diff --git a/.github/codeql/codeql-coding-standard.yml b/.github/codeql/codeql-coding-standard.yml index 718b750e9..f250b2600 100644 --- a/.github/codeql/codeql-coding-standard.yml +++ b/.github/codeql/codeql-coding-standard.yml @@ -4,4 +4,4 @@ disable-default-queries: true queries: - name: JPL and MISRA - uses: ./.github/codeql/jpl-misra.qls \ No newline at end of file + uses: nasa/cFS/.github/codeql/jpl-misra.qls@main \ No newline at end of file diff --git a/.github/workflows/README.md b/.github/workflows/README.md index 6c256c0ef..86328d99a 100644 --- a/.github/workflows/README.md +++ b/.github/workflows/README.md @@ -1,5 +1,15 @@ # Our Workflows +## Reusable Workflows + +To reduce duplication, the workflows CodeQL Analysis, Static Analysis, and Format Checker are placed in cFS to be reused in the subrepositories. + +CodeQL Analysis and Static Analysis require inputs, therefore, they are called in an additional workflow in cFS to be utilized. Format checker does not need to be reused in cFS because it does not require inputs. + +Provided is a diagram of the architecture of the reusable workflows. + +![Reusable Workflows Architecture](Reusable-Workflows-Architecture.PNG) + ## Deprecated Build, Test, and Run [![Deprecated Build, Test, and Run](https://github.com/nasa/cfs/actions/workflows/build-cfs-deprecated.yml/badge.svg)](https://github.com/nasa/cfs/actions/workflows/build-cfs-deprecated.yml) diff --git a/.github/workflows/Reusable-Workflows-Architecture.PNG b/.github/workflows/Reusable-Workflows-Architecture.PNG new file mode 100644 index 000000000..d3d5e12cd Binary files /dev/null and b/.github/workflows/Reusable-Workflows-Architecture.PNG differ diff --git a/.github/workflows/build-cfs-deprecated.yml b/.github/workflows/build-cfs-deprecated.yml index 3729e8d75..da700df24 100644 --- a/.github/workflows/build-cfs-deprecated.yml +++ b/.github/workflows/build-cfs-deprecated.yml @@ -9,6 +9,7 @@ env: SIMULATION: native OMIT_DEPRECATED: false ENABLE_UNIT_TESTS: true + CTEST_OUTPUT_ON_FAILURE: true REPO_NAME: ${{ github.event.repository.name }} jobs: diff --git a/.github/workflows/build-cfs-rtems4.11.yml b/.github/workflows/build-cfs-rtems4.11.yml index 16081bb75..9194331f4 100644 --- a/.github/workflows/build-cfs-rtems4.11.yml +++ b/.github/workflows/build-cfs-rtems4.11.yml @@ -7,6 +7,8 @@ on: env: OMIT_DEPRECATED: true + CTEST_OUTPUT_ON_FAILURE: true + jobs: #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. @@ -29,7 +31,7 @@ jobs: if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} name: Build runs-on: ubuntu-18.04 - container: nmullane/qemu_rtems:4.11 + container: ghcr.io/core-flight-system/qemu-rtems-4-11:latest strategy: fail-fast: false @@ -65,7 +67,7 @@ jobs: test-cfs: name: Test runs-on: ubuntu-18.04 - container: nmullane/qemu_rtems:4.11 + container: ghcr.io/core-flight-system/qemu-rtems-4-11:latest needs: build-cfs @@ -83,7 +85,6 @@ jobs: # Disable mcopy check otherwise disk image build fails MTOOLS_SKIP_CHECK: 1 - steps: # Checks out a copy of your repository on the ubuntu-latest machine - name: Checkout code diff --git a/.github/workflows/build-cfs-rtems5.yml b/.github/workflows/build-cfs-rtems5.yml index 9e8629f0b..807ee5733 100644 --- a/.github/workflows/build-cfs-rtems5.yml +++ b/.github/workflows/build-cfs-rtems5.yml @@ -7,6 +7,8 @@ on: env: OMIT_DEPRECATED: true + CTEST_OUTPUT_ON_FAILURE: true + jobs: #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. @@ -29,7 +31,7 @@ jobs: if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} name: Build runs-on: ubuntu-18.04 - container: nmullane/qemu_rtems:5 + container: ghcr.io/core-flight-system/qemu-rtems-5:latest strategy: fail-fast: false @@ -65,7 +67,7 @@ jobs: test-cfs: name: Test runs-on: ubuntu-18.04 - container: nmullane/qemu_rtems:5 + container: ghcr.io/core-flight-system/qemu-rtems-5:latest needs: build-cfs @@ -83,7 +85,6 @@ jobs: # Disable mcopy check otherwise disk image build fails MTOOLS_SKIP_CHECK: 1 - steps: # Checks out a copy of your repository on the ubuntu-latest machine - name: Checkout code @@ -122,4 +123,4 @@ jobs: if: always() with: name: cFS-rtems-log-summary-${{ matrix.buildtype }} - path: ./build/exe/cpu1/*.log + path: ./build/exe/cpu1/*.log \ No newline at end of file diff --git a/.github/workflows/build-cfs.yml b/.github/workflows/build-cfs.yml index 265db91cf..31b764b58 100644 --- a/.github/workflows/build-cfs.yml +++ b/.github/workflows/build-cfs.yml @@ -9,6 +9,7 @@ env: SIMULATION: native OMIT_DEPRECATED: true ENABLE_UNIT_TESTS: true + CTEST_OUTPUT_ON_FAILURE: true REPO_NAME: ${{ github.event.repository.name }} jobs: diff --git a/.github/workflows/codeql-build-reuse.yml b/.github/workflows/codeql-build-reuse.yml new file mode 100644 index 000000000..ee5a9a66e --- /dev/null +++ b/.github/workflows/codeql-build-reuse.yml @@ -0,0 +1,10 @@ +name: Reuse CodeQl Analysis + +on: + push: + pull_request: + +jobs: + codeql: + name: CodeQL Analysis + uses: nasa/cFS/.github/workflows/codeql-build.yml@main \ No newline at end of file diff --git a/.github/workflows/codeql-build.yml b/.github/workflows/codeql-build.yml index 2241b2d17..773b7ca2b 100644 --- a/.github/workflows/codeql-build.yml +++ b/.github/workflows/codeql-build.yml @@ -1,20 +1,31 @@ name: "CodeQL Analysis" -# Only trigger, when the build workflow succeeded on: - workflow_run: - workflows: ["Build, Test, and Run \\[OMIT_DEPRECATED = true\\]"] - types: - - completed - branches: - - '**' + workflow_call: + inputs: + setup: + description: 'Build Prep' + type: string + default: 'cp ./cfe/cmake/Makefile.sample Makefile && cp -r ./cfe/cmake/sample_defs sample_defs' + make-prep: + description: 'Make Prep' + type: string + default: '' + make: + description: 'Make Copy' + type: string + default: 'make' + tests: + description: 'Tests' + type: string + default: '' + env: SIMULATION: native ENABLE_UNIT_TESTS: true OMIT_DEPRECATED: true BUILDTYPE: release - jobs: #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. check-for-duplicates: @@ -22,7 +33,6 @@ jobs: # Map a step output to a job output outputs: should_skip: ${{ steps.skip_check.outputs.should_skip }} - if: ${{ github.event.workflow_run.conclusion == 'success' }} steps: - id: skip_check uses: fkirc/skip-duplicate-actions@master @@ -30,8 +40,7 @@ jobs: concurrent_skipping: 'same_content' skip_after_successful_duplicate: 'true' do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' - - + CodeQL-Security-Build: #Continue if check-for-duplicates found no duplicates. Always runs for pull-requests. needs: check-for-duplicates @@ -42,42 +51,37 @@ jobs: steps: # Checks out a copy of your repository - name: Checkout code - if: ${{ !steps.skip-workflow.outputs.skip }} uses: actions/checkout@v2 with: repository: nasa/cFS submodules: true - name: Check versions - if: ${{ !steps.skip-workflow.outputs.skip }} run: | git log -1 --pretty=oneline git submodule - + - name: Initialize CodeQL - if: ${{ !steps.skip-workflow.outputs.skip }} uses: github/codeql-action/init@v1 with: languages: c - config-file: ./.github/codeql/codeql-security.yml - - # Setup the build system + config-file: nasa/cFS/.github/codeql/codeql-security.yml@main + - name: Copy sample_defs - if: ${{ !steps.skip-workflow.outputs.skip }} - run: | - cp ./cfe/cmake/Makefile.sample Makefile - cp -r ./cfe/cmake/sample_defs sample_defs + run: ${{ inputs.setup }} - # Setup the build system + - name: Make prep + run: ${{ inputs.make-prep }} + - name: Make Install - if: ${{ !steps.skip-workflow.outputs.skip }} - run: make + run: ${{ inputs.make }} + + - name: Run tests + run: ${{ inputs.tests }} - # Run CodeQL - name: Perform CodeQL Analysis - if: ${{ !steps.skip-workflow.outputs.skip }} uses: github/codeql-action/analyze@v1 - + CodeQL-Coding-Standard-Build: #Continue if check-for-duplicates found no duplicates. Always runs for pull-requests. needs: check-for-duplicates @@ -88,45 +92,39 @@ jobs: steps: # Checks out a copy of your repository - name: Checkout code - if: ${{ !steps.skip-workflow.outputs.skip }} uses: actions/checkout@v2 with: repository: nasa/cFS submodules: true - name: Check versions - if: ${{ !steps.skip-workflow.outputs.skip }} run: | git log -1 --pretty=oneline git submodule + - name: Checkout codeql code + uses: actions/checkout@v2 + with: + repository: github/codeql + submodules: true + path: codeql - name: Initialize CodeQL - if: ${{ !steps.skip-workflow.outputs.skip }} uses: github/codeql-action/init@v1 with: languages: c - config-file: ./.github/codeql/codeql-coding-standard.yml + config-file: nasa/cFS/.github/codeql/codeql-coding-standard.yml@main - # Setup the build system - name: Copy sample_defs - if: ${{ !steps.skip-workflow.outputs.skip }} - run: | - cp ./cfe/cmake/Makefile.sample Makefile - cp -r ./cfe/cmake/sample_defs sample_defs - - # Setup the build system + run: ${{ inputs.setup }} + + - name: Make prep + run: ${{ inputs.make-prep }} + - name: Make Install - if: ${{ !steps.skip-workflow.outputs.skip }} - run: make + run: ${{ inputs.make }} + + - name: Run tests + run: ${{ inputs.tests }} - # Run CodeQL - name: Perform CodeQL Analysis - if: ${{ !steps.skip-workflow.outputs.skip }} - uses: github/codeql-action/analyze@v1 - - on-failure: - runs-on: ubuntu-latest - if: ${{ github.event.workflow_run.conclusion == 'failure' }} - steps: - - name: Fail workflow - run: exit 1 + uses: github/codeql-action/analyze@v1 \ No newline at end of file diff --git a/.github/workflows/format-check.yml b/.github/workflows/format-check.yml new file mode 100644 index 000000000..cb003b6e7 --- /dev/null +++ b/.github/workflows/format-check.yml @@ -0,0 +1,67 @@ +name: Format Check + +# Run on all push and pull requests +on: + push: + pull_request: + workflow_call: + +jobs: + #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. + check-for-duplicates: + runs-on: ubuntu-latest + # Map a step output to a job output + outputs: + should_skip: ${{ steps.skip_check.outputs.should_skip }} + steps: + - id: skip_check + uses: fkirc/skip-duplicate-actions@master + with: + concurrent_skipping: 'same_content' + skip_after_successful_duplicate: 'true' + do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' + + format-checker: + name: Run format check + #Continue if check-for-duplicates found no duplicates. Always runs for pull-requests. + needs: check-for-duplicates + if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} + runs-on: ubuntu-18.04 + timeout-minutes: 15 + + steps: + - name: Install format checker + run: | + wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add - + sudo add-apt-repository 'deb http://apt.llvm.org/bionic/ llvm-toolchain-bionic-10 main' + sudo apt-get update && sudo apt-get install clang-format-10 + + - name: Checkout bundle + uses: actions/checkout@v2 + with: + repository: nasa/cFS + + - name: Checkout + uses: actions/checkout@v2 + with: + path: repo + + - name: Generate format differences + run: | + cd repo + find . -name "*.[ch]" -exec clang-format-10 -i -style=file {} + + git diff > $GITHUB_WORKSPACE/style_differences.txt + + - name: Archive Static Analysis Artifacts + uses: actions/upload-artifact@v2 + with: + name: style_differences + path: style_differences.txt + + - name: Error on differences + run: | + if [[ -s style_differences.txt ]]; + then + cat style_differences.txt + exit -1 + fi diff --git a/.github/workflows/static-analysis-reuse.yml b/.github/workflows/static-analysis-reuse.yml new file mode 100644 index 000000000..44688b621 --- /dev/null +++ b/.github/workflows/static-analysis-reuse.yml @@ -0,0 +1,10 @@ +name: Reuse Static Analysis + +on: + push: + pull_request: + +jobs: + static-analysis: + name: Static Analysis + uses: nasa/cFS/.github/workflows/static-analysis.yml@main \ No newline at end of file diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index d7405dcf6..31a3b0d93 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -1,9 +1,12 @@ name: Static Analysis -# Run this workflow every time a new commit pushed to your repository and for pull requests on: - push: - pull_request: + workflow_call: + inputs: + strict-dir-list: + description: 'Directory List' + type: string + default: '' jobs: #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. @@ -30,7 +33,7 @@ jobs: strategy: fail-fast: false matrix: - cppcheck: [bundle, cfe, osal, psp] + cppcheck: [non-strict, strict] steps: - name: Install cppcheck @@ -43,38 +46,25 @@ jobs: submodules: true - name: Run bundle cppcheck - if: ${{matrix.cppcheck =='bundle'}} - run: cppcheck --force --inline-suppr --quiet . 2> ${{matrix.cppcheck}}_cppcheck_err.txt - + run: cppcheck --force --inline-suppr . 2> ${{matrix.cppcheck}}_cppcheck_err.txt + # Run strict static analysis for embedded portions of cfe, osal, and psp - - name: cfe strict cppcheck - if: ${{matrix.cppcheck =='cfe'}} - run: | - cd ${{matrix.cppcheck}} - cppcheck --force --inline-suppr --std=c99 --language=c --enable=warning,performance,portability,style --suppress=variableScope --inconclusive ./modules/core_api/fsw ./modules/core_private/fsw ./modules/es/fsw ./modules/evs/fsw ./modules/fs/fsw ./modules/msg/fsw ./modules/resourceid/fsw ./modules/sb/fsw ./modules/sbr/fsw ./modules/tbl/fsw ./modules/time/fsw -UCFE_PLATFORM_TIME_CFG_CLIENT -DCFE_PLATFORM_TIME_CFG_SERVER 2> ../${{matrix.cppcheck}}_cppcheck_err.txt - - - name: osal strict cppcheck - if: ${{matrix.cppcheck =='osal'}} - run: | - cd ${{matrix.cppcheck}} - cppcheck --force --inline-suppr --std=c99 --language=c --enable=warning,performance,portability,style --suppress=variableScope --inconclusive ./src/bsp ./src/os 2> ../${{matrix.cppcheck}}_cppcheck_err.txt - - - name: psp strict cppcheck - if: ${{matrix.cppcheck =='psp'}} - run: | - cd ${{matrix.cppcheck}} - cppcheck --force --inline-suppr --std=c99 --language=c --enable=warning,performance,portability,style --suppress=variableScope --inconclusive ./fsw 2> ../${{matrix.cppcheck}}_cppcheck_err.txt + - name: Strict cppcheck + if: ${{ inputs.strict-dir-list !