diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index 39aa04eef..2592def6c 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -7,6 +7,11 @@ assignees: '' --- +**Checklist (Please check before submitting)** + +* [ ] I reviewed the [Contributing Guide](https://github.com/nasa/cFS/blob/main/CONTRIBUTING.md). +* [ ] I performed a cursory search to see if the bug report is relevant, not redundant, nor in conflict with other tickets. + **Describe the bug** A clear and concise description of what the bug is. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md index 6b729edd0..8a80857e0 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.md +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -7,6 +7,12 @@ assignees: '' --- +**Checklist (Please check before submitting)** + +* [ ] I reviewed the [Contributing Guide](https://github.com/nasa/cFS/blob/main/CONTRIBUTING.md). +* [ ] I reviewed the [cFS README.md file](https://github.com/nasa/cFS/blob/main/README.md) to see if the feature is in the major future work. +* [ ] I performed a cursory search to see if the feature request is relevant, not redundant, nor in conflict with other tickets. + **Is your feature request related to a problem? Please describe.** A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] diff --git a/.github/codeql/codeql-security.yml b/.github/codeql/codeql-security.yml new file mode 100644 index 000000000..11280c908 --- /dev/null +++ b/.github/codeql/codeql-security.yml @@ -0,0 +1,7 @@ +name: "CodeQL Security Configuration File" + +queries: + - name: Security and Quality + uses: security-and-quality + - name: Security Extended + uses: security-extended diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index d2822101b..49d21b534 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,3 +1,8 @@ +**Checklist (Please check before submitting)** + +* [ ] I reviewed the [Contributing Guide](https://github.com/nasa/cFS/blob/main/CONTRIBUTING.md). +* [ ] I signed and emailed the appropriate Contributor License agreement to GSFC-SoftwareRelease@mail.nasa.gov and copied cfs-program@lists.nasa.gov. + **Describe the contribution** A clear and concise description of what the contribution is. - Include explicitly what issue it addresses [e.g. Fixes #X] @@ -21,7 +26,7 @@ A clear and concise description of how this contribution will change behavior an **Additional context** Add any other context about the contribution here. -**Code contibutions** +**Code contributions** The cFS repository is provided to bundle the cFS Framework. It is utilized for bundling submodules, continuous integration testing, and version management and does not contain any software. Code contributions should be directed to the appropriate submodule. **Contributor Info - All information REQUIRED for consideration of pull request** diff --git a/.github/workflows/build-cfs-deprecated.yml b/.github/workflows/build-cfs-deprecated.yml new file mode 100644 index 000000000..6886d01a6 --- /dev/null +++ b/.github/workflows/build-cfs-deprecated.yml @@ -0,0 +1,163 @@ +name: "Deprecated Build, Test, and Run" + +# Run every time a new commit pushed or for pull requests +on: + push: + pull_request: + +env: + SIMULATION: native + OMIT_DEPRECATED: false + +jobs: + #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. + check-for-duplicates: + runs-on: ubuntu-latest + # Map a step output to a job output + outputs: + should_skip: ${{ steps.skip_check.outputs.should_skip }} + steps: + - id: skip_check + uses: fkirc/skip-duplicate-actions@master + with: + concurrent_skipping: 'same_content' + skip_after_successful_duplicate: 'true' + do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' + + # Set the job key. The key is displayed as the job name + # when a job name is not provided + + build-cfs: + #Continue if check-for-duplicates found no duplicates. Always runs for pull-requests. + needs: check-for-duplicates + if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} + name: Build + runs-on: ubuntu-18.04 + + strategy: + fail-fast: false + matrix: + buildtype: [debug, release] + + # Set the type of machine to run on + env: + BUILDTYPE: ${{ matrix.buildtype }} + + steps: + # Checks out a copy of your repository on the ubuntu-latest machine + - name: Checkout code + uses: actions/checkout@v2 + with: + submodules: true + + # Setup the build system + - name: Copy Files + run: | + cp ./cfe/cmake/Makefile.sample Makefile + cp -r ./cfe/cmake/sample_defs sample_defs + + # Setup the build system + - name: Make Prep + run: make prep + + - name: Make + run: make + + test-cfs: + name: Test + needs: build-cfs + runs-on: ubuntu-18.04 + + strategy: + fail-fast: false + matrix: + buildtype: [debug, release] + + # Set the type of machine to run on + env: + BUILDTYPE: ${{ matrix.buildtype }} + ENABLE_UNIT_TESTS: true + + + steps: + - name: Install Dependencies + run: sudo apt-get install lcov -y + + # Checks out a copy of your repository on the ubuntu-latest machine + - name: Checkout code + uses: actions/checkout@v2 + with: + submodules: true + + # Setup the build system + - name: Copy Files + run: | + cp ./cfe/cmake/Makefile.sample Makefile + cp -r ./cfe/cmake/sample_defs sample_defs + + # Setup the build system + - name: Make + run: make + + - name: Run Tests + run: make test + + - name: Check Coverage + run: make lcov + + run-cfs: + name: Run + needs: build-cfs + runs-on: ubuntu-18.04 + + strategy: + fail-fast: false + matrix: + buildtype: [debug, release] + + # Set the type of machine to run on + env: + BUILDTYPE: ${{ matrix.buildtype }} + + steps: + # Checks out a copy of your repository on the ubuntu-latest machine + - name: Checkout code + uses: actions/checkout@v2 + with: + submodules: true + + # Setup the build system + - name: Copy sample_defs + run: | + cp ./cfe/cmake/Makefile.sample Makefile + cp -r ./cfe/cmake/sample_defs sample_defs + + # Setup the build system + - name: Make Install + run: make install + + - name: List cpu1 + run: ls build/exe/cpu1/ + + - name: Run cFS + run: | + ./core-cpu1 > cFS_startup_cpu1.txt & + sleep 30 + ../host/cmdUtil --endian=LE --pktid=0x1806 --cmdcode=2 --half=0x0002 + working-directory: ./build/exe/cpu1/ + + - name: Archive cFS Startup Artifacts + uses: actions/upload-artifact@v2 + with: + name: cFS-startup-log-deprecated-false-${{ matrix.buildtype }} + path: ./build/exe/cpu1/cFS_startup_cpu1.txt + + - name: Check for cFS Warnings + run: | + if [[ -n $(grep -i "warn\|err\|fail" cFS_startup_cpu1.txt) ]]; then + echo "Must resolve warn|err|fail in cFS startup before submitting a pull request" + echo "" + grep -i 'warn\|err\|fail' cFS_startup_cpu1.txt + exit -1 + fi + working-directory: ./build/exe/cpu1/ diff --git a/.github/workflows/build-cfs.yml b/.github/workflows/build-cfs.yml new file mode 100644 index 000000000..f63d10aeb --- /dev/null +++ b/.github/workflows/build-cfs.yml @@ -0,0 +1,161 @@ +name: Build, Test, and Run [OMIT_DEPRECATED=true] + +# Run every time a new commit pushed or for pull requests +on: + push: + pull_request: + +env: + SIMULATION: native + OMIT_DEPRECATED: true + +jobs: + #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. + check-for-duplicates: + runs-on: ubuntu-latest + # Map a step output to a job output + outputs: + should_skip: ${{ steps.skip_check.outputs.should_skip }} + steps: + - id: skip_check + uses: fkirc/skip-duplicate-actions@master + with: + concurrent_skipping: 'same_content' + skip_after_successful_duplicate: 'true' + do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' + + build-cfs: + #Continue if check-for-duplicates found no duplicates. Always runs for pull-requests. + needs: check-for-duplicates + if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} + name: Build + runs-on: ubuntu-18.04 + + strategy: + fail-fast: false + matrix: + buildtype: [debug, release] + + # Set the type of machine to run on + env: + BUILDTYPE: ${{ matrix.buildtype }} + + steps: + # Check out the cfs bundle + - name: Checkout code + uses: actions/checkout@v2 + with: + submodules: true + + # Setup the build