From d686e62f998e347d7e6cc9d92369f0c5d9662d11 Mon Sep 17 00:00:00 2001 From: "Gerardo E. Cruz-Ortiz" <59618057+astrogeco@users.noreply.github.com> Date: Mon, 6 Dec 2021 11:43:16 -0500 Subject: [PATCH] Fix #381, Reuse CodeQL, Static Analysis, Format Check Co-authored-by: Ariel Adams --- .github/workflows/README.md | 10 ++ .../Reusable-Workflows-Architecture.PNG | Bin 0 -> 11897 bytes .github/workflows/codeql-build-reuse.yml | 10 ++ .github/workflows/codeql-build.yml | 100 +++++++++--------- .github/workflows/format-check.yml | 67 ++++++++++++ .github/workflows/static-analysis-reuse.yml | 10 ++ .github/workflows/static-analysis.yml | 40 +++---- 7 files changed, 161 insertions(+), 76 deletions(-) create mode 100644 .github/workflows/Reusable-Workflows-Architecture.PNG create mode 100644 .github/workflows/codeql-build-reuse.yml create mode 100644 .github/workflows/format-check.yml create mode 100644 .github/workflows/static-analysis-reuse.yml diff --git a/.github/workflows/README.md b/.github/workflows/README.md index 6c256c0ef..86328d99a 100644 --- a/.github/workflows/README.md +++ b/.github/workflows/README.md @@ -1,5 +1,15 @@ # Our Workflows +## Reusable Workflows + +To reduce duplication, the workflows CodeQL Analysis, Static Analysis, and Format Checker are placed in cFS to be reused in the subrepositories. + +CodeQL Analysis and Static Analysis require inputs, therefore, they are called in an additional workflow in cFS to be utilized. Format checker does not need to be reused in cFS because it does not require inputs. + +Provided is a diagram of the architecture of the reusable workflows. + +![Reusable Workflows Architecture](Reusable-Workflows-Architecture.PNG) + ## Deprecated Build, Test, and Run [![Deprecated Build, Test, and Run](https://github.com/nasa/cfs/actions/workflows/build-cfs-deprecated.yml/badge.svg)](https://github.com/nasa/cfs/actions/workflows/build-cfs-deprecated.yml) diff --git a/.github/workflows/Reusable-Workflows-Architecture.PNG b/.github/workflows/Reusable-Workflows-Architecture.PNG new file mode 100644 index 0000000000000000000000000000000000000000..d3d5e12cddde329f8f02a0c3bfc3f539c8c7e5ff GIT binary patch literal 11897 zcmeHtcUY6z)-RTUu`rAxf)GGw96%5-q9D-_0TmsjiS!aR0zrD0mNL##_a6Iz<9V| zBMN%yq=NR|%_Ap~raL$8i;s7d>^QS?h?cJ~htzx!qnz|IX2Ljm~H zu*Pfv1{?q18=P9A5QIPRXM0MwltU$~)k)wR8XCl>8&~`Jl%o8zsUDL7VR0 z3_hQ=RpLWJ@bBvfX9Oa$s!I2`=+kxf5~Z|87mu!9 zj7(Xk!(sf3Y;ImRttz2`63U5~YsLk{DsB3W{la<1npAq{miAO~*Kz$RjxPR+dp(kI zZ?1+*VQ}EWwT_ispP7-=*q#DcNWkTk!e=Dl$<$Et#>BehkmiQr>B=d(Fa>+eOV?t(I-QhY z&zW}dI{LeGN31b+igvs0 z_PUKWU1kjB7#i`Ge{5qh;z`w{vRrx*I$EEAWr>*09wK@jO7y;XI2r5w08Ro&bUd0% z)5fu(leu^5J>=cM1P&_&PSqu<3MQ`BU*gux6_Tes9JHOEV5uS3%>r5ne%CnC)X=_h zG&Q^% z_w>BFA7B^*IA8HS_gmJdZPL}_2YuWOQ5~Uu!