From a1646718b1138b625791151fb64a41a54bb9ca84 Mon Sep 17 00:00:00 2001 From: ArielSAdamsNASA Date: Fri, 21 May 2021 12:34:03 -0500 Subject: [PATCH 1/2] Fix #98, Implement Coding Standard CodeQL --- .github/workflows/codeql-build.yml | 63 ++++++++++++++++++++++++++++-- 1 file changed, 60 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-build.yml b/.github/workflows/codeql-build.yml index 66ca85a..76c0bfe 100644 --- a/.github/workflows/codeql-build.yml +++ b/.github/workflows/codeql-build.yml @@ -2,9 +2,9 @@ name: "CodeQL Analysis" on: push: + pull_request: branches: - main - pull_request: env: SIMULATION: native @@ -13,8 +13,65 @@ env: BUILDTYPE: release jobs: + #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. + check-for-duplicates: + runs-on: ubuntu-latest + # Map a step output to a job output + outputs: + should_skip: ${{ steps.skip_check.outputs.should_skip }} + steps: + - id: skip_check + uses: fkirc/skip-duplicate-actions@master + with: + concurrent_skipping: 'same_content' + skip_after_successful_duplicate: 'true' + do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' + + CodeQL-Security-Build: + needs: check-for-duplicates + if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} + runs-on: ubuntu-18.04 + timeout-minutes: 15 + + steps: + # Checks out a copy of your repository on the ubuntu-latest machine + - name: Checkout bundle + uses: actions/checkout@v2 + with: + repository: nasa/cFS + submodules: true + + - name: Checkout submodule + uses: actions/checkout@v2 + with: + path: apps/to_lab + + - name: Check versions + run: git submodule + + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: c + config-file: nasa/cFS/.github/codeql/codeql-security.yml@main + + # Setup the build system + - name: Set up for build + run: | + cp ./cfe/cmake/Makefile.sample Makefile + cp -r ./cfe/cmake/sample_defs sample_defs + make prep + + # Build the code + - name: Build + run: make to_lab + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 - CodeQL-Build: + CodeQL-Coding-Standard-Build: + needs: check-for-duplicates + if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} runs-on: ubuntu-18.04 timeout-minutes: 15 @@ -38,7 +95,7 @@ jobs: uses: github/codeql-action/init@v1 with: languages: c - queries: +security-extended, security-and-quality + config-file: nasa/cFS/.github/codeql/codeql-coding-standard.yml@main # Setup the build system - name: Set up for build From 5dc614a531a4f003222e3dc78c1f440a228d84b6 Mon Sep 17 00:00:00 2001 From: "Gerardo E. Cruz-Ortiz" <59618057+astrogeco@users.noreply.github.com> Date: Thu, 24 Jun 2021 14:42:47 -0400 Subject: [PATCH 2/2] IC:2021-06-22, Bump to v2.4.0-rc1+dev49 *Development Version* - Remove github issue references in readme's version history - Add missing "v" prefix to development version numbers in ReadMe --- README.md | 39 ++++++++++++++++++++++----------------- fsw/src/to_lab_version.h | 2 +- 2 files changed, 23 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index f7b47d4..f3004cc 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,11 @@ To send telemtry to the "ground" or UDP/IP port, edit the subscription table in ## Version History +### Development Build: v2.4.0-rc1+dev49 + +- Implement Coding Standard in CodeQL workflow +- See and + ### Development Build: v2.4.0-rc1+dev47 - Removes app registration call, `CFE_ES_RegisterApp()` since applications do not need to register themselves. @@ -25,84 +30,84 @@ To send telemtry to the "ground" or UDP/IP port, edit the subscription table in ### Development Build: v2.4.0-rc1+dev38 -- Fix #85, Remove numeric pipe ID from event printf -- Fix #87, Add Testing Tools to the Security Policy +- Remove numeric pipe ID