system + - name: Copy Files + run: | + cp ./cfe/cmake/Makefile.sample Makefile + cp -r ./cfe/cmake/sample_defs sample_defs + + # Setup the build system + - name: Make Prep + run: make prep + + - name: Make + run: make + + test-cfs: + name: Test + runs-on: ubuntu-18.04 + + needs: build-cfs + + strategy: + fail-fast: false + matrix: + buildtype: [debug, release] + + # Set the type of machine to run on + env: + BUILDTYPE: ${{ matrix.buildtype }} + ENABLE_UNIT_TESTS: true + + + steps: + - name: Install Dependencies + run: sudo apt-get install lcov -y + + # Checks out a copy of your repository on the ubuntu-latest machine + - name: Checkout code + uses: actions/checkout@v2 + with: + submodules: true + + # Setup the build system + - name: Copy Files + run: | + cp ./cfe/cmake/Makefile.sample Makefile + cp -r ./cfe/cmake/sample_defs sample_defs + + # Setup the build system + - name: Make + run: make + + - name: Run Tests + run: make test + + - name: Check Coverage + run: make lcov + + run-cfs: + name: Run + needs: build-cfs + runs-on: ubuntu-18.04 + + strategy: + fail-fast: false + matrix: + buildtype: [debug, release] + + # Set the type of machine to run on + env: + BUILDTYPE: ${{ matrix.buildtype }} + + steps: + # Checks out a copy of your repository on the ubuntu-latest machine + - name: Checkout code + uses: actions/checkout@v2 + with: + submodules: true + + # Setup the build system + - name: Copy sample_defs + run: | + cp ./cfe/cmake/Makefile.sample Makefile + cp -r ./cfe/cmake/sample_defs sample_defs + + # Setup the build system + - name: Make Install + run: make install + + - name: List cpu1 + run: ls build/exe/cpu1/ + + - name: Run cFS + run: | + ./core-cpu1 > cFS_startup_cpu1.txt & + sleep 30 + ../host/cmdUtil --endian=LE --pktid=0x1806 --cmdcode=2 --half=0x0002 + working-directory: ./build/exe/cpu1/ + + - name: Archive cFS Startup Artifacts + uses: actions/upload-artifact@v2 + with: + name: cFS-startup-log-deprecate-true-${{ matrix.buildtype }} + path: ./build/exe/cpu1/cFS_startup_cpu1.txt + + - name: Check for cFS Warnings + run: | + if [[ -n $(grep -i "warn\|err\|fail" cFS_startup_cpu1.txt) ]]; then + echo "Must resolve warn|err|fail in cFS startup before submitting a pull request" + echo "" + grep -i 'warn\|err\|fail' cFS_startup_cpu1.txt + exit -1 + fi + working-directory: ./build/exe/cpu1/ diff --git a/.github/workflows/build-documentation.yml b/.github/workflows/build-documentation.yml new file mode 100644 index 000000000..3ba6c8f0f --- /dev/null +++ b/.github/workflows/build-documentation.yml @@ -0,0 +1,239 @@ +name: Documentation and Guides + +# Run every time a new commit pushed to main or for pull requests +on: + push: + pull_request: + +env: + SIMULATION: native + +jobs: + #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. + checks-for-duplicates: + runs-on: ubuntu-latest + # Map a step output to a job output + outputs: + should_skip: ${{ steps.skip_check.outputs.should_skip }} + steps: + - id: skip_check + uses: fkirc/skip-duplicate-actions@master + with: + concurrent_skipping: 'same_content' + skip_after_successful_duplicate: 'true' + do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' + + build-docs: + #Continue if checks-for-duplicates found no duplicates. Always runs for pull-requests. + needs: checks-for-duplicates + if: ${{ needs.checks-for-duplicates.outputs.should_skip != 'true' }} + name: cFE Documentation + runs-on: ubuntu-18.04 + + steps: + - name: Install Dependencies + run: sudo apt-get install doxygen graphviz -y + + # Check out the cfs bundle + - name: Checkout code + uses: actions/checkout@v2 + with: + submodules: true + + # Prepare build "recipes" + - name: Copy Files + run: | + cp ./cfe/cmake/Makefile.sample Makefile + cp -r ./cfe/cmake/sample_defs sample_defs + + # Setup the build system + - name: Make Prep + run: make prep + + - name: Build Docs + run: | + make doc > make_doc_stdout.txt 2> make_doc_stderr.txt + + # Upload documentation logs as artifacts + - name: Archive Documentation Build Logs + uses: