Skip to content

Commit

Permalink
Fix nasa#412, Git error in CodeQL Analyze Action
Browse files Browse the repository at this point in the history
- Replace Checkout Action for bundle with git clone
- Use symlink to map calling repo workspace to expected cFS Bundle
directory location
- Replace bundle checkout action with git clone
- Adds component-path input parameter
- Adds "code snippets" to CodeQL Analyze action
  • Loading branch information
astrogeco committed Jan 24, 2022
1 parent 8053f8c commit 0546b97
Show file tree
Hide file tree
Showing 2 changed files with 83 additions and 50 deletions.
131 changes: 82 additions & 49 deletions .github/workflows/codeql-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,18 +7,26 @@ on:
description: 'Build Prep'
type: string
default: 'cp ./cfe/cmake/Makefile.sample Makefile && cp -r ./cfe/cmake/sample_defs sample_defs'
required: false
make-prep:
description: 'Make Prep'
type: string
default: ''
default: 'make prep'
required: false
make:
description: 'Make Copy'
description: 'Build Command'
type: string
default: 'make'
default: '' #Typically `make` or `make install`. Default is blank for workflows that don't need to build source
required: false
tests:
description: 'Tests'
description: 'Tests Command'
type: string
default: ''
default: '' #Typically `make test` requires environment variable `ENABLE_UNIT_TEST=true` at `make prep` stage
required: false
component-path:
description: 'Path to repo being tested in a cFS bundle setup'
type: string
required: true

env:
SIMULATION: native
Expand All @@ -40,91 +48,116 @@ jobs:
concurrent_skipping: 'same_content'
skip_after_successful_duplicate: 'true'
do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]'

CodeQL-Security-Build:
#Continue if check-for-duplicates found no duplicates. Always runs for pull-requests.
needs: check-for-duplicates
if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }}
runs-on: ubuntu-18.04
timeout-minutes: 15

permissions:
security-events: write

steps:
# Checks out a copy of your repository
- name: Checkout code
# Checks out a copy of calling repository
- name: Checkout Main Repo
uses: actions/checkout@v2
with:
repository: nasa/cFS
submodules: true

- name: Check versions
- name: Clone cFS bundle
run: |
git log -1 --pretty=oneline
git submodule
cd ..
git clone https://github.com/nasa/cFS.git --recurse-submodules
cd cFS
git log -1 --pretty=oneline
git submodule
rm -r .git
- name: Create symlink to current repo
run: |
cd ../cFS
rm -r ${{ inputs.component-path }}
ln -s ${{github.workspace}} ${{ inputs.component-path }}
# Setup the build system
- name: cFS Build Setup
run: ${{ inputs.setup }}
working-directory: ../cFS

- name: Prep Build
run: ${{ inputs.make-prep }}
working-directory: ../cFS

- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: c
config-file: nasa/cFS/.github/codeql/codeql-security.yml@main

- name: Copy sample_defs
run: ${{ inputs.setup }}

- name: Make prep
run: ${{ inputs.make-prep }}

- name: Make Install
- name: Build
run: ${{ inputs.make }}
working-directory: ../cFS

- name: Run tests
run: ${{ inputs.tests }}
# - name: Run tests
# run: ${{ inputs.tests }}

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1

with:
add-snippets: true

CodeQL-Coding-Standard-Build:
#Continue if check-for-duplicates found no duplicates. Always runs for pull-requests.
needs: check-for-duplicates
if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }}
runs-on: ubuntu-18.04
timeout-minutes: 15

permissions:
security-events: write
steps:
# Checks out a copy of your repository
- name: Checkout code
# Checks out a copy of calling repository
- name: Checkout Main Repo
uses: actions/checkout@v2
with:
repository: nasa/cFS
submodules: true

- name: Check versions
- name: Clone cFS bundle
run: |
git log -1 --pretty=oneline
git submodule
- name: Checkout codeql code
uses: actions/checkout@v2
with:
repository: github/codeql
submodules: true
path: codeql
cd ..
git clone https://github.com/nasa/cFS.git --recurse-submodules
cd cFS
git log -1 --pretty=oneline
git submodule
rm -r .git
- name: Create symlink to current repo
run: |
cd ../cFS
rm -r ${{ inputs.component-path }}
ln -s ${{github.workspace}} ${{ inputs.component-path }}
# Setup the build system
- name: cFS Build Setup
run: ${{ inputs.setup }}
working-directory: ../cFS

- name: Prep Build
run: ${{ inputs.make-prep }}
working-directory: ../cFS

- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: c
config-file: nasa/cFS/.github/codeql/codeql-coding-standard.yml@main

- name: Copy sample_defs
run: ${{ inputs.setup }}

- name: Make prep
run: ${{ inputs.make-prep }}

- name: Make Install
- name: Build
run: ${{ inputs.make }}
working-directory: ../cFS

- name: Run tests
run: ${{ inputs.tests }}
# - name: Run tests
# run: ${{ inputs.tests }}

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
uses: github/codeql-action/analyze@v1
with:
add-snippets: true

0 comments on commit 0546b97

Please sign in to comment.