Skip to content

Commit

Permalink
Merge branch 'ArielSAdamsNASA-fix-382-reuse-workflows' into main
Browse files Browse the repository at this point in the history
  • Loading branch information
arielswalker committed Oct 27, 2021
2 parents 4e7357f + 26105d2 commit 4445289
Show file tree
Hide file tree
Showing 9 changed files with 198 additions and 84 deletions.
16 changes: 2 additions & 14 deletions .github/codeql/codeql-coding-standard.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,5 @@ name: "CodeQL Coding Standard Configuration File"
disable-default-queries: true

queries:
- name: JPL Rules
uses: github/codeql/cpp/ql/src/JPL_C@main
- name: MISRA Rule 9-5-1
uses: github/codeql/cpp/ql/src/jsf/4.20 Unions and Bit Fields/AV Rule 153.ql@main
- name: MISRA Rule 5-18-1
uses: github/codeql/cpp/ql/src/jsf/4.21 Operators/AV Rule 168.ql@main
- name: MISRA 6-2-2
uses: github/codeql/cpp/ql/src/jsf/4.25 Expressions/AV Rule 202.ql@main
- name: MISRA Rule 5-14-1
uses: github/codeql/cpp/ql/src/jsf/4.21 Operators/AV Rule 165.ql@main
- name: MISRA Rule 5-3-2
uses: github/codeql/cpp/ql/src/jsf/4.21 Operators/AV Rule 165.ql@main
- name: MISRA Rule 7-5-2
uses: github/codeql/cpp/ql/src/jsf/4.22 Pointers and References/AV Rule 173.ql@main
- name: JPL and MISRA
uses: ./.github/codeql/jpl-misra.qls
21 changes: 21 additions & 0 deletions .github/codeql/jpl-misra.qls
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# Start with all the queries in the codeql/cpp-queries pack.
- queries: .
from: codeql/cpp-queries
# Restrict to only the queries with the following ID patterns.
- include:
id:
# Regular expression matching all query IDs that start with `cpp/jpl-c/`
# This covers all queries in the `JPL_C` directory,
# but matching on query ID is more stable.
- /cpp/jpl-c/*/
# Specific JSF queries, identified by query ID.
# MISRA Rule 9-5-1
- cpp/jsf/av-rule-153
# MISRA Rule 5-18-1
- cpp/jsf/av-rule-168
# MISRA 6-2-2
- cpp/jsf/av-rule-202
# MISRA Rule 5-14-1
- cpp/jsf/av-rule-165
# MISRA Rule 5-3-2
- cpp/jsf/av-rule-173
16 changes: 13 additions & 3 deletions .github/workflows/README.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,15 @@
# Our Workflows

## Reusable Workflows

To reduce duplication, CodeQL Analysis, Static Analysis, and Format Checker are placed in cFS to be reused in the subrepositories.

CodeQL Analysis and Static Analysis require inputs, therefore, they are called in an additional workflow in cFS to be utilized. Format checker does not need to be reused in cFS because it does not require inputs.

Provided is a diagram of the architecture of the reusable workflows.

![Reusable Workflows Architecture](cFS-Reusable-Workflows.PNG)

## Deprecated Build, Test, and Run
[![Deprecated Build, Test, and Run](https://github.com/nasa/cfs/actions/workflows/build-cfs-deprecated.yml/badge.svg)](https://github.com/nasa/cfs/actions/workflows/build-cfs-deprecated.yml)

Expand All @@ -25,8 +35,8 @@ For the CodeQL GitHub Actions setup, visit https://github.com/github/codeql-acti

Our CodeQL action uses a configuration file to use specific queries, which can be found at [.github/codeql](https://github.com/nasa/cFS/tree/main/.github/codeql).

