Skip to content

Commit

Permalink
CI-CD Updates (#180)
Browse files Browse the repository at this point in the history
* Use new version of CI-CD Actions,  checkout@v3 instead of checkout@v2 on all jobs
* Use cSpell spell check, and use ubuntu-20.04 for formatting check
* Add in bot formatting action
  • Loading branch information
Skptak authored Sep 5, 2023
1 parent db05642 commit cafd016
Show file tree
Hide file tree
Showing 50 changed files with 426 additions and 726 deletions.
85 changes: 85 additions & 0 deletions .github/.cSpellWords.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
ABEF
AESCMAC
AESNI
BBOOL
Bgkqhki
Bhargavan
CBMC
CBOR
CMAC
CMOCK
CMock
CSRS
Chth
Cmock
Coverity
DNDEBUG
DSYSTEM
DUNIT
DUNITY
Drbg
ECKEY
FAAOCAQE
Fithb
Gaëtan
Gcbs
HAVEGE
HKDF
JITP
JITR
Karthikeyan
LPDWORD
LPWORD
MBED
MBEDTLSSL
MISRA
MQTT
Merkle
Misra
NISTP
OPTIM
Optiga
PAKE
RCVT
RSAES
RSASSA
SCSV
SECP
SSLV
UDBL
Wunused
XTEA
ZEROIZE
abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu
aesni
cbmc
cbor
cmac
cmock
coverity
ctest
dgst
ecdh
ecjpake
ggdb
havege
hkdf
lcov
mbed
mbedcrypto
misra
osal
pcertificate
pkparse
pkwrite
ppublic
ppuc
scsv
sinclude
unhashed
utest
xfindobjectwithlabelandclass
xgetslotlist
xinitializepkcs
xtea
zeroize
2 changes: 1 addition & 1 deletion CONTRIBUTING.md → .github/CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,6 @@ If you discover a potential security issue in this project we ask that you notif

## Licensing

See the [LICENSE](LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution.
See the [LICENSE](../LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution.

We may ask you to sign a [Contributor License Agreement (CLA)](http://en.wikipedia.org/wiki/Contributor_License_Agreement) for larger changes.
143 changes: 79 additions & 64 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
name: CI Checks

env:
bashPass: \033[32;1mPASSED -
bashInfo: \033[33;1mINFO -
bashFail: \033[31;1mFAILED -
bashEnd: \033[0m

on:
push:
branches: ["**"]
Expand All @@ -24,25 +30,30 @@ jobs:
-DUNIT_TESTS=0 \
-DCMAKE_C_FLAGS="${CFLAGS}"
make -C build/ all
- name: Integration Tests
run: |
cd build/
ctest --output-on-failure | tee -a $GITHUB_STEP_SUMMARY
run: ctest --test-dir build --output-on-failure | tee -a $GITHUB_STEP_SUMMARY

- name: Archive Test Results
if: success() || failure()
uses: actions/upload-artifact@v3
with:
name: system_test_results
path: |
build/Testing/Temporary/LastTest.log
name: system_test_results
path: |
build/Testing/Temporary/LastTest.log
unit-tests-with-sanitizer:
runs-on: ubuntu-latest
steps:
- name: Clone This Repo
uses: actions/checkout@v3
- name: Build

- env:
stepName: Build corePKCS11 Sanitizer Unit Tests
run: |
# ${{ env.stepName }}
echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}"
CFLAGS="-Wall -Wextra -DNDEBUG"
CFLAGS+=" -fsanitize=address,undefined"
cmake -S test -B build/ \
Expand All @@ -52,18 +63,25 @@ jobs:
-DSYSTEM_TESTS=0 \
-DCMAKE_C_FLAGS="${CFLAGS}"
make -C build/ all
- name: Unit Tests
run: |
cd build/
ctest --output-on-failure | tee -a $GITHUB_STEP_SUMMARY
echo "::endgroup::"
echo -e "${{ env.bashPass }} ${{env.stepName}} ${{ env.bashEnd }}"
- name: Run Unit Tests
run: ctest --test-dir build --output-on-failure | tee -a $GITHUB_STEP_SUMMARY

unit-tests:
runs-on: ubuntu-latest
steps:
- name: Clone This Repo
uses: actions/checkout@v3
- name: Build

