diff --git a/.github/workflows/codeql-build.yml b/.github/workflows/codeql-build.yml index 0039cf8..fa0006e 100644 --- a/.github/workflows/codeql-build.yml +++ b/.github/workflows/codeql-build.yml @@ -2,9 +2,9 @@ name: "CodeQL Analysis" on: push: + pull_request: branches: - main - pull_request: env: SIMULATION: native @@ -13,8 +13,67 @@ env: BUILDTYPE: release jobs: + #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. + check-for-duplicates: + runs-on: ubuntu-latest + # Map a step output to a job output + outputs: + should_skip: ${{ steps.skip_check.outputs.should_skip }} + steps: + - id: skip_check + uses: fkirc/skip-duplicate-actions@master + with: + concurrent_skipping: 'same_content' + skip_after_successful_duplicate: 'true' + do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' + + CodeQL-Security-Build: + needs: check-for-duplicates + if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} + runs-on: ubuntu-18.04 + timeout-minutes: 15 + + steps: + # Checks out a copy of your repository on the ubuntu-latest machine + - name: Checkout bundle + uses: actions/checkout@v2 + with: + repository: nasa/cFS + submodules: true + + - name: Checkout submodule + uses: actions/checkout@v2 + with: + path: apps/sample_app + + - name: Check versions + run: git submodule + + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: c + config-file: nasa/cFS/.github/codeql/codeql-security.yml@main + + # Setup the build system + - name: Set up for build + run: | + cp ./cfe/cmake/Makefile.sample Makefile + cp -r ./cfe/cmake/sample_defs sample_defs + make prep + + # Build the code + - name: Build + run: | + make sample_app + make native/default_cpu1/apps/sample_app/unit-test/ + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 - CodeQL-Build: + CodeQL-Coding-Standard-Build: + needs: check-for-duplicates + if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} runs-on: ubuntu-18.04 timeout-minutes: 15 @@ -38,7 +97,7 @@ jobs: uses: github/codeql-action/init@v1 with: languages: c - queries: +security-extended, security-and-quality + config-file: nasa/cFS/.github/codeql/codeql-coding-standard.yml@main # Setup the build system - name: Set up for build @@ -55,3 +114,4 @@ jobs: - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v1 + \ No newline at end of file diff --git a/README.md b/README.md index cefb9f7..bb9a784 100644 --- a/README.md +++ b/README.md @@ -11,65 +11,70 @@ sample_app is an example for how to build and link an application in cFS. See al ## Version History -### Development Build: 1.2.0-rc1+dev62 +### Development Build: v1.2.0-rc1+dev66 + +- Implement Coding Standard in CodeQL workflow +- See and + +### Development Build: v1.2.0-rc1+dev62 - Removes app registration call, `CFE_ES_RegisterApp()` since applications do not need to register themselves. - Apply standard header guard on all header files by removing leading underscore. Convert file-scope block comments to doxygen format. - See -### Development Build: 1.2.0-rc1+dev56 +### Development Build: v1.2.0-rc1+dev56 - Replaces <> with " in local includes - Adds CONTRIBUTIING.md that links to the main cFS contributing guide. - Adds a description for the requirements of command and telemetry Message IDs to explain why the Msg IDs have those requirements in documentation. - See -### Development Build: 1.2.0-rc1+dev48 +### Development Build: v1.2.0-rc1+dev48 -- Fix #126, simplify build to use wrappers and interface libs -- Fix #128, Add Testing Tools to the Security Policy +- Simplify build to use wrappers and interface libs +- Add Testing Tools to the Security Policy - See -### Development Build: 1.2.0-rc1+dev37 +### Development Build: v1.2.0-rc1+dev37 - Documentation: Add `Security.md` with instructions on reporting vulnerabilities - Resolves bug where success code was reported as an error for `CFE_TBL_GetAddress`. - Rename `UT_ClearForceFail` as `UT_ClearDefaultValue` given change from - See -### Development Build: 1.2.0-rc1+dev29 +### Development Build: v1.2.0-rc1+dev29 - Aligns messages according to changes in cFE . Uses the "raw" message cmd/tlm types in definition - See -### Development Build: 1.2.0-rc1+dev25 +### Development Build: v1.2.0-rc1+dev25 - Rename `UT_SetForceFail` to `UT_SetDefaultReturnValue` since some functions that retain more than 1 value are not necessarily failing - See -### Development Build: 1.2.0-rc1+dev22 +### Development Build: v1.2.0-rc1+dev22 - Replaces deprecated SB API's with MSG - No impact, removes undesirable pattern use of `OS_PACK` - See -### Development Build: 1.2.0-rc1+dev18 +### Development Build: v1.2.0-rc1+dev18 - No behavior changes. All identifiers now use the prefix `SAMPLE_APP_`. Changes the name of the main function from SAMPLE_AppMain to SAMPLE_APP_Main which affects the CFE startup script. - Set REVISION to "99" to indicate development version status - See -### Development Build: 1.2.0-rc1+dev13 +### Development Build: v1.2.0-rc1+dev13 - Unit test MID string format now 32bit - Installs unit test to target directory - Checks only format string in UT event test - See -### Development Build: 1.2.0-rc1+dev5 +### Development Build: v1.2.0-rc1+dev5 - Applies standard coding style. - Removes test code call of CFE_SB_InitMsg and sets the API/stub buffers directly. diff --git a/fsw/src/sample_app_version.h b/fsw/src/sample_app_version.h index 61c5be0..dbd8226 100644 --- a/fsw/src/sample_app_version.h +++ b/fsw/src/sample_app_version.h @@ -31,7 +31,7 @@ /* Development Build Macro Definitions */ -#define SAMPLE_APP_BUILD_NUMBER 62 /*!< Development Build: Number of commits since baseline */ +#define SAMPLE_APP_BUILD_NUMBER 66 /*!< Development Build: Number of commits since baseline */ #define SAMPLE_APP_BUILD_BASELINE \ "v1.2.0-rc1" /*!< Development Build: git tag that is the base for the current development */