Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix #1512, Add Coding Standard Rules in CodeQL #1513

Merged
merged 1 commit into from
Jun 2, 2021
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
73 changes: 68 additions & 5 deletions .github/workflows/codeql-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,23 @@ env:
BUILDTYPE: release

jobs:
#Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action.
check-for-duplicates:
runs-on: ubuntu-latest
# Map a step output to a job output
outputs:
should_skip: ${{ steps.skip_check.outputs.should_skip }}
steps:
- id: skip_check
uses: fkirc/skip-duplicate-actions@master
with:
concurrent_skipping: 'same_content'
skip_after_successful_duplicate: 'true'
do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]'

CodeQL-Build:
CodeQL-Security-Build:
needs: check-for-duplicates
if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }}
runs-on: ubuntu-18.04
timeout-minutes: 15

Expand All @@ -35,20 +50,68 @@ jobs:
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: c
queries: +security-extended, security-and-quality
languages: c
config-file: nasa/cFS/.github/codeql/codeql-security.yml@main

# Setup the build system
- name: Set up for build
run: |
cp ./cfe/cmake/Makefile.sample Makefile
cp -r ./cfe/cmake/sample_defs sample_defs
make prep

# Build the code
- name: Build
run: |
make -C build/native/default_cpu1 core_api core_private es evs fs msg resourceid sb sbr tbl time

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1

CodeQL-Coding-Standard-Build:
needs: check-for-duplicates
if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }}
runs-on: ubuntu-18.04
timeout-minutes: 15

steps:
# Checks out a copy of your repository on the ubuntu-latest machine
- name: Checkout bundle
uses: actions/checkout@v2
with:
repository: nasa/cFS
submodules: true

- name: Checkout submodule
uses: actions/checkout@v2
with:
path: cfe

- name: Check versions
run: git submodule

- name: Checkout codeql code
uses: actions/checkout@v2
with:
repository: github/codeql
submodules: true
path: codeql

- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: c
config-file: nasa/cFS/.github/codeql/codeql-coding-standard.yml@main

# Setup the build system
- name: Set up for build
run: |
cp ./cfe/cmake/Makefile.sample Makefile
cp -r ./cfe/cmake/sample_defs sample_defs
make prep

# Build the code
- name: Build
run: |
make -C build/native/default_cpu1 core_api core_private es evs fs msg resourceid sb sbr tbl time
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1