actions/upload-artifact@v2 + with: + name: cFS Docs Artifacts + path: | + make_doc_stdout.txt + make_doc_stderr.txt + + - name: Error Check + run: | + if [[ -s make_doc_stderr.txt ]]; then + cat make_doc_stderr.txt + exit -1 + fi + + build-usersguide: + # Name the Job + needs: checks-for-duplicates + if: ${{ needs.checks-for-duplicates.outputs.should_skip != 'true' }} + name: Users Guide + # Set the type of machine to run on + runs-on: ubuntu-18.04 + + steps: + # Checks out a copy of your repository on the ubuntu-latest machine + - name: Checkout code + uses: actions/checkout@v2 + with: + submodules: true + persist-credentials: false + + # Setup the build system + - name: Copy Files + run: | + cp ./cfe/cmake/Makefile.sample Makefile + cp -r ./cfe/cmake/sample_defs sample_defs + + # Setup the build system + - name: Make Prep + run: make prep + + - name: Install Dependencies + run: sudo apt-get install doxygen graphviz -y + + - name: Build Usersguide + run: | + make usersguide > make_usersguide_stdout.txt 2> make_usersguide_stderr.txt + mv build/doc/warnings.log usersguide_warnings.log + + - name: Archive Users Guide Build Logs + uses: actions/upload-artifact@v2 + with: + name: Users Guide Artifacts + path: | + make_usersguide_stdout.txt + make_usersguide_stderr.txt + usersguide_warnings.log + + + - name: Error Check + run: | + if [[ -s make_usersguide_stderr.txt ]]; then + cat make_usersguide_stderr.txt + exit -1 + fi + + - name: Warning Check + run: | + if [[ -s usersguide_warnings.log ]]; then + cat usersguide_warnings.log + exit -1 + fi + + - name: PDF generation installs + if: ${{ github.event_name == 'push' && contains(github.ref, 'main')}} + run: | + sudo apt-get install texlive-latex-base texlive-fonts-recommended texlive-fonts-extra texlive-latex-extra + + - name: PDF generation + if: ${{ github.event_name == 'push' && contains(github.ref, 'main')}} + run: | + set -x + mkdir deploy + cd ./build/doc/users_guide/latex + make > build.txt + mv refman.pdf $GITHUB_WORKSPACE/deploy/cFE_Users_Guide.pdf + # Could add pandoc and convert to github markdown + # pandoc CFE_Users_Guide.pdf -t gfm + + - name: Deploy + if: ${{ github.event_name == 'push' && contains(github.ref, 'main')}} + uses: JamesIves/github-pages-deploy-action@3.7.1 + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + BRANCH: gh-pages + FOLDER: deploy + CLEAN: false + SINGLE_COMMIT: true + + build-osalguide: + # Name the Job + needs: checks-for-duplicates + if: ${{ needs.checks-for-duplicates.outputs.should_skip != 'true' }} + name: Osal Guide + # Set the type of machine to run on + runs-on: ubuntu-18.04 + + steps: + # Checks out a copy of your repository on the ubuntu-latest machine + - name: Checkout code + uses: actions/checkout@v2 + with: + submodules: true + persist-credentials: false + + # Setup the build system + - name: Copy Files + run: | + cp ./cfe/cmake/Makefile.sample Makefile + cp -r ./cfe/cmake/sample_defs sample_defs + + # Setup the build system + - name: Make Prep + run: make prep + + - name: Install Dependencies + run: sudo apt-get install doxygen graphviz -y + + - name: Build OSAL Guide + run: | + make osalguide > make_osalguide_stdout.txt 2> make_osalguide_stderr.txt + mv build/doc/warnings.log osalguide_warnings.log + + + - name: Archive Osal Guide Build Logs + uses: actions/upload-artifact@v2 + with: + name: OSAL Guide Artifacts + path: | + make_osalguide_stdout.txt + make_osalguide_stderr.txt + osalguide_warnings.log + + + - name: Error Check + run: | + if [[ -s make_osalguide_stderr.txt ]]; then + cat make_osalguide_stderr.txt + exit -1 + fi + + - name: Warning Check + run: | + if [[ -s osalguide_warnings.log ]]; then + cat osalguide_warnings.log + exit -1 + fi + + - name: PDF generation installs + if: ${{ github.event_name == 'push' && contains(github.ref, 'main')}} + run: | + sudo apt-get install texlive-latex-base texlive-fonts-recommended texlive-fonts-extra texlive-latex-extra + + - name: PDF generation + if: ${{ github.event_name == 'push' && contains(github.ref, 