- env:
stepName: Build corePKCS11 Unit Tests
run: |
# ${{ env.stepName }}
echo -e "::group::${{ env.bashInfo }} ${{ env.stepName }} ${{ env.bashEnd }}"
sudo apt-get install -y lcov
CFLAGS="--coverage -Wall -Wextra -DNDEBUG"
cmake -S test -B build/ \
Expand All @@ -73,30 +91,41 @@ jobs:
-DSYSTEM_TESTS=0 \
-DCMAKE_C_FLAGS="${CFLAGS}"
make -C build/ all
echo "::endgroup::"
echo -e "${{ env.bashPass }} ${{env.stepName}} ${{ env.bashEnd }}"
- name: Run Unit Tests
run: ctest --test-dir build --output-on-failure | tee -a $GITHUB_STEP_SUMMARY

- env:
stepName: Line and Branch Coverage Build
run: |
cd build/
ctest --output-on-failure | tee -a $GITHUB_STEP_SUMMARY
cd ..
- name: Run and Collect Coverage
if: success() || failure()
run: |
# ${{ env.stepName }}
echo -e "::group::${{ env.bashInfo }} Build Coverage Target ${{ env.bashEnd }}"
# Build the coverage target
make -C build/ coverage
lcov --rc lcov_branch_coverage=1 --remove build/coverage.info '*test*' --output-file build/coverage.info
lcov --rc lcov_branch_coverage=1 --remove build/coverage.info '*CMakeCCompilerId*' --output-file build/coverage.info
lcov --rc lcov_branch_coverage=1 --remove build/coverage.info '*mocks*' --output-file build/coverage.info
# Generate coverage report, excluding extra directories
lcov --rc lcov_branch_coverage=1 -r build/coverage.info -o build/coverage.info '*test*' '*CMakeCCompilerId*' '*mocks*'
echo "::endgroup::"
lcov --list build/coverage.info
echo -e "${{ env.bashPass }} ${{env.stepName}} ${{ env.bashEnd }}"
- name: Archive Test Results
if: success() || failure()
uses: actions/upload-artifact@v3
with:
name: unit_test_results
path: |
build/utest_report.txt
build/*_out.txt
build/coverage.info
build/report.xml
build/Testing/Temporary/LastTest.log
name: unit_test_results
path: |
build/utest_report.txt
build/*_out.txt
build/coverage.info
build/report.xml
build/Testing/Temporary/LastTest.log
- name: Upload coverage data to Codecov
if: success()
uses: codecov/codecov-action@v3
Expand All @@ -106,7 +135,6 @@ jobs:
fail_ci_if_error: false
verbose: false


complexity:
runs-on: ubuntu-latest
steps:
Expand All @@ -129,34 +157,12 @@ jobs:
spell-check:
runs-on: ubuntu-latest
steps:
- name: Checkout Parent Repo
uses: actions/checkout@v3
with:
ref: main
repository: aws/aws-iot-device-sdk-embedded-C
- run: rm -r libraries/standard/corePKCS11
- name: Clone This Repo
uses: actions/checkout@v3
- name: Run spellings check
uses: FreeRTOS/CI-CD-Github-Actions/spellings@main
with:
path: libraries/standard/corePKCS11
- name: Install spell
run: |
sudo apt-get install spell
sudo apt-get install util-linux
- name: Check spelling
run: |
PATH=$PATH:$PWD/tools/spell
# Modifies `find` command used in spell checker to ignore the test and dependency directory
# The command looks like this `extract-comments `find $DIRNAME -name \*.[ch]` should the line change and the sed command will
# append "-not path {val added below}" for each of the directories mentioned.
# https://github.com/aws/aws-iot-device-sdk-embedded-C/blob/ad28ed355df4f82b77f48028e24bd6fc9e63bc54/tools/spell/find-unknown-comment-words#L86
sed -i 's/find $DIRNAME/find $DIRNAME -not -path '*test*' -not -path '*dependency*'/g' tools/spell/find-unknown-comment-words
find-unknown-comment-words --directory libraries/standard/corePKCS11
if [ "$?" = "0" ]; then
exit 0
else
exit 1
fi
path: ./

