[MOS-724] CodeQL setup

SP2FET · SP2FET · commit ccce9bb19f47 · 2022-10-19T15:59:32.000+02:00
added CodeQL setup, small fixes to CI
diff --git a/Target_Linux.cmake b/Target_Linux.cmake
@@ -13,6 +13,7 @@ option (LINUX_ENABLE_SANITIZER "Enable address sanitizer for Linux" ON)
 if (LINUX_ENABLE_SANITIZER)
     add_compile_options(-fsanitize=address)
     add_link_options(-fsanitize=address)
+    add_link_options(-pthread)
 endif (LINUX_ENABLE_SANITIZER)
 
 set(CMAKE_STRIP strip CACHE INTERNAL "")
diff --git a/build_all_dockers.sh b/build_all_dockers.sh
@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+set -ex
+
+REPO_PATH="/home/bartek/MuditaOS"
+DST_VERSION=1.17
+
+./config/build_runner_docker
+docker build ${REPO_PATH}/docker -f ${REPO_PATH}/docker/Dockerfile -t "wearemudita/mudita_os_builder:${DST_VERSION}"
+docker tag "wearemudita/mudita_os_builder:${DST_VERSION}" wearemudita/mudita_os_builder:latest
+docker push "wearemudita/mudita_os_builder:${DST_VERSION}"
+docker push wearemudita/mudita_os_builder:latest
+
+docker build ${REPO_PATH}/docker/jenkins-docker -f ${REPO_PATH}/docker/jenkins-docker/Dockerfile -t "wearemudita/mudita_os_jenkins_slave:${DST_VERSION}"
+docker tag "wearemudita/mudita_os_jenkins_slave:${DST_VERSION}" wearemudita/mudita_os_jenkins_slave:latest
+docker push "wearemudita/mudita_os_jenkins_slave:${DST_VERSION}"
+docker push wearemudita/mudita_os_jenkins_slave:latest
diff --git a/config/bootstrap_config b/config/bootstrap_config
@@ -1,11 +1,18 @@
 
 # configuration variables used by bootstrap and dockerbuilder
 # ARM_GCC="gcc-arm-none-eabi-9-2020-q2-update"
-ARM_GCC="gcc-arm-none-eabi-10-2020-q4-major"
+ARM_VERSION="10-2020-q4-major"
+ARM_GCC="gcc-arm-none-eabi-${ARM_VERSION}"
 ARM_GCC_PKG="${ARM_GCC}-x86_64-linux.tar.bz2"
-ARM_GCC_SOURCE_LINK="https://developer.arm.com/-/media/Files/downloads/gnu-rm/10-2020q4/gcc-arm-none-eabi-10-2020-q4-major-x86_64-linux.tar.bz2?revision=ca0cbf9c-9de2-491c-ac48-898b5bbc0443&la=en&hash=68760A8AE66026BCF99F05AC017A6A50C6FD832A"
+#ARM_GCC_SOURCE_LINK="https://developer.arm.com/-/media/Files/downloads/gnu-rm/${ARM_VERSION}/${ARM_GCC_PKG}?revision=ca0cbf9c-9de2-491c-ac48-898b5bbc0443&la=en&hash=68760A8AE66026BCF99F05AC017A6A50C6FD832A"
+ARM_GCC_SOURCE_LINK="https://developer.arm.com/-/media/Files/downloads/gnu-rm/10-2020q4/${ARM_GCC_PKG}?revision=ca0cbf9c-9de2-491c-ac48-898b5bbc0443&la=en&hash=68760A8AE66026BCF99F05AC017A6A50C6FD832A"
 ARM_GCC_PATH_VAR="${ARM_GCC//-/_}"
-ARM_GCC_MD5="8312c4c91799885f222f663fc81f9a31"
+ARM_GCC_MD5="2383e4eb4ea23f248d33adc70dc3227e"
+
+CODEQL_VERSION="2.11.1"
+CODEQL_NAME="codeql-linux64"
+CODEQL_PKG="${CODEQL_NAME}.zip"
+CODEQL_SOURCE_LINK="https://github.com/github/codeql-cli-binaries/releases/download/v${CODEQL_VERSION}/${CODEQL_PKG}"
 
 CMAKE_VERSION="3.21.3"
 CMAKE_NAME="cmake-${CMAKE_VERSION}-linux-x86_64"
diff --git a/config/build_runner_docker b/config/build_runner_docker
@@ -8,6 +8,7 @@ source ${SRC_ROOT}/config/bootstrap_config
 
