Switch to Github Actions Code Scanner (#1739)

* Added CodeQL security scan * typo fix * Fix codeql error alert
nasa · Oct 27, 2022 · 22759cc · 22759cc
1 parent 8855f31
commit 22759cc
Show file tree

Hide file tree

Showing 4 changed files with 71 additions and 4 deletions.
diff --git a/.github/actions/codeql/security-pack.yml b/.github/actions/codeql/security-pack.yml
@@ -0,0 +1,19 @@
+name: "CodeQL security and quality"
+
+queries: 
+  - uses: security-and-quality
+
+query-filters:
+  - include: 
+      id: cpp/incorrect-not-operator-usage
+  - include: 
+      tags contain: correctness
+  - include: 
+      tags contain: reliability
+
+paths-ignore:
+  - docs/
+  - cmake/docs/
+  - cmake/test/
+  - Autocoders/Python/src/fprime_ac/utils/DiffAndRename.py
+  - Autocoders/Python/src/fprime_ac/utils/pyparsing.py
diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt
@@ -193,6 +193,7 @@ cntx
 cobj
 CODEFILE
 codegen
+codeql
 colno
 COLORSTYLE
 colorwheel

diff --git a/.github/workflows/codeql-security-scan.yml b/.github/workflows/codeql-security-scan.yml
@@ -0,0 +1,50 @@
+# Semantic code analysis with CodeQL 
+# see https://github.com/github/codeql-action
+
+name: "CodeQL Security Scan"
+
+on:
+  push:
+    branches: [ master, devel ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master, devel ]
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'cpp', 'python' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+        config-file: ./.github/actions/codeql/security-pack.yml
+
+    - if: ${{ matrix.language == 'cpp' }}
+      name: Build
+      run: |
+          python3 -m venv ./fprime-venv
+          . ./fprime-venv/bin/activate
+          pip install -U setuptools setuptools_scm wheel pip
+          pip install -r ./requirements.txt
+          fprime-util generate
+          fprime-util build --all
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
+      with:
+        category: "/language:${{matrix.language}}"
diff --git a/Autocoders/Python/src/fprime_ac/generators/formatters.py b/Autocoders/Python/src/fprime_ac/generators/formatters.py
@@ -1310,10 +1310,7 @@ def subThreadModuleFirstCap(self, mod_id):
         and no '_' in string form.
         """
         mod_id_list = mod_id.strip("_").split("_")
-        if len(mod_id_list) == 1:
-            mod_id_cap = mod_id[0].upper() + mod_id[1:]
-        elif len(mod_id_list) == 2:
-            mod_id_cap = [x[0].upper() + x[1:] for x in mod_id_list]
+        mod_id_cap = [x[0].upper() + x[1:] for x in mod_id_list]
         # size of mod_id list error in subThreadDir method.
         mod_id_cap_str = "".join(mod_id_cap)
         return mod_id_cap_str
-Original file line number
+Diff line change
@@ Expand Up / @@ -193,6 +193,7 @@ cntx @@
     cobj
     CODEFILE
     codegen
+    codeql
     colno
     COLORSTYLE
     colorwheel
@@ Expand Down @@