formatting:
runs-on: ubuntu-20.04
Expand All @@ -172,16 +178,24 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Setup Python for link verifier action
uses: actions/setup-python@v4
with:
python-version: '3.11.0'
- name: Check Links
uses: FreeRTOS/CI-CD-GitHub-Actions/link-verifier@main
uses: FreeRTOS/CI-CD-Github-Actions/link-verifier@main
with:
path: ./

verify-manifest:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
submodules: true
fetch-depth: 0

- name: Run manifest verifier
uses: FreeRTOS/CI-CD-GitHub-Actions/manifest-verifier@main
with:
path: ./
exclude-dirs: cbmc
include-file-types: .c,.h,.dox
fail-on-incorrect-version: true

git-secrets:
runs-on: ubuntu-latest
Expand Down Expand Up @@ -215,14 +229,15 @@ jobs:
- name: Install Python3
uses: actions/setup-python@v4
with:
python-version: '3.11.0'
python-version: "3.11.0"
- name: Measure sizes
uses: FreeRTOS/CI-CD-Github-Actions/memory_statistics@main
with:
config: .github/memory_statistics_config.json
check_against: docs/doxygen/include/size_table.md
config: .github/memory_statistics_config.json
check_against: docs/doxygen/include/size_table.md

proof_ci:
if: ${{ github.event.pull_request }}
runs-on: cbmc_ubuntu-latest_16-core
steps:
- name: Set up CBMC runner
Expand Down
23 changes: 23 additions & 0 deletions .github/workflows/formatting.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
name: Format Pull Request Files

on:
issue_comment:
types: [created]

env:
bashPass: \033[32;1mPASSED -
bashInfo: \033[33;1mINFO -
bashFail: \033[31;1mFAILED -
bashEnd: \033[0m

jobs:
Formatting:
name: Run Formatting Check
if: ${{ github.event.issue.pull_request }} &&
( ( github.event.comment.body == '/bot run uncrustify' ) ||
( github.event.comment.body == '/bot run formatting' ) )
runs-on: ubuntu-20.04
steps:
- name: Apply Formatting Fix
uses: FreeRTOS/CI-CD-Github-Actions/formatting-bot@main
id: check-formatting
4 changes: 2 additions & 2 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
uses: actions/checkout@v3
with:
ref: ${{ github.event.inputs.commit_id }}
- name: Configure git identity
Expand Down Expand Up @@ -53,7 +53,7 @@ jobs:
- name: Install ZIP tools
run: sudo apt-get install zip unzip
- name: Checkout code
uses: actions/checkout@v2
uses: actions/checkout@v3
with:
ref: ${{ github.event.inputs.commit_id }}
path: corePKCS11
Expand Down
8 changes: 4 additions & 4 deletions MISRA.md
Original file line number Diff line number Diff line change
Expand Up @@ -26,17 +26,17 @@ _Ref 10.5.1_
_Ref 11.1.1_

- MISRA C-2012 Rule 11.1 Doesn't allow conversions between function pointers and any other type
However, since we're just using this to supress the compiler warning, we're also fine with
supressing the MISRA violation related to this line as well.
However, since we're just using this to suppress the compiler warning, we're also fine with
suppressing the MISRA violation related to this line as well.


#### Rule 12.1

_Ref 12.1.1_

- MISRA C-2012 Rule 12.1 Requires precendence of operators within an expression to be explicit.
- MISRA C-2012 Rule 12.1 Requires precedence of operators within an expression to be explicit.
The third party macro being used here throws a violation when used. Adding additional parens to the
call or to the decleration doesn't remove the violation, so we supress it.
call or to the decleration doesn't remove the violation, so we suppress it.

#### Rule 11.5

Expand Down
Loading

0 comments on commit cafd016

Please sign in to comment.