}OyrgHudwGq+@AP>T`V;>Q`BYnOgr zJ7#sFmwJXw)Fv*X!w#d}BG{4r!t9zHKA%Q^5qu(G=Kb81)B z&+S($bqV!w42u}UYw?UAXd6eA@3(zmV?Y8cPD$zt<;Monte*F(ADvEqU%xnC6pb zmjg`bM*@Qe75unQ=%uuwJZO}l?S#k)F4t|$xc(_8ZWwF1Nd7Ko=&5z=gyS4!^ zl~Mbk9y`m(<8HW^>Bd$ru^hTGiJ0<}k8+L76v+=peHRPu!H0cpVKIn=a5fSztTL6k zDrE&tfeLvdJZpEHKYjD|b-mFwh!5&h5byE%R1IR85eaA@Pcpzeu4pnV`exlJD({EyUW=w;K1P%-nLp6)ygBR}#|Mv9s8M!Mk#pF?T zk;z0&^6!K!4y7QhG3RV;4!l>e)oFWEIA1D@Yi$P)o%##KcLq6yC;a;c*m{wmPx+uC z{}jX#Oz`#sAc7zMHNWu0<45Mk_4ohET>&`HC3k6!Q_&bM~p*+Q^l zzR4!}8!vj7UY`n(Vhp7jGcsfkmE9}3*&YuN+kNQ;@afk#xywth!Eq34OrM6N_9dPP zLm}K6Gk-u;F9vNbb;kY3&zn+Vfg2RMVeT2zegz<^tq$?Y4P#}b7BU4E2ric>;=-&C z_fbs@>pPTnL3(A|00%(yZY=2$|FW|lka#e0J5A}stv>lAM4?nWu%;}aDF=+BYKjE0+wBEGE2wH~;boqk2e z{64;_mtuZ);O)+4P)O$kwPm;EURO^_9lgL-WO=R3~; zRQN&uG%dFaza}dF7~Y?dt6mr5*o|6oW%B}ZNkvo!E2=vvkMpwDtagfaJVm_@e=U5D zpxY2LIvtA_^Sy2|v%X_AjJNO^{ah4pmS{DJgNZm(H8de1Q`J1~@MC(L46(ga)|^7B zrk0v+@uQ_}&vF6MFaxVdKIHx9kYpv&5;BFp)#SLFa^Kq!dZkZ|d6nw}ZPy@#{(8dl zNo&#$@&Xmu@#N#OabpN^a_%*`svGXo=cm1bb7~4_3@y$q`^YmEPjgqPQ*qRb9S!iQ z{DYZ-k?@7QoL>@yUE%sx3$-KaqM(JB!|Mm98<5JO;HRCKUXaT(V8+dSdcn`$ABQp` zugo|b4jRp~&%vBkMo{{CIf%#)qmZ1b3~$fFaDBP|$>;D3Vf}h0B}wTzqS$LfHXRQ8 z^2^+7b8NReclvBVroT_-V50|JWlk|;)#%6)JgBR1&Y_g^4et4)AiU-C0ube~m1xZs z4+G^6DY;^i;+&3C*s02uxjn=)FW(jh$FzO3RARA>G4ykRQtC_##U|vr3he{M+|XbC ztG!lX1lPN7K9t3F$9O9-Y8Ty)1+=0pRtE!;IrRsu67$3}?_wHrrwnM8tCiWft4`rP zrc_?q0q2si1yO?(|Bcl`XAfkC-5wp#L&rK8TVMQs6q`==>J`ADcLtlW{m?rE%Rai0 zxYkn~CJK+zT@bzSV*+Z9K_+-JI4r)bh1Iv(2^rS12eV>{m6+Af8jMyuXqqjBS>$)@5o z5ig?vlzhgpYHwY?U6SMj8?Wo3H@uaUeJNuxwkRrW`iR7gLtTixZa2)(=G z`~n?o1?2jIkAVTv^4k3nzaoA?T&$!0SalVL>6o*pKYEqolauBa`cBZIanP~;V6!K8 z8NbEFYoN}u&##h`_a-(cD$$>x97cBSXjmh0xjqe3{eHO0g=P-q+IsR|rJfbKD*P=; zABh-SnkZyMjmn^xYh&Q9b-|}apzH;OCJ68&|8_znJW!nM>TN*mr9>Bgq#x%Efu%=?Vwp+kp9W6*uE%33_E zPFOD@ls}C7Zq?nK6XujcwIr6fOu5sNU8W9?HL|jl(x<3hjSDJfVRLRLw;@AeTF;0jkN3(s&g8|Pu25}V*Tw~_=h9T@ z-9yOU12RZa$T;i1_Ha|BQnVL3^o#p3!?QEKD@u7PWSnrCDbka;m*$;Q-zQvdGtyK% zG8(&i>C`L)4aq259iViCLA;AC#coYtO}t=*2SZZO?<^6Qd~A{ z2fyz#7CtdMHk@|(YVo-8)qEHAExP4(J z?Z|<;*LuX_(bG6>|3)@^o+zqEjjFp%2TfTm#F4AJ)hb6r&1pPizw%fwqtB+adc3og#%kQ|hz>Mg?&^wV+T9M@?T9lKtLQkF zPW44oV&>7p>LQ_L9bsUHvOE|S=<6KJaHM_Dv3UP^>?&|p3`{#evylo!wjTd7%3BV5 zBtoE8`y07z)R7w&EzyTyF2#Oh!z_9*k$R znwICZlBEdaj(c9J^7$?I(dWH$n&(SnPRxXJrQY({UTfO$>Fdv&3Q(S6qtK3cm_TjuTfTqS|+)(lcle zdMzEyLcbt)%2e9cp+00Hgy4q+ck-y8@~Dgv3Qdbj*A=fY=F}bFvMrXj>NJ3~|$o6a(Rt#_A1ALNz8EpIk zbgy0+n1aK)w>&kF>^gJB)qcXVu3yI-TY^7R7 z5Ap>|cA{5>Q-f9$q9_I@Zc(w0T<}xy)pl%9f-x>)DI0E`HMOM;`_A znPzel9Of11p!jI8hA4WEy~Hj6#6dKIeDbqrz@7!5W*Q1~T!