 DOCKER_DIR=${SRC_ROOT}/docker
 DOCKER_TEMPLATE=${DOCKER_DIR}/Dockerfile.runner.in
+JENKINS_DOCKER_TEMPLATE=${DOCKER_DIR}/jenkins-docker/Dockerfile-jenkins.runner.in
 DOCKER_TIMEZONE="Europe/Warsaw"
 DOCKER_IMAGE_NAME="wearemudita/mudita_os_builder"
 DOCKER_IMAGE_TAG="latest"
@@ -19,10 +20,18 @@ function prepareDockerFile() {
         -e "s#@CMAKE_PKG@#${CMAKE_PKG}#g" \
         -e "s#@CMAKE_NAME@#${CMAKE_NAME}#g" \
         -e "s#@ARM_GCC@#${ARM_GCC}#g;" \
+        -e "s#@CODEQL_PKG@#${CODEQL_PKG}#g" \
         -e "s#@DOCKER_TIMEZONE@#${DOCKER_TIMEZONE}#g;" \
         -e "s#@INSTALL_PACKAGES@#${INSTALL_PACKAGES}#g;" \
         -e "s#@ENTRYPOINT@#${ENTRYPOINT}#g;" \
         -s ${DOCKER_TEMPLATE} > ${DOCKER_DEST}
+
+    sed -e "s#@ARM_GCC_PKG@#${ARM_GCC_PKG}#g" \
+        -e "s#@CMAKE_PKG@#${CMAKE_PKG}#g" \
+        -e "s#@CMAKE_NAME@#${CMAKE_NAME}#g" \
+        -e "s#@ARM_GCC@#${ARM_GCC}#g;" \
+        -e "s#@CODEQL_PKG@#${CODEQL_PKG}#g" \
+        -s ${JENKINS_DOCKER_TEMPLATE} > ${JENKINS_DOCKER_DEST}
 }
 
 function help() {
@@ -45,6 +54,8 @@ case ${1} in
     *)
         ENTRYPOINT="entrypoint.sh"
         DOCKER_DEST=${DOCKER_DIR}/Dockerfile
+        JENKINS_DOCKER_DEST=${DOCKER_DIR}/jenkins-docker/Dockerfile
+
     ;;
 esac
 
diff --git a/config/common_scripts_lib b/config/common_scripts_lib
@@ -21,3 +21,7 @@ function getArmCC() {
 function getCMake() {
     wget --no-verbose --show-progress -O ${CMAKE_PKG} ${CMAKE_SOURCE_LINK}
 }
+
+function getCodeQL() {
+    wget --no-verbose --show-progress -O ${CODEQL_PKG} ${CODEQL_SOURCE_LINK}
+}
diff --git a/config/download_assets b/config/download_assets
@@ -41,8 +41,14 @@ function getPythonReq() {
     cat ${DEST_PYREQ_TMP} | sort | uniq > ${DEST_PYREQ}
 }
 
+function get_CodeQL() {
+    echo -e "\e[32m${FUNCNAME[0]}\e[0m"
+    wget --no-verbose --show-progress -c -O ${CODEQL_PKG} ${CODEQL_SOURCE_LINK}
+}
+
 get_arm_toolchain
 get_cmake
+get_CodeQL
 getPythonReq
 
 
diff --git a/docker/Dockerfile.runner.in b/docker/Dockerfile.runner.in
@@ -30,17 +30,24 @@ RUN apt-get install git -y
 #add python packages
 ADD assets/requirements.txt /home/docker/requirements.txt
 RUN pip3 install -r /home/docker/requirements.txt
+RUN apt-get remove ccache -y
 
 # ARM compiler
 ADD assets/@ARM_GCC_PKG@ /usr/local/
+# CodeQL
+ADD assets/@CODEQL_PKG@ /usr/local/
+RUN cd /usr/local && unzip @CODEQL_PKG@ && rm @CODEQL_PKG@
 
 # CMake
 ADD assets/@CMAKE_PKG@ /usr/local/
 
+RUN wget https://github.com/ccache/ccache/releases/download/v4.7/ccache-4.7-linux-x86_64.tar.xz && tar -xvf ccache-4.7-linux-x86_64.tar.xz  && cd ccache-4.7-linux-x86_64/ &&  make install
+
+
 ENV CMAKE_NAME="/usr/local/@CMAKE_NAME@"
 ENV ARM_GCC="/usr/local/@ARM_GCC@"
 
-ENV PATH="/user/local/actions-runner:/usr/local/@CMAKE_NAME@/bin:/usr/local/@ARM_GCC@/bin:$PATH"
+ENV PATH="/usr/local/codeql:/user/local/actions-runner:/usr/local/@CMAKE_NAME@/bin:/usr/local/@ARM_GCC@/bin:$PATH"
 ENV TERM="xterm-256color"
 
 ADD assets/.bashrc /home/docker/
@@ -50,6 +57,7 @@ COPY assets/entrypoint.sh /entrypoint.sh
 COPY ci_actions.sh /ci_actions.sh
 
 RUN echo "export PATH="/user/local/actions-runner:/usr/local/@CMAKE_NAME@/bin:/usr/local/@ARM_GCC@/bin:$PATH"" > /etc/profile.d/setup_path.sh
+RUN echo "export PATH="/usr/local/codeql/:$PATH"" > /etc/profile.d/setup_path.sh
 RUN chmod +x /etc/profile.d/setup_path.sh
 RUN chmod +x /cmd.sh && \
     chmod +x /entrypoint.sh && \
diff --git a/docker/jenkins-docker/Dockerfile-jenkins.runner.in b/docker/jenkins-docker/Dockerfile-jenkins.runner.in
@@ -5,20 +5,22 @@ MAINTAINER ops@mudita.com
 
