Fix #986, Show CodeQL Preview #987
Conversation
ArielSAdamsNASA
added
CCB:Ready
.github/workflows/codeql-build.yml
Outdated
| make prep | ||
|
|
||
| cp Makefile.sample Makefile | ||
| make ENABLE_UNIT_TESTS=true PERMISSIVE_MODE=true prep |
There was a problem hiding this comment.
Recommend either using all env settings or all specified on the make line, looks like at minimum ENABLE_UNIT_TESTS is set in both locations.
There was a problem hiding this comment.
Set PERMISSIVE_MODE in env settings and remove ENABLE_UNIT_TESTS in make command.
There was a problem hiding this comment.
One impact of this change is now the analysis is run using the osal default configuration, vs what is specified in cFE. Probably OK as long as the cFE still does CodeQL, but then need to keep aware of OSAL warnings in that context. Eventually we probably want at least 2 CodeQL analysis runs in OSAL to exercise a range of options.
Renamed newly created CodeQL workflow as codeql-default-build to allow two analysis runs of CodeQL. |
ArielSAdamsNASA
removed
the
CCB:Ready
ArielSAdamsNASA
added
the
CCB:Ready
|
Renamed workflow to codeql-osal-default. |
astrogeco
added
CCB:Approved
|
Should we add the "check for duplicates" workflow to this? |
Yes! Thanks for the reminder, just added it. |
nasa/cFE#1491, Correctly format code block section terminator nasa/cFE#1530, Fix #1550, typos in developer guide nasa/osal#987, Show CodeQL Preview
nasa/cFE#1491, Correctly format code block section terminator nasa/cFE#1530, Fix typos in developer guide nasa/osal#987, Show CodeQL Preview
Combines: nasa/cFE#1508, cFE v6.8.0-rc1+dev580 nasa/osal#1006, osal v5.1.0-rc1+dev452 Includes: nasa/cFE#1482, Resolve sequence count auto-increment rollover bug nasa/cFE#1491, Correctly format code block section terminator nasa/cFE#1530, Fix typos in developer guide nasa/osal#985, rename hooks to handlers nasa/osal#1000, propagate status code in OS_rmdir nasa/osal#1001, rework "unit-tests" to use macros nasa/osal#1003, remove extra newlines in utassert logs nasa/osal#990, Add test for object id inline functions nasa/osal#998, fixed invalid inputs for OS_mkdir nasa/osal#812, Improves config guide documentation nasa/osal#987, Show CodeQL Preview
Combines: nasa/cFE#1508, cFE v6.8.0-rc1+dev580 nasa/osal#1006, osal v5.1.0-rc1+dev452 Includes: nasa/cFE#1482, Resolve sequence count auto-increment rollover bug nasa/cFE#1491, Correctly format code block section terminator nasa/cFE#1530, Fix typos in developer guide nasa/osal#985, rename hooks to handlers nasa/osal#1000, propagate status code in OS_rmdir nasa/osal#1001, rework "unit-tests" to use macros nasa/osal#1003, remove extra newlines in utassert logs nasa/osal#990, Add test for object id inline functions nasa/osal#998, fixed invalid inputs for OS_mkdir nasa/osal#812, Improves config guide documentation nasa/osal#987, Show CodeQL Preview Co-Authored-By: Jake Hageman <skliper@users.noreply.github.com> Co-Authored-By: Joseph Hickey <joseph.p.hickey@nasa.gov> Co-Authored-By: Ariel Adams <ArielSAdamsNASA@users.noreply.github.com> Co-Authored-By: Alex Campbell <zanzaben@users.noreply.github.com> Co-Authored-By: Tobias Nießen <tniessen@users.noreply.github.com> Co-Authored-By: Jonathan Bohren <jbohren-hbr@users.noreply.github.com> Co-Authored-By: Andrei Tumbar <Kronos3@users.noreply.github.com>
Fix nasa#835, build tables for static apps
Describe the contribution
Fix #986
Checkout just the osal repository rather than the entire cFS bundle to allow CodeQL to provide a code preview.
Code preview is not available when the entire cFS bundle is checked out. The osal itself must be the only repository checked out.
Since the tests require the cFE repo, they are removed.
Testing performed
Tested locally on forked repository
Tested on this PR. Example of code scanning result found here: https://github.com/nasa/osal/security/code-scanning/142?query=ref%3Arefs%2Fpull%2F987%2Fmerge
Expected behavior changes
Code preview should be available in the osal repository.
Additional context
Tests are not used.
Contributor Info - All information REQUIRED for consideration of pull request
Ariel Adams, ASRC Federal