## Static Analaysis
[![Static Analaysis](https://github.com/nasa/cfs/actions/workflows/static-analysis.yml/badge.svg)](https://github.com/nasa/cfs/actions/workflows/static-analysis.yml)
## Static Analysis
[![Static Analysis](https://github.com/nasa/cfs/actions/workflows/static-analysis.yml/badge.svg)](https://github.com/nasa/cfs/actions/workflows/static-analysis.yml)

This action runs a static analysis tool for C/C++ code known as cppcheck. Cppcheck is designed to be able to analyze C/C++ code even if it has non-standard syntax, which is common in embedded projects.

Expand Down Expand Up @@ -58,6 +68,6 @@ This action creates a changelog file which documents all the issues in cFS.
The Changelog action runs manually.

## Format Check
[![Format Check](https://github.com/nasa/osal/actions/workflows/format-check.yml/badge.svg)](https://github.com/nasa/osal/actions/workflows/format-check.yml)
[![Format Check](https://github.com/nasa/cfs/actions/workflows/format-check.yml/badge.svg)](https://github.com/nasa/cfs/actions/workflows/format-check.yml)

This action uses [clang-format-10](https://github.com/nasa/cFS/blob/main/.clang-format) to check for format errors.
Binary file added .github/workflows/cFS-Reusable-Workflows.PNG
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
11 changes: 11 additions & 0 deletions .github/workflows/codeql-build-reuse.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
name: Reuse CodeQl Analysis

on:
push:
pull_request:


jobs:
codeql:
name: CodeQL Analysis
uses: nasa/cFS/.github/workflows/codeql-build.yml@main
78 changes: 40 additions & 38 deletions .github/workflows/codeql-build.yml
Original file line number Diff line number Diff line change
@@ -1,10 +1,24 @@
name: "CodeQL Analysis"
name: CodeQL Analysis

on:
push:
pull_request:
branches:
- main
workflow_call:
inputs:
sample-defs:
description: 'Build Prep'
type: string
default: 'cp ./cfe/cmake/Makefile.sample Makefile && cp -r ./cfe/cmake/sample_defs sample_defs'
make-prep:
description: 'Make Prep'
type: string
default: ''
make:
description: 'Make Code'
type: string
default: 'make'
tests:
description: 'Tests'
type: string
default: ''

env:
SIMULATION: native
Expand All @@ -26,8 +40,7 @@ jobs:
concurrent_skipping: 'same_content'
skip_after_successful_duplicate: 'true'
do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]'



CodeQL-Security-Build:
#Continue if check-for-duplicates found no duplicates. Always runs for pull-requests.
needs: check-for-duplicates
Expand All @@ -38,42 +51,37 @@ jobs:
steps:
# Checks out a copy of your repository
- name: Checkout code
if: ${{ !steps.skip-workflow.outputs.skip }}
uses: actions/checkout@v2
with:
repository: nasa/cFS
submodules: true

- name: Check versions
if: ${{ !steps.skip-workflow.outputs.skip }}
run: |
git log -1 --pretty=oneline
git submodule
- name: Initialize CodeQL
if: ${{ !steps.skip-workflow.outputs.skip }}
uses: github/codeql-action/init@v1
with:
languages: c
config-file: ./.github/codeql/codeql-security.yml
config-file: nasa/cFS/.github/codeql/codeql-security.yml@main

# Setup the build system
- name: Copy sample_defs
if: ${{ !steps.skip-workflow.outputs.skip }}
run: |
cp ./cfe/cmake/Makefile.sample Makefile
cp -r ./cfe/cmake/sample_defs sample_defs
run: ${{ inputs.sample-defs }}

- name: Make prep
run: ${{ inputs.make-prep }}

# Setup the build system
- name: Make Install
if: ${{ !steps.skip-workflow.outputs.skip }}
run: make
run: ${{ inputs.make }}

- name: Run tests
run: ${{ inputs.tests }}

# Run CodeQL
- name: Perform CodeQL Analysis
if: ${{ !steps.skip-workflow.outputs.skip }}
uses: github/codeql-action/analyze@v1