'main')}} + run: | + mkdir deploy + cd ./build/doc/osalguide/latex + make > build.txt + mv refman.pdf $GITHUB_WORKSPACE/deploy/OSAL_Users_Guide.pdf + # Could add pandoc and convert to github markdown + # pandoc CFE_Users_Guide.pdf -t gfm + + - name: Deploy + if: ${{ github.event_name == 'push' && contains(github.ref, 'main')}} + uses: JamesIves/github-pages-deploy-action@3.7.1 + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + BRANCH: gh-pages + FOLDER: deploy + CLEAN: false + SINGLE_COMMIT: true diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml new file mode 100644 index 000000000..c14f1b73e --- /dev/null +++ b/.github/workflows/changelog.yml @@ -0,0 +1,34 @@ +name: Changelog + +# Controls when the action will run. +on: + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Run Changelog + uses: heinrichreimer/github-changelog-generator-action@v2.1.1 + with: + token: ${{ secrets.GITHUB_TOKEN }} + issuesLabel: "### Closed issues" + breakingLabel: "### Breaking changes" + enhancementLabel: "### Implemented enhancements" + bugsLabel: "### Fixed bugs" + deprecatedLabel: "### Deprecated" + removedLabel: "### Removed" + securityLabel: "### Security fixes" + pullRequests: false + author: false + + - name: "Upload changelog" + uses: actions/upload-artifact@v1.0.0 + with: + name: "Changelog" + path: CHANGELOG.md + \ No newline at end of file diff --git a/.github/workflows/codeql-build.yml b/.github/workflows/codeql-build.yml new file mode 100644 index 000000000..e52049a07 --- /dev/null +++ b/.github/workflows/codeql-build.yml @@ -0,0 +1,129 @@ +name: "CodeQL Analysis" + +on: + push: + pull_request: + branches: + - main + +env: + SIMULATION: native + ENABLE_UNIT_TESTS: true + OMIT_DEPRECATED: true + BUILDTYPE: release + +jobs: + #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. + check-for-duplicates: + runs-on: ubuntu-latest + # Map a step output to a job output + outputs: + should_skip: ${{ steps.skip_check.outputs.should_skip }} + steps: + - id: skip_check + uses: fkirc/skip-duplicate-actions@master + with: + concurrent_skipping: 'same_content' + skip_after_successful_duplicate: 'true' + do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' + + + CodeQL-Security-Build: + #Continue if check-for-duplicates found no duplicates. Always runs for pull-requests. + needs: check-for-duplicates + if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} + runs-on: ubuntu-18.04 + timeout-minutes: 15 + + steps: + # Checks out a copy of your repository + - name: Checkout code + if: ${{ !steps.skip-workflow.outputs.skip }} + uses: actions/checkout@v2 + with: + repository: nasa/cFS + submodules: true + + - name: Check versions + if: ${{ !steps.skip-workflow.outputs.skip }} + run: | + git log -1 --pretty=oneline + git submodule + + - name: Initialize CodeQL + if: ${{ !steps.skip-workflow.outputs.skip }} + uses: github/codeql-action/init@v1 + with: + languages: c + config-file: ./.github/codeql/codeql-security.yml + + # Setup the build system + - name: Copy sample_defs + if: ${{ !steps.skip-workflow.outputs.skip }} + run: | + cp ./cfe/cmake/Makefile.sample Makefile + cp -r ./cfe/cmake/sample_defs sample_defs + + # Setup the build system + - name: Make Install + if: ${{ !steps.skip-workflow.outputs.skip }} + run: make + + # Run CodeQL + - name: Perform CodeQL Analysis + if: ${{ !steps.skip-workflow.outputs.skip }} + uses: github/codeql-action/analyze@v1 + + CodeQL-Coding-Standard-Build: + #Continue if check-for-duplicates found no duplicates. Always runs for pull-requests. + needs: check-for-duplicates + if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} + runs-on: ubuntu-18.04 + timeout-minutes: 15 + + steps: + # Checks out a copy of your repository + - name: Checkout code + if: ${{ !steps.skip-workflow.outputs.skip }} + uses: actions/checkout@v2 + with: + repository: nasa/cFS + submodules: true + + - name: Check versions + if: ${{ !steps.skip-workflow.outputs.skip }} + run: | + git log -1 --pretty=oneline + git submodule + + - name: Checkout codeql code + if: ${{ !steps.skip-workflow.outputs.skip }} + uses: actions/checkout@v2 + with: + repository: github/codeql + submodules: true + path: codeql + + - name: Initialize CodeQL + if: ${{ !steps.skip-workflow.outputs.skip }} + uses: github/codeql-action/init@v1 + with: + languages: c + config-file: ./.github/codeql/codeql-coding-standard.yml + + # Setup the build system + - name: Copy sample_defs + if: ${{ !steps.skip-workflow.outputs.skip }} + run: | + cp ./cfe/cmake/Makefile.sample Makefile + cp -r ./cfe/cmake/sample_defs sample_defs + + # Setup the build system + - name: Make Install + if: ${{ !steps.skip-workflow.outputs.skip }} + run: make + + # Run CodeQL + - name: Perform CodeQL Analysis + if: ${{ !steps.skip-workflow.outputs.skip }} + uses: github/codeql-action/analyze@v1 diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml new file mode 100644 index 000000000..d7405dcf6 --- /dev/null +++ b/.github/workflows/static-analysis.yml @@ -0,0 +1,80 @@ +name: Static Analysis + +# Run this workflow every time a new commit pushed to your repository and for pull requests +on: + push: + pull_request: + +jobs: + #Checks for duplicate actions. Skips push actions if there is a matching or duplicate pull-request action. + check-for-duplicates: + runs-on: ubuntu-latest + # Map a step output to a job output + outputs: + should_skip: ${{ steps.skip_check.outputs.should_skip }} + steps: + - id: skip_check + uses: fkirc/skip-duplicate-actions@master + with: + concurrent_skipping: 'same_content' + skip_after_successful_duplicate: 'true' + do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]' + + static-analysis: + #Continue if check-for-duplicates found no duplicates. Always runs for pull-requests. + needs: check-for-duplicates + if: ${{ needs.check-for-duplicates.outputs.should_skip != 'true' }} + name: Run cppcheck + runs-on: ubuntu-18.04 + + strategy: + fail-fast: false + matrix: + cppcheck: [bundle, cfe, osal, psp] + + steps: + - name: Install cppcheck + run: sudo apt-get install cppcheck -y + + # Checks out a copy of the cfs bundle + - name: Checkout code + uses: actions/checkout@v2 + with: + submodules: true + + - name: Run bundle cppcheck + if: ${{matrix.cppcheck =='bundle'}} + run: cppcheck --force --inline-suppr --quiet . 2> ${{matrix.cppcheck}}_cppcheck_err.txt + + # Run strict static analysis for embedded portions of cfe, osal, and psp + - name: cfe strict cppcheck + if: ${{matrix.cppcheck =='cfe'}} + run: | + cd ${{matrix.cppcheck}} + cppcheck --force --inline-suppr --std=c99 --language=c --enable=warning,performance,portability,style --suppress=variableScope --inconclusive ./modules/core_api/fsw ./modules/core_private/fsw ./modules/es/fsw ./modules/evs/fsw ./modules/fs/fsw ./modules/msg/fsw ./modules/resourceid/fsw ./modules/sb/fsw ./modules/sbr/fsw ./modules/tbl/fsw ./modules/time/fsw -UCFE_PLATFORM_TIME_CFG_CLIENT -DCFE_PLATFORM_TIME_CFG_SERVER 2> ../${{matrix.cppcheck}}_cppcheck_err.txt + + - name: osal strict cppcheck + if: ${{matrix.cppcheck =='osal'}} + run: | + cd ${{matrix.cppcheck}} + cppcheck --force --inline-suppr --std=c99 --language=c --enable=warning,performance,portability,style --suppress=variableScope --inconclusive ./src/bsp ./src/os 2> ../${{matrix.cppcheck}}_cppcheck_err.txt + + - name: psp strict cppcheck + if: ${{matrix.cppcheck =='psp'}} + run: | + cd ${{matrix.cppcheck}} + cppcheck --force --inline-suppr --std=c99 --language=c --enable=warning,performance,portability,style --suppress=variableScope --inconclusive ./fsw 2> ../${{matrix.cppcheck}}_cppcheck_err.txt + + - name: Archive Static Analysis Artifacts + uses: actions/upload-artifact@v2 + with: + name: ${{matrix.cppcheck}}-cppcheck-err + path: ./*cppcheck_err.txt + + - name: Check for errors + run: | + if [[ -s ${{matrix.cppcheck}}_cppcheck_err.txt ]]; + then + cat ${{matrix.cppcheck}}_cppcheck_err.txt + exit -1 + fi diff --git a/.gitignore b/.gitignore index f54746608..88eb1da2d 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ Makefile build /sample_defs +.DS_Store diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 000000000..28ef5109b --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,35 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge +In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to make participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation. + +## Our Standards +Examples of behavior that contributes to creating a positive environment include: +* Using welcoming and inclusive language +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism +* Focusing on what is best for the community +* Showing empathy towards other community members + +Examples of unacceptable behavior by participants include: +* The use of sexualized language or imagery and unwelcome sexual attention or advances +* Trolling, insulting/derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others’ private information, such as a physical or electronic address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a professional setting + +## Our Responsibilities +Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful. + +## Scope +This Code of Conduct applies within all project spaces, and it also applies when an individual is representing the project or its community in public spaces. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers. + +## Enforcement +Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by [contacting the cFS Product Team](README.md#contact-the-cfs-product-team). All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project’s leadership. + +## Attribution +This Code of Conduct is adapted from the Contributor Covenant, version 1.4, available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 000000000..0cc78264a --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,346 @@ +# Core Flight System Contributing Guide + +So you'd like to contribute to cFS? Below are some guidelines for contributors to follow. Contributions come in all shapes and sizes. We appreciate your help with documentation, unit tests, framework code, continuous-integration, or simply reporting bugs and improvement ideas. We can't promise that we'll accept every suggestion or fix every bug in a timely manner but at the very least we'll respond to you. + +## Table of Contents +[Code of Conduct](#code-of-conduct) + +[Ways to Contribute](#ways-to-contribute) +* [Report Bugs](#report-bugs) +* [Feature Requests](#feature-requests) +* [Security Vulnerabilities](#security-vulnerabilities) +* [Pull Requests](#pull-requests) +* [Discussions and Questions](#discussions-and-questions) + +[Writing High-Quality Code](#writing-high-quality-code) + +[Quick Links to Submodules](#quick-links-to-submodules) + +## Code of Conduct + +This project and everyone participating in it is governed by the [cFS Code of Conduct](CODE_OF_CONDUCT.md). By participating, you are expected to uphold this code. Please report unacceptable behavior to the [product team](README.md#contact-the-cfs-product-team). + +## Ways to Contribute + +### Discussions and Questions + +For questions or help, submit a GitHub issue, [join the cfs community mailing list](README.md#join-the-mailing-list). + + +### Report Bugs + +#### Before Submitting a Bug +1. Perform a cursory search to see if the bug has already been reported. For issues in each submodule, visit the section [Quick Links to Submodules](#quick-links-to-submodules). If a bug has been reported and the issue is still open, add a comment to the existing issue instead of opening a new one. +2. Determine which repository the bug should be reported in. If you are not sure, place the [issue in NASA/cFS](https://github.com/nasa/cFS/issues/new?assignees=&labels=&template=bug_report.md&title=). + +#### Reporting a Bug + +If you run into a bug with the project: +1. Open an issue using the bug report template. +2. Describe the issue. +3. Describe the expected behavior if the bug did not occur. +4. Provide the reproduction steps that someone else can follow to recreate the bug or