=)$y&kak{3_DN`4i?_ ztbFoQ@sk16(}U+KCC+gx>dxSW@a^qdefp{1!x(0airRKCNB!1s;*OAWf;D4T1mJ1Y!!%jB1v^* zX7+A3UT`(|^&r+c>=lzztl6^g>ODH_(oFJf{alM)URf9w>W&8Gvmz|3`u7})jY)!i znby4)R)U-vu^Wz+q2;9i!cgiKlKAsI$y4Z{mKfozfF(CJID8P7R2T={g;qKZPwu{! znyw{+&oBv$wk~+d#saJf#0i`1O5G-AUJN~B;q`G>gr{3y{!_Grm@*`yOvy{g zC0?cuDw7!vB=GKL5EG|vV7WknNQPQ`%<5v+8g2{t6~_EPJHt<82gL>)J?HboAjgrI zsb;GjJv7os<)TIX*8TWIwoQ+)vVSmmlr8I0T~j)u3lJuQm{tV$a*3rjGx2y`x!js zGl4jt=ysr&9y)1(8`EdhMmjH|2AE=!6P3vf?p$?$wX}`ik-OCA^e#$hFI;;ZW8xCK3@CgF|j-?m4lAG{T$=s zSBj_*s$%b+I_4P$a6Vo zFK`NCrKnqxJ24=v(*D`4T=WR0)6=s^8Zm5Y`t?13&|C_9_B} zWv`{#*#T?JmOZ-Vg`mf3e=G4W+F;Jf{v(szap7nR!ld2&836Dk{DYN0>dC*Z8-G!n zk?~;ZktP6t|M1UM<~cb4{@C$H-JrbB&eTxtYRl7m00#88+VlSyyT}^#qLo<}+2QuC z=W)zmxz!c3;N85a4sIWS8R!Y0YOcQAdEqG71|xmf4FiVqa;GJX`9X>A`UbarBN3B= z*p$)WR|qPNLmd1LxG30Vjgh|esXih2$#xa6h7)d|6)sH%#f!DA|%fbI;*{7PW{p@&0H z7q>9hK%B+C+tV4r1q#H{*mpwy9X#x5_Jrdp7bLnE)N|MZKy0Id;(VIcHec$uMRsZK zJ%O;3H~wJZUDCdkt99#ENvgK+Ke-4oCZ`2rK{D*>Q@l7T=};CcHFv`9Ig20}rwFM#y5ZrUu-tU>(a8xk1U zxA4Emf5_uEnStwHLrB#dQV`8eqSgY?ruA!wK|tq#B`_qHzE-nMw}Q9l1E9X6*;mPC zEBzYwqG3~s*32i$`H}Q0(U%c>Uak%1@}94XjLnL1vzfb47r=ule18S(uUfnxw+W!> zeWCy`1`@d98dKsI{~%b)g@%z|g14`0)f#hIj-lZ9+HvH&-&fh7Y!ASqu_!e6`;n+-!di+-xY3s$>7JdtiR?pzEl_gzlz;MIh?uVOLyiP1_{N3G?y?F2NTr~sJgm7)FZnw1DmEv2B}4^n`6RT}M+x{gZKkbkkDQb#K)kM{b&bo}!&CDg4;Q*)|9qlD!{K z8s7e?;9TOC?S8ND*Bp?p6LD) z3fdAwwNmKe0MM>~YdsYFho0u;anR!PY(ey$sL1)bzK`K?H3)HR8w0#DgX_U9$0lzD zLe+21W)in&#$JOsZ(_L6(=Ft9!Wynx)?b|`o!FM9O$~`ROILB9zH2(I@ZUD8w=D29N8$S zSg65Z0Xgp9<(PM$G+w4h)O^yk`WjwBEOX>@bepcA@Rfyp0;CliAbjW0-J?6)8|4?> zwajQGA{z(!9_$JA2sX5IkdJk8U(BUeQs$TWgEhkTiekKR^^k`C+G4D0~m6;@X(@5wvp7%K?OdQy6Bh zjtgRvJ)CeX&;n{YHho*A7;j*i27fn336GKxll+ zblK+F^EJ&-CB_ipplOg-z!-1YV~_Ks3U+#DLJ+B1ys52hI#?#BFkKf!>LxY1TKv$4dnGFdAC5fb&u8vgYB68w=*dh!EMNP;xcfyV!!T z$Gf&(bX?sIGdw{L6nCS}SX?b=JLq}wXST> zcaVab8|WwWlYU}UzvHc$c*5S0s^NEqy>eMcT@YuLA88Ul;rGm~c5RV9j53jRLLR!G z*=U}&de7TXGZlb^3m-uumL3UA7sGz*6bjiQ=i-(ZGr+nZ{S&{BE;Gp(a>EJUOWj%F zEOja+GdO0cbf{VQRVHq11UKFz{oLWI3^a0qIlwljRLxS=!hyJ~mvhD0pw%7eY9ra2 z2lUr8r3M?S0F4v9vRQP|Jd39Pa~0@5`eZ{}$_IH)!0{YpwDd_pRQ9VrP&q3%)c4NV zFh_4o@8E(FwB4!IvypT>Ihp&*Xhz}3H1-}$@OdX3!SHhFG5;rD9)AecdtVz z`8`VPM$WWSDSWa4lruko zz_fgi|L|JQ1=iHkMyOhQq$PjVoKl%Z(tcj!@wh`3z;y6afmEQui~m7tUN_e@e4^N4 zD&6;luw4|>i28PIm}PL4xiIn|{Y!R0^G`1L%VFUx>HE>iIZ4(Ss@9~VqN2G;5Y-%s zu2oScqt<>UUb8VAL^M%}>cgliB2$c|&H!4Kip$u1Z< zx1H7e1gV=$lXq-1+z1ztSw9T4i_!E^`o0A1W~RIgFD;c^O`d_nGT|l@Mm-nNPfD>f zj2-Fdx8E@o`oR@Ljv%%66(eQghzERC zZ~gAhJw}}H5n^$co`T>I1BsR}MORf#B82?Bmbiewx2P<$J$Ezfy4&jsU8Rc{InJgV z&9|N4iz3#^a&XL8))UA(9FL78b9Z#o8$yUVT(3kO zH~~UyZ%xa!