Merge pull request #2011 from fix-2009-reuse-workflows

Fix #2009, Reuse CodeQL, Static Analysis, and Format Check

Author: astrogeco

.github/workflows/codeql-build.yml

@@ -3,115 +3,11 @@ name: "CodeQL Analysis"
 on:
   push:
   pull_request:
-
-env:
-  SIMULATION: native
-  ENABLE_UNIT_TESTS: true
-  OMIT_DEPRECATED: true
-  BUILDTYPE: release
-
+  
 jobs:
-  #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. 
-  check-for-duplicates:
-    runs-on: ubuntu-latest
-    # Map a step output to a job output
-    outputs:
-      should_skip: ${{ steps.skip_check.outputs.should_skip }}
-    steps:
-      - id: skip_check
-        uses: fkirc/skip-duplicate-actions@master
-        with:
-          concurrent_skipping: 'same_content'
-          skip_after_successful_duplicate: 'true'
-          do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]'
-
-  CodeQL-Security-Build:
-    needs: check-for-duplicates
-    if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }}
-    runs-on: ubuntu-18.04
-    timeout-minutes: 15
-
-    steps:
-      # Checks out a copy of your repository on the ubuntu-latest machine
-      - name: Checkout bundle
-        uses: actions/checkout@v2
-        with:
-          repository: nasa/cFS
-          submodules: true
-
-      - name: Checkout submodule
-        uses: actions/checkout@v2
-        with:
-          path: cfe
-
-      - name: Check versions
-        run: git submodule
-
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v1
-        with:
-          languages: c
-          config-file: nasa/cFS/.github/codeql/codeql-security.yml@main
-
-      # Setup the build system
-      - name: Set up for build
-        run: |
-          cp ./cfe/cmake/Makefile.sample Makefile
-          cp -r ./cfe/cmake/sample_defs sample_defs
-          make prep
-          
-      # Build the code
-      - name: Build
-        run: |
-          make -C build/native/default_cpu1 core_api core_private es evs fs msg resourceid sb sbr tbl time
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v1
-
-  CodeQL-Coding-Standard-Build:
-    needs: check-for-duplicates
-    if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }}
-    runs-on: ubuntu-18.04
-    timeout-minutes: 15
-
-    steps:
-      # Checks out a copy of your repository on the ubuntu-latest machine
-      - name: Checkout bundle
-        uses: actions/checkout@v2
-        with:
-          repository: nasa/cFS
-          submodules: true
-
-      - name: Checkout submodule
-        uses: actions/checkout@v2
-        with:
-          path: cfe
-
-      - name: Check versions
-        run: git submodule
-
-      - name: Checkout codeql code      
-        uses: actions/checkout@v2
-        with:
-          repository: github/codeql 
-          submodules: true 
-          path: codeql
-
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v1
-        with:
-          languages: c
-          config-file: nasa/cFS/.github/codeql/codeql-coding-standard.yml@main
-            
-      # Setup the build system
-      - name: Set up for build
-        run: |
-          cp ./cfe/cmake/Makefile.sample Makefile
-          cp -r ./cfe/cmake/sample_defs sample_defs
-          make prep
-          
-      # Build the code
-      - name: Build
-        run: |
-          make -C build/native/default_cpu1 core_api core_private es evs fs msg resourceid sb sbr tbl time
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v1
+  codeql:
+    name: CodeQL Analysis
+    uses: nasa/cFS/.github/workflows/codeql-build.yml@main
+    with: 
+      make-prep: 'make prep'
+      make: 'make -C build/native/default_cpu1 core_api core_private es evs fs msg resourceid sb sbr tbl time'

.github/workflows/format-check.yml

@@ -1,51 +1,11 @@
 name: Format Check
 
-# Run on main push and pull requests
+# Run on all push and pull requests
 on:
   push:
   pull_request:
 
 jobs:
-
-  static-analysis:
+  format-check:
     name: Run format check
-    runs-on: ubuntu-18.04
-    timeout-minutes: 15
-
-    steps:
-
-      - name: Install format checker
-        run: |
-          wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add -
-          sudo add-apt-repository 'deb http://apt.llvm.org/bionic/   llvm-toolchain-bionic-10 main'
-          sudo apt-get update && sudo apt-get install clang-format-10
-
-      - name: Checkout bundle
-        uses: actions/checkout@v2
-        with:
-          repository: nasa/cFS
-
-      - name: Checkout
-        uses: actions/checkout@v2
-        with:
-          path: repo
-
-      - name: Generate format differences
-        run: |
-          cd repo
-          find . -name "*.[ch]" -exec clang-format-10 -i -style=file {} +
-          git diff > $GITHUB_WORKSPACE/style_differences.txt
-
-      - name: Archive Static Analysis Artifacts
-        uses: actions/upload-artifact@v2
-        with:
-          name: style_differences
-          path: style_differences.txt
-
-      - name: Error on differences
-        run: |
-          if [[ -s style_differences.txt ]];
-          then
-            cat style_differences.txt
-            exit -1
-          fi
+    uses: nasa/cFS/.github/workflows/format-check.yml@main

.github/workflows/static-analysis.yml

@@ -1,56 +1,13 @@
 name: Static Analysis
 
-# Run this workflow every time a new commit pushed to your repository
+# Run on all push and pull requests
 on:
   push:
-    branches:
-      - main
   pull_request:
 
 jobs:
-
   static-analysis:
     name: Run cppcheck
-    runs-on: ubuntu-18.04
-    timeout-minutes: 15
-
-    strategy:
-      fail-fast: false
-      matrix:
-        cppcheck: [all, cfe]
-
-    steps:
-
-      - name: Install cppcheck
-        run: sudo apt-get install cppcheck -y
-
-        # Checks out a copy of the cfs bundle
-      - name: Checkout code
-        uses: actions/checkout@v2
-        with:
-          submodules: true
-
-      - name: Run bundle cppcheck
-        if: ${{matrix.cppcheck =='all'}}
-        run: cppcheck --force --inline-suppr . 2> ${{matrix.cppcheck}}_cppcheck_err.txt
-
-        # Run strict static analysis for embedded portions of cfe
-      - name: cfe strict cppcheck
-        if: ${{matrix.cppcheck =='cfe'}}
-        run: |
-          all_fsw_modules="core_api core_private es evs fs msg resourceid sb sbr tbl time"
-          /bin/bash ./.github/workflows/run_fsw_cppcheck.sh ${all_fsw_modules} 2> ${{matrix.cppcheck}}_cppcheck_err.txt
-
-      - name: Archive Static Analysis Artifacts
-        uses: actions/upload-artifact@v2
-        with:
-          name: ${{matrix.cppcheck}}-cppcheck-err
-          path: ./*cppcheck_err.txt
-
-      - name: Check for errors
-        run: |
-          if [[ -s ${{matrix.cppcheck}}_cppcheck_err.txt ]];
-          then
-            cat ${{matrix.cppcheck}}_cppcheck_err.txt
-            exit -1
-          fi
+    uses: nasa/cFS/.github/workflows/static-analysis.yml@main
+    with:
+      strict-dir-list: './modules/core_api/fsw ./modules/core_private/fsw ./modules/es/fsw ./modules/evs/fsw ./modules/fs/fsw ./modules/msg/fsw ./modules/resourceid/fsw ./modules/sb/fsw ./modules/sbr/fsw ./modules/tbl/fsw ./modules/time/fsw -UCFE_PLATFORM_TIME_CFG_CLIENT -DCFE_PLATFORM_TIME_CFG_SERVER'