from event printf +- Add Testing Tools to the Security Policy - See -### Development Build: 2.4.0-rc1+dev32 +### Development Build: v.2.4.0-rc1+dev32 - Removes end-of-function comments in `to_lab_app.c` - Adds static analysis and code format check to continuous integration workflow. Updates workflow status badges in ReadMe - Adds CodeQL analysis to continuous integration workflow - See -### Development Build: 2.4.0-rc1+dev21 +### Development Build: v.2.4.0-rc1+dev21 - TO remains command-able after a "remove all subscriptions" command; the command now only removes all subscriptions to the Tlm_pipe - See -### Development Build: 2.4.0-rc1+dev17 +### Development Build: v.2.4.0-rc1+dev17 - Aligns messages according to changes in cFE . Uses the "raw" message cmd/tlm types in definition - See -### Development Build: 2.4.0-rc1+dev13 +### Development Build: v.2.4.0-rc1+dev13 - Replaces deprecated SB API's with MSG - See -### Development Build: 2.4.0-rc1+dev9 +### Development Build: v.2.4.0-rc1+dev9 - Update the TLMsockid field to be `osal_id_t` instead of uint32 - Set revision number to 99 to indicate development status in telemetry - See -### Development Build: 2.4.0-rc1+dev6 +### Development Build: v.2.4.0-rc1+dev6 - Adds header guard to `to_lab_sub_table.h` - See -### Development Build: 2.4.0-rc1+dev3 +### Development Build: v.2.4.0-rc1+dev3 - Remove reference to deprecated `CFE_ES_SHELL_TLM_MID`. - See -### Development Build: 2.3.0+dev45 +### Development Build: v2.3.0+dev45 - Fixes bug where an unset address values caused subscriptions to MsgId 0 over 200 times. Added a `TO_UNUSED` entry at the end of the subscription list and a break in the subscription loop when `TO_UNUSED` found. No more subscriptions on the unused table slots (no MsgId 0 subscriptions). - Corrects return value of `TO_LAB_init()` to be `int32` instead of `int`. Declaration now matches definition, and app builds without errors. - Add build number and baseline to version reporting. - See -### Development Build: 2.3.7 +### Development Build: v2.3.7 - Makes the `TO_LAB_Subs` table into a CFE_TBL-managed table. - See -### Development Build: 2.3.6 +### Development Build: v2.3.6 - Replace references to `ccsds.h` types with the `cfe_sb.h`-provided type. - See -### Development Build: 2.3.5 +### Development Build: v2.3.5 - Apply code style - See -### Development Build: 2.3.4 +### Development Build: v2.3.4 - Configure the maximum depth supported by OSAL, rather than a hard coded 64. - See -### Development Build: 2.3.3 +### Development Build: v2.3.3 - Apply the CFE_SB_MsgIdToValue() and CFE_SB_ValueToMsgId() routines where compatibility with an integer MsgId is necessary - syslog prints, events, compile-time MID #define values. - Deprecates shell tlm subscription - Changes to documentation - See -### Development Build: 2.3.2 +### Development Build: v2.3.2 - Use OSAL socket API instead of BSD Sockets @@ -110,7 +115,7 @@ To send telemtry to the "ground" or UDP/IP port, edit the subscription table in - Minor updates (see ) -### Development Build: 2.3.1 +### Development Build: v2.3.1 - Fix for a clean build with OMIT_DEPRECATED - Minor updates (see ) diff --git a/fsw/src/to_lab_version.h b/fsw/src/to_lab_version.h index be6cc5a..d59d163 100644 --- a/fsw/src/to_lab_version.h +++ b/fsw/src/to_lab_version.h @@ -30,7 +30,7 @@ */ /* Development Build Macro Definitions */ -#define TO_LAB_BUILD_NUMBER 47 /*!< Development Build: Number of commits since baseline */ +#define TO_LAB_BUILD_NUMBER 49 /*!< Development Build: Number of commits since baseline */ #define TO_LAB_BUILD_BASELINE \ "v2.4.0-rc1" /*!< Development Build: git tag that is the base for the current development */