&AU*&%zimM)?7acT*>AEY62^39#V8^KcG_}?23|1l64dRO3d_hG-Pv6 zX9g!41Fc>^9Lacxsp=RgJ*6RXqV;a>cj0um2||vu?ga4OO64R$S!{ZnpPM8U9?5k9 zZs5Ly;tZ%^)4$BU>KGfYc2Jpj!CJjL78qDvVA4bbTlLeq6p!@RF4#m#1IG}~f)`XwUiYI|pxyM$lF*ZQIYT>uio=;tX&kn3h z&xGOlo0+8`fL7H+jo&jo=qW@o_| literal 0 HcmV?d00001 diff --git a/.github/workflows/codeql-build-reuse.yml b/.github/workflows/codeql-build-reuse.yml new file mode 100644 index 000000000..ee5a9a66e --- /dev/null +++ b/.github/workflows/codeql-build-reuse.yml @@ -0,0 +1,10 @@ +name: Reuse CodeQl Analysis + +on: + push: + pull_request: + +jobs: + codeql: + name: CodeQL Analysis + uses: nasa/cFS/.github/workflows/codeql-build.yml@main \ No newline at end of file diff --git a/.github/workflows/codeql-build.yml b/.github/workflows/codeql-build.yml index 2241b2d17..773b7ca2b 100644 --- a/.github/workflows/codeql-build.yml +++ b/.github/workflows/codeql-build.yml @@ -1,20 +1,31 @@ name: "CodeQL Analysis" -# Only trigger, when the build workflow succeeded on: - workflow_run: - workflows: ["Build, Test, and Run \\[OMIT_DEPRECATED = true\\]"] - types: - - completed - branches: - - '**' + workflow_call: + inputs: + setup: + description: 'Build Prep' + type: string + default: 'cp ./cfe/cmake/Makefile.sample Makefile && cp -r ./cfe/cmake/sample_defs sample_defs' + make-prep: + description: 'Make Prep' + type: string + default: '' + make: + description: 'Make Copy' + type: string + default: 'make' + tests: + description: 'Tests' + type: string + default: '' + env: SIMULATION: native ENABLE_UNIT_TESTS: true OMIT_DEPRECATED: true BUILDTYPE: release - jobs: #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. check-for-duplicates: @@ -22,7 +33,6 @@ jobs: # Map a step output to a job output outputs: should_skip: ${{ steps.skip_check.outputs.should_skip }} - if: ${{ github.event.workflow_run.conclusion == 'success' }} steps: - id: skip_check uses: fkirc/skip-duplicate-actions@master @@ -30,8 +40,7 @@ jobs: concurrent_skipping: 'same_content' skip_after_successful_duplicate: 'true' do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' - - + CodeQL-Security-Build: #Continue if check-for-duplicates found no duplicates. Always runs for pull-requests. needs: check-for-duplicates @@ -42,42 +51,37 @@ jobs: steps: # Checks out a copy of your repository - name: Checkout code - if: ${{ !steps.skip-workflow.outputs.skip }} uses: actions/checkout@v2 with: repository: nasa/cFS submodules: true - name: Check versions - if: ${{ !steps.skip-workflow.outputs.skip }} run: | git log -1 --pretty=oneline git submodule - + - name: Initialize CodeQL - if: ${{ !steps.skip-workflow.outputs.skip }} uses: github/codeql-action/init@v1 with: languages: c - config-file: ./.github/codeql/codeql-security.yml - - # Setup the build system + config-file: nasa/cFS/.github/codeql/codeql-security.yml@main + - name: Copy sample_defs - if: ${{ !steps.skip-workflow.outputs.skip }} - run: | - cp ./cfe/cmake/Makefile.sample Makefile - cp -r ./cfe/cmake/sample_defs sample_defs + run: ${{ inputs.setup }} - # Setup the build system + - name: Make prep + run: ${{ inputs.make-prep }} + - name: Make Install - if: ${{ !steps.skip-workflow.outputs.skip }} - run: make + run: ${{ inputs.make }} + + - name: Run tests + run: ${{ inputs.tests }} - # Run CodeQL - name: Perform CodeQL Analysis - if: ${{ !steps.skip-workflow.outputs.skip }} uses: github/codeql-action/analyze@v1 - + CodeQL-Coding-Standard-Build: #Continue if check-for-duplicates found no duplicates. Always runs for pull-requests. needs: check-for-duplicates @@ -88,45 +92,39 @@ jobs: steps: # Checks out a copy of your repository - name: Checkout code - if: ${{ !steps.skip-workflow.outputs.skip }} uses: actions/checkout@v2 with: repository: nasa/cFS submodules: true - name: Check versions - if: ${{ !steps.skip-workflow.outputs.skip }} run: | git log -1 --pretty=oneline git submodule + - name: Checkout codeql code + uses: actions/checkout@v2 + with: + repository: github/codeql + submodules: true + path: codeql - name: Initialize CodeQL - if: ${{ !steps.skip-workflow.outputs.skip }} uses: github/codeql-action/init@v1 with: languages: c - config-file: ./.github/codeql/codeql-coding-standard.yml + config-file: nasa/cFS/.github/codeql/codeql-coding-standard.yml@main - # Setup the build system - name: Copy sample_defs - if: ${{ !steps.skip-workflow.outputs.skip }} - run: | - cp ./cfe/cmake/Makefile.sample Makefile - cp -r ./cfe/cmake/sample_defs sample_defs - - # Setup the build system + run: ${{ inputs.setup }} + + - name: Make prep + run: ${{ inputs.make-prep }} + - name: Make Install - if: ${{ !steps.skip-workflow.outputs.skip }} - run: make + run: ${{ inputs.make }} + + - name: Run tests + run: ${{ inputs.tests }} - # Run CodeQL - name: Perform CodeQL Analysis - if: ${{ !steps.skip-workflow.outputs.skip }} - uses: github/codeql-action/analyze@v1 - - on-failure: - runs-on: ubuntu-latest - if: ${{ github.event.workflow_run.conclusion == 'failure' }} - steps: - - name: Fail workflow - run: exit 1 + uses: github/codeql-action/analyze@v1 \ No newline at end of file diff --git a/.github/workflows/format-check.yml b/.github/workflows/format-check.yml new file mode 