='' }} + run: cppcheck --force --inline-suppr --std=c99 --language=c --enable=warning,performance,portability,style --suppress=variableScope --inconclusive .${{ inputs.strict-dir-list }} 2> ../${{matrix.cppcheck}}_cppcheck_err.txt - name: Archive Static Analysis Artifacts + if: ${{ inputs.strict-dir-list !='' || matrix.cppcheck == 'non-strict' }} uses: actions/upload-artifact@v2 with: name: ${{matrix.cppcheck}}-cppcheck-err path: ./*cppcheck_err.txt - name: Check for errors + if: ${{ inputs.strict-dir-list !='' || matrix.cppcheck == 'non-strict' }} run: | if [[ -s ${{matrix.cppcheck}}_cppcheck_err.txt ]]; then cat ${{matrix.cppcheck}}_cppcheck_err.txt exit -1 - fi + fi \ No newline at end of file diff --git a/apps/ci_lab b/apps/ci_lab index 12b8cdd5c..c07548042 160000 --- a/apps/ci_lab +++ b/apps/ci_lab @@ -1 +1 @@ -Subproject commit 12b8cdd5cc8945fe4dfd4423e57f48114f1948d8 +Subproject commit c07548042b07fe4491903ed210dde8958dd2bd94 diff --git a/apps/sample_app b/apps/sample_app index d009197df..545a276e6 160000 --- a/apps/sample_app +++ b/apps/sample_app @@ -1 +1 @@ -Subproject commit d009197df721af1f430d173584fa64a507a94a13 +Subproject commit 545a276e61c1b289b4bc3c6545f8514c877a6afa diff --git a/apps/sch_lab b/apps/sch_lab index 81240416f..5605524da 160000 --- a/apps/sch_lab +++ b/apps/sch_lab @@ -1 +1 @@ -Subproject commit 81240416fcc9a6601fa361602088b9f0fe1497ce +Subproject commit 5605524da401d24f53b335e8f157b250361aba2e diff --git a/apps/to_lab b/apps/to_lab index 0c6d81630..d408646f5 160000 --- a/apps/to_lab +++ b/apps/to_lab @@ -1 +1 @@ -Subproject commit 0c6d816301ca943b2257c47c9af8695c2b47fa9f +Subproject commit d408646f591bff1366c77cd71a4fe387cc88662c diff --git a/cfe b/cfe index b66661cc6..5a1d138b1 160000 --- a/cfe +++ b/cfe @@ -1 +1 @@ -Subproject commit b66661cc6e8f695d5ca9fa56217f58a291d5884d +Subproject commit 5a1d138b19a9c74b8a8f4d7f82884d5c7abd65f6 diff --git a/libs/sample_lib b/libs/sample_lib index b500b024b..6cb42c456 160000 --- a/libs/sample_lib +++ b/libs/sample_lib @@ -1 +1 @@ -Subproject commit b500b024b951516e618dcb115f0b8b572df1ed45 +Subproject commit 6cb42c4562c8005ce39ad0890d5ecf42ae33fa8c diff --git a/osal b/osal index 42af0f73c..30635f856 160000 --- a/osal +++ b/osal @@ -1 +1 @@ -Subproject commit 42af0f73c952b4e4c7fbc06c97d354a1430f4ac3 +Subproject commit 30635f856d28177ed2fcea0b3dd1512e7f8cdf9d diff --git a/psp b/psp index 1bd7bd950..f35784605 160000 --- a/psp +++ b/psp @@ -1 +1 @@ -Subproject commit 1bd7bd9508dbe7e0084fc8ad600479c5831d7660 +Subproject commit f357846050b40d527a689c0164290aaa973ed83a diff --git a/tools/cFS-GroundSystem b/tools/cFS-GroundSystem index 2af2a8dbf..79e1368c8 160000 --- a/tools/cFS-GroundSystem +++ b/tools/cFS-GroundSystem @@ -1 +1 @@ -Subproject commit 2af2a8dbfc05c03790f686cdcfcc1289e0ee9f3a +Subproject commit 79e1368c8178458bae7ebedc0a43eaca0b7bc8b4 diff --git a/tools/elf2cfetbl b/tools/elf2cfetbl index 10f55fb36..8afde1d2e 160000 --- a/tools/elf2cfetbl +++ b/tools/elf2cfetbl @@ -1 +1 @@ -Subproject commit 10f55fb3663efce8724affbcbbeac52a028ea781 +Subproject commit 8afde1d2ed6a3de115be4901eaa197a0fa6b7f36 diff --git a/tools/tblCRCTool b/tools/tblCRCTool index f96d481d1..5af24a881 160000 --- a/tools/tblCRCTool +++ b/tools/tblCRCTool @@ -1 +1 @@ -Subproject commit f96d481d149631d67a8c3927db7cb65c7366da5b +Subproject commit 5af24a881e9216fe35d4e5621fae813742df1a16