		if [ "$lgtm_status" != "success" ]; then
-			lgtm_message=$(jq -r '.["status-message"]' lgtm.res)
-			echo "Code review failed: ${lgtm_message}"
-			exit 1
-		fi
-		lgtm_new=$(jq -r '.languages[].new' lgtm.res | awk '{t+=$1} END {print t}')
-		lgtm_fixed=$(jq -r '.languages[].fixed' lgtm.res | awk '{t+=$1} END {print t}')
-		echo -n "Code review complete: "
-		printf "%b\n" "\e[1;31m${lgtm_new}\e[0m new alerts, \e[1;32m${lgtm_fixed}\e[0m fixed"
-		exit $lgtm_new
-	fi
-	;;
 *)
 	echo "$0: unknown test $TEST" >&2
 	exit 1