diff --git a/.github/workflows/codeql-build.yml b/.github/workflows/codeql-build.yml index 2c852e3..2b04bb5 100644 --- a/.github/workflows/codeql-build.yml +++ b/.github/workflows/codeql-build.yml @@ -2,19 +2,34 @@ name: "CodeQL Analysis" on: push: + pull_request: branches: - main - pull_request: env: SIMULATION: native ENABLE_UNIT_TESTS: true OMIT_DEPRECATED: true BUILDTYPE: release - + jobs: + #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. + check-for-duplicates: + runs-on: ubuntu-latest + # Map a step output to a job output + outputs: + should_skip: ${{ steps.skip_check.outputs.should_skip }} + steps: + - id: skip_check + uses: fkirc/skip-duplicate-actions@master + with: + concurrent_skipping: 'same_content' + skip_after_successful_duplicate: 'true' + do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' - CodeQL-Build: + CodeQL-Security-Build: + needs: check-for-duplicates + if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} runs-on: ubuntu-18.04 timeout-minutes: 15 @@ -38,7 +53,7 @@ jobs: uses: github/codeql-action/init@v1 with: languages: c - queries: +security-extended, security-and-quality + config-file: nasa/cFS/.github/codeql/codeql-security.yml@main # Setup the build system - name: Set up for build @@ -53,3 +68,45 @@ jobs: - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v1 + + CodeQL-Coding-Standard-Build: + needs: check-for-duplicates + if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} + runs-on: ubuntu-18.04 + timeout-minutes: 15 + + steps: + # Checks out a copy of your repository on the ubuntu-latest machine + - name: Checkout bundle + uses: actions/checkout@v2 + with: + repository: nasa/cFS + submodules: true + + - name: Checkout submodule + uses: actions/checkout@v2 + with: + path: tools/elf2cfetbl + + - name: Check versions + run: git submodule + + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: c + config-file: nasa/cFS/.github/codeql/codeql-coding-standard.yml@main + + # Setup the build system + - name: Set up for build + run: | + cp ./cfe/cmake/Makefile.sample Makefile + cp -r ./cfe/cmake/sample_defs sample_defs + make prep + + # Build the code + - name: Build + run: make tools/elf2cfetbl/ + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 \ No newline at end of file diff --git a/README.md b/README.md index 87a14ff..7472ae6 100644 --- a/README.md +++ b/README.md @@ -11,15 +11,23 @@ See README.txt for more information. ## Version History +### Development Build: v3.2.0-rc1+dev30 + +- Implement Coding Standard in CodeQL workflow +- See and + ### Development Build: v3.2.0-rc1+dev24 -- Fix #73, Add Testing Tools to the Security Policy + +- Add Testing Tools to the Security Policy - See ### Development Build: v3.2.0+dev20 + - Changes cpp-styled comments to c-style to meet coding standard - See ### Development Build: v3.2.0+dev9 + - Restricts destination file permissions - Squash int comparison warning - Replace ctime (which generates LGTM warning) with ctime_r diff --git a/elf2cfetbl_version.h b/elf2cfetbl_version.h index 22e5385..b0e3fb2 100644 --- a/elf2cfetbl_version.h +++ b/elf2cfetbl_version.h @@ -30,7 +30,7 @@ /* * Development Build Macro Definitions */ -#define ELF2CFETBL_BUILD_NUMBER 24 /*!< @brief Number of commits since baseline */ +#define ELF2CFETBL_BUILD_NUMBER 30 /*!< @brief Number of commits since baseline */ #define ELF2CFETBL_BUILD_BASELINE \ "v3.2.0-rc1" /*!< @brief Development Build: git tag that is the base for the current */