100644 index 000000000..cb003b6e7 --- /dev/null +++ b/.github/workflows/format-check.yml @@ -0,0 +1,67 @@ +name: Format Check + +# Run on all push and pull requests +on: + push: + pull_request: + workflow_call: + +jobs: + #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. + check-for-duplicates: + runs-on: ubuntu-latest + # Map a step output to a job output + outputs: + should_skip: ${{ steps.skip_check.outputs.should_skip }} + steps: + - id: skip_check + uses: fkirc/skip-duplicate-actions@master + with: + concurrent_skipping: 'same_content' + skip_after_successful_duplicate: 'true' + do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' + + format-checker: + name: Run format check + #Continue if check-for-duplicates found no duplicates. Always runs for pull-requests. + needs: check-for-duplicates + if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} + runs-on: ubuntu-18.04 + timeout-minutes: 15 + + steps: + - name: Install format checker + run: | + wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add - + sudo add-apt-repository 'deb http://apt.llvm.org/bionic/ llvm-toolchain-bionic-10 main' + sudo apt-get update && sudo apt-get install clang-format-10 + + - name: Checkout bundle + uses: actions/checkout@v2 + with: + repository: nasa/cFS + + - name: Checkout + uses: actions/checkout@v2 + with: + path: repo + + - name: Generate format differences + run: | + cd repo + find . -name "*.[ch]" -exec clang-format-10 -i -style=file {} + + git diff > $GITHUB_WORKSPACE/style_differences.txt + + - name: Archive Static Analysis Artifacts + uses: actions/upload-artifact@v2 + with: + name: style_differences + path: style_differences.txt + + - name: Error on differences + run: | + if [[ -s style_differences.txt ]]; + then + cat style_differences.txt + exit -1 + fi diff --git a/.github/workflows/static-analysis-reuse.yml b/.github/workflows/static-analysis-reuse.yml new file mode 100644 index 000000000..44688b621 --- /dev/null +++ b/.github/workflows/static-analysis-reuse.yml @@ -0,0 +1,10 @@ +name: Reuse Static Analysis + +on: + push: + pull_request: + +jobs: + static-analysis: + name: Static Analysis + uses: nasa/cFS/.github/workflows/static-analysis.yml@main \ No newline at end of file diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml index d7405dcf6..31a3b0d93 100644 --- a/.github/workflows/static-analysis.yml +++ b/.github/workflows/static-analysis.yml @@ -1,9 +1,12 @@ name: Static Analysis -# Run this workflow every time a new commit pushed to your repository and for pull requests on: - push: - pull_request: + workflow_call: + inputs: + strict-dir-list: + description: 'Directory List' + type: string + default: '' jobs: #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. @@ -30,7 +33,7 @@ jobs: strategy: fail-fast: false matrix: - cppcheck: [bundle, cfe, osal, psp] + cppcheck: [non-strict, strict] steps: - name: Install cppcheck @@ -43,38 +46,25 @@ jobs: submodules: true - name: Run bundle cppcheck - if: ${{matrix.cppcheck =='bundle'}} - run: cppcheck --force --inline-suppr --quiet . 2> ${{matrix.cppcheck}}_cppcheck_err.txt - + run: cppcheck --force --inline-suppr . 2> ${{matrix.cppcheck}}_cppcheck_err.txt + # Run strict static analysis for embedded portions of cfe, osal, and psp - - name: cfe strict cppcheck - if: ${{matrix.cppcheck =='cfe'}} - run: | - cd ${{matrix.cppcheck}} - cppcheck --force --inline-suppr --std=c99 --language=c --enable=warning,performance,portability,style --suppress=variableScope --inconclusive ./modules/core_api/fsw ./modules/core_private/fsw ./modules/es/fsw ./modules/evs/fsw ./modules/fs/fsw ./modules/msg/fsw ./modules/resourceid/fsw ./modules/sb/fsw ./modules/sbr/fsw ./modules/tbl/fsw ./modules/time/fsw -UCFE_PLATFORM_TIME_CFG_CLIENT -DCFE_PLATFORM_TIME_CFG_SERVER 2> ../${{matrix.cppcheck}}_cppcheck_err.txt - - - name: osal strict cppcheck - if: ${{matrix.cppcheck =='osal'}} - run: | - cd ${{matrix.cppcheck}} - cppcheck --force --inline-suppr --std=c99 --language=c --enable=warning,performance,portability,style --suppress=variableScope --inconclusive ./src/bsp ./src/os 2> ../${{matrix.cppcheck}}_cppcheck_err.txt - - - name: psp strict cppcheck - if: ${{matrix.cppcheck =='psp'}} - run: | - cd ${{matrix.cppcheck}} - cppcheck --force --inline-suppr --std=c99 --language=c --enable=warning,performance,portability,style --suppress=variableScope --inconclusive ./fsw 2> ../${{matrix.cppcheck}}_cppcheck_err.txt + - name: Strict cppcheck + if: ${{ inputs.strict-dir-list !='' }} + run: cppcheck --force --inline-suppr --std=c99 --language=c --enable=warning,performance,portability,style --suppress=variableScope --inconclusive .${{ inputs.strict-dir-list }} 2> ../${{matrix.cppcheck}}_cppcheck_err.txt - name: Archive Static Analysis Artifacts + if: ${{ inputs.strict-dir-list !='' || matrix.cppcheck == 'non-strict' }} uses: actions/upload-artifact@v2 with: name: ${{matrix.cppcheck}}-cppcheck-err path: ./*cppcheck_err.txt - name: Check for errors + if: ${{ inputs.strict-dir-list !='' || matrix.cppcheck == 'non-strict' }} run: | if [[ -s ${{matrix.cppcheck}}_cppcheck_err.txt ]]; then cat ${{matrix.cppcheck}}_cppcheck_err.txt exit -1 - fi + fi \ No newline at end of file