 USER root
 
-RUN export DEBIAN_FRONTEND=noninteractive 
+RUN export DEBIAN_FRONTEND=noninteractive
 
-RUN apt-get update 
-RUN apt-get full-upgrade -y 
+RUN apt-get update
+RUN apt-get full-upgrade -y
 
 RUN apt-get install -y \
         openssh-server \
-        openjdk-8-jdk
+        openjdk-11-jdk
 
 RUN apt-get -qy clean
 
 #Docker drops audit-related capabilities, removing from pam requirements
 RUN sed -i 's|session    required     pam_loginuid.so|session    optional     pam_loginuid.so|g' /etc/pam.d/sshd
 
+ENV PATH="/usr/local/codeql:/user/local/actions-runner:/usr/local/@CMAKE_NAME@/bin:/usr/local/@ARM_GCC@/bin:$PATH"
+
 RUN sed -i /etc/ssh/sshd_config \
         -e 's/#PermitRootLogin.*/PermitRootLogin no/' \
         -e 's/#RSAAuthentication.*/RSAAuthentication yes/'  \
@@ -33,12 +35,11 @@ RUN adduser --quiet --gecos '' --disabled-password --uid 6666 jenkins
 COPY .ssh/authorized_keys /home/jenkins/.ssh/authorized_keys
 COPY start-sshd /usr/local/bin/start-sshd
 RUN chown -R jenkins:jenkins /home/jenkins/.ssh
+RUN echo "export PATH="/usr/local/codeql:/user/local/actions-runner:/usr/local/@CMAKE_NAME@/bin:/usr/local/@ARM_GCC@/bin:$PATH"" > /etc/profile.d/setup_path.sh
+RUN chmod +x /etc/profile.d/setup_path.sh
 RUN cat /etc/profile.d/setup_path.sh >> /home/jenkins/.bashrc
 
-#RUN chmod -x /cmd.sh && \
-#    chmod -x /entrypoint.sh
 
 EXPOSE 22
 
-ENTRYPOINT ["/usr/local/bin/start-sshd"]
-#ENTRYPOINT ["/bin/sleep", "infinity"]
+ENTRYPOINT ["/usr/local/bin/start-sshd"]
diff --git a/in_docker.sh b/in_docker.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# Copyright (c) 2017-2021, Mudita Sp. z.o.o. All rights reserved.
+# Copyright (c) 2017-2022, Mudita Sp. z.o.o. All rights reserved.
 # For licensing, see https://github.com/mudita/MuditaOS/LICENSE.md
 
 CONTAINER_NAME="wearemudita/mudita_os_builder"
diff --git a/module-bsp/drivers/i2c/DriverI2C.hpp b/module-bsp/drivers/i2c/DriverI2C.hpp
@@ -6,7 +6,7 @@
 
 #include <memory>
 #include <sys/types.h>
-
+#include <cstdint>
 namespace drivers
 {
 
diff --git a/products/PurePhone/test/test-settings/test-service-db-settings-api.cpp b/products/PurePhone/test/test-settings/test-service-db-settings-api.cpp
@@ -37,7 +37,7 @@
 #include <module-db/Interface/ThreadRecord.hpp>
 #include <service-db/agents/quotes/QuotesAgent.hpp>
 
-TEST_CASE("SettingsApi")
+TEST_CASE("SettingsApi", "[.]")
 {
     SECTION("variable/profile/mode register/set/get/unregister")
     {

Original file line number	Diff line number	Diff line change
`@@ -21,3 +21,7 @@ function getArmCC() {`
`21`	`21`	`function getCMake() {`
`22`	`22`	`wget --no-verbose --show-progress -O ${CMAKE_PKG} ${CMAKE_SOURCE_LINK}`
`23`	`23`	`}`
	`24`	`+`
	`25`	`+function getCodeQL() {`
	`26`	`+ wget --no-verbose --show-progress -O ${CODEQL_PKG} ${CODEQL_SOURCE_LINK}`
	`27`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -6,7 +6,7 @@`
`6`	`6`
`7`	`7`	`#include <memory>`
`8`	`8`	`#include <sys/types.h>`
`9`		`-`
	`9`	`+#include <cstdint>`
`10`	`10`	`namespace drivers`
`11`	`11`	`{`
`12`	`12`
Original file line number	Diff line number	Diff line change
`@@ -37,7 +37,7 @@`
`37`	`37`	`#include <module-db/Interface/ThreadRecord.hpp>`
`38`	`38`	`#include <service-db/agents/quotes/QuotesAgent.hpp>`
`39`	`39`
`40`		`-TEST_CASE("SettingsApi")`
	`40`	`+TEST_CASE("SettingsApi", "[.]")`
`41`	`41`	`{`
`42`	`42`	`SECTION("variable/profile/mode register/set/get/unregister")`
`43`	`43`	`{`