CodeQL-Coding-Standard-Build:
#Continue if check-for-duplicates found no duplicates. Always runs for pull-requests.
needs: check-for-duplicates
Expand All @@ -84,46 +92,40 @@ jobs:
steps:
# Checks out a copy of your repository
- name: Checkout code
if: ${{ !steps.skip-workflow.outputs.skip }}
uses: actions/checkout@v2
with:
repository: nasa/cFS
submodules: true

- name: Check versions
if: ${{ !steps.skip-workflow.outputs.skip }}
run: |
git log -1 --pretty=oneline
git submodule
- name: Checkout codeql code
if: ${{ !steps.skip-workflow.outputs.skip }}
uses: actions/checkout@v2
with:
repository: github/codeql
submodules: true
path: codeql

- name: Initialize CodeQL
if: ${{ !steps.skip-workflow.outputs.skip }}
uses: github/codeql-action/init@v1
with:
languages: c
config-file: ./.github/codeql/codeql-coding-standard.yml
config-file: nasa/cFS/.github/codeql/codeql-coding-standard.yml@main

# Setup the build system
- name: Copy sample_defs
if: ${{ !steps.skip-workflow.outputs.skip }}
run: |
cp ./cfe/cmake/Makefile.sample Makefile
cp -r ./cfe/cmake/sample_defs sample_defs
run: ${{ inputs.sample-defs }}

- name: Make prep
run: ${{ inputs.make-prep }}

# Setup the build system
- name: Make Install
if: ${{ !steps.skip-workflow.outputs.skip }}
run: make
run: ${{ inputs.make }}

- name: Run tests
run: ${{ inputs.tests }}

# Run CodeQL
- name: Perform CodeQL Analysis
if: ${{ !steps.skip-workflow.outputs.skip }}
uses: github/codeql-action/analyze@v1
uses: github/codeql-action/analyze@v1
67 changes: 67 additions & 0 deletions .github/workflows/format-check.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
name: Format Check

# Run on all push and pull requests
on:
push:
pull_request:
workflow_call:

jobs:
#Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action.
check-for-duplicates:
runs-on: ubuntu-latest
# Map a step output to a job output
outputs:
should_skip: ${{ steps.skip_check.outputs.should_skip }}
steps:
- id: skip_check
uses: fkirc/skip-duplicate-actions@master
with:
concurrent_skipping: 'same_content'
skip_after_successful_duplicate: 'true'
do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]'

format-checker:
name: Run format check
#Continue if check-for-duplicates found no duplicates. Always runs for pull-requests.
needs: check-for-duplicates
if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }}
runs-on: ubuntu-18.04
timeout-minutes: 15

steps:
- name: Install format checker
run: |
wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add -
sudo add-apt-repository 'deb http://apt.llvm.org/bionic/ llvm-toolchain-bionic-10 main'
sudo apt-get update && sudo apt-get install clang-format-10
- name: Checkout bundle
uses: actions/checkout@v2
with:
repository: nasa/cFS

- name: Checkout
uses: actions/checkout@v2
with:
path: repo

- name: Generate format differences
run: |
cd repo
find . -name "*.[ch]" -exec clang-format-10 -i -style=file {} +
git diff > $GITHUB_WORKSPACE/style_differences.txt
- name: Archive Static Analysis Artifacts
uses: actions/upload-artifact@v2
with:
name: style_differences
path: style_differences.txt

- name: Error on differences
run: |
if [[ -s style_differences.txt ]];
then
cat style_differences.txt
exit -1
fi
9 changes: 9 additions & 0 deletions .github/workflows/static-analysis-reuse.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
name: Reuse Static Analysis

on:
push:

jobs:
static-analysis:
name: Static Analysis
uses: nasa/cFS/.github/workflows/static-analysis.yml@main
Loading

0 comments on commit 4445289

Please sign in to comment.