Skip to content

Commit

Permalink
Merge pull request #63 from ArielSAdamsNASA/fix-62-implement-coding-s…
Browse files Browse the repository at this point in the history
…tandard-codeql

Fix #62, Implement Coding Standard CodeQL
  • Loading branch information
astrogeco authored Jun 10, 2021
2 parents 12c82b5 + 5acb286 commit da3ae33
Showing 1 changed file with 62 additions and 3 deletions.
65 changes: 62 additions & 3 deletions .github/workflows/codeql-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@ name: "CodeQL Analysis"

on:
push:
pull_request:
branches:
- main
pull_request:

env:
SIMULATION: native
Expand All @@ -13,8 +13,67 @@ env:
BUILDTYPE: release

jobs:
#Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action.
check-for-duplicates:
runs-on: ubuntu-latest
# Map a step output to a job output
outputs:
should_skip: ${{ steps.skip_check.outputs.should_skip }}
steps:
- id: skip_check
uses: fkirc/skip-duplicate-actions@master
with:
concurrent_skipping: 'same_content'
skip_after_successful_duplicate: 'true'
do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]'

CodeQL-Security-Build:
needs: check-for-duplicates
if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }}
runs-on: ubuntu-18.04
timeout-minutes: 15

steps:
# Checks out a copy of your repository on the ubuntu-latest machine
- name: Checkout bundle
uses: actions/checkout@v2
with:
repository: nasa/cFS
submodules: true

- name: Checkout submodule
uses: actions/checkout@v2
with:
path: apps/sample_lib

- name: Check versions
run: git submodule

- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: c
config-file: nasa/cFS/.github/codeql/codeql-security.yml@main

# Setup the build system
- name: Set up for build
run: |
cp ./cfe/cmake/Makefile.sample Makefile
cp -r ./cfe/cmake/sample_defs sample_defs
make prep
# Build the code
- name: Build
run: |
make sample_lib
make native/default_cpu1/apps/sample_lib/unit-test/
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1

CodeQL-Build:
CodeQL-Coding-Standard-Build:
needs: check-for-duplicates
if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }}
runs-on: ubuntu-18.04
timeout-minutes: 15

Expand All @@ -38,7 +97,7 @@ jobs:
uses: github/codeql-action/init@v1
with:
languages: c
queries: +security-extended, security-and-quality
config-file: nasa/cFS/.github/codeql/codeql-coding-standard.yml@main

# Setup the build system
- name: Set up for build
Expand Down

0 comments on commit da3ae33

Please sign in to comment.