error on their own. +5. If applicable, add code snippets or references to the software. +6. Provide the system the bug was observed on including the hardware, operating system, and versions. +7. Provide any additional context if applicable. +8. Provide your full name or GitHub username and your company organization if applicable. + +#### Once a bug is submitted: +1. The project team will label the issue. +2. A team member will try to reproduce the issue with your provided steps. If the team is able to reproduce the issue, the issue will be left to be implemented by someone. + +### Feature Requests +#### Before Submitting a Feature Request +1. Review the cFS README.md file to see if your feature is in the major future work. +2. Perform a cursory search to see if the feature has already been requested. For issues in each submodule, visit the section [Quick Links to Submodules](#quick-links-to-submodules). If a feature request has been reported and the issue is still open, add a comment to the existing issue instead of opening a new one. +3. Determine which repository the feature should be reported in. If you are not sure, [place the issue in NASA/cFS](https://github.com/nasa/cFS/issues/new?assignees=&labels=&template=feature_request.md&title=). + +#### Submitting a Feature Request +1. Open an issue using the feature request template. +2. Describe the feature. +3. Describe the solution you would like. +4. Describe alternatives you've considered. +5. Provide any additional context if applicable. +6. Provide your full name or GitHub username and your company organization if applicable. + +#### Once a feature request is submitted: +1. The project team will label the issue. +2. The project team will evaluate the feature request, possibly asking you more questions to understand its purpose and any relevant requirements. If the issue is closed, the team will convey their reasoning and suggest an alternative path forward. +3. If the feature request is accepted, it will be marked for implementation. + +### Security Vulnerabilities +Please view our [Security Policy](https://github.com/nasa/cFS/security/policy) for more information. + +### Pull Requests +#### Ready to Add Your Code? + +Follow GitHub's fork-branch-pull request pattern. +1. Fork the relevant cFS component (eg. cfe, osal, psp). +2. Create a new branch in your fork to work on your fix. We recommend naming your branch `fix-ISSUE_NUMBER-`. +3. Submit a pull request to the nasa `main` branch. We recommend creating your pull-request as a "draft" and to commit early and often so the community can give you feedback at the beginning of the process as opposed to asking you to change hours of hard work at the end. +4. Add commits to your branch. For information on commit messages, review [How to Write a Git Commit Message](https://chris.beams.io/posts/git-commit/). Please follow commit message convention: +``` +Fix #XYZ, SHORT_DESCRIPTION + +LONG_DESCRIPTION (optional) +``` +5. Sign and email the appropriate Contributor License agreement down below to GSFC-SoftwareRelease@mail.nasa.gov and copy cfs-program@lists.nasa.gov. + - Corporate Contributor License agreement : https://github.com/nasa/cFE/blob/main/docs/GSC_18128_Corp_CLA_form_1219.pdf + - Individual Contributor License agreement : https://github.com/nasa/cFE/blob/main/docs/GSC_18128_Ind_CLA_form_1219.pdf + +#### Create a Pull Request +1. For the title, use the title convention `Fix #XYZ, SHORT_DESCRIPTION`. +2. Describe the contribution. First document which issue number was fixed using the template "Fix #XYZ". Then describe the contribution. +3. Provide what testing was used to confirm the pull request resolves the link issue. +4. Provide the expected behavior changes of the pull request. +5. Provide the system the bug was observed on including the hardware, operating system, and versions. +6. Provide any additional context if applicable. +7. Provide your full name or GitHub username and your company or organization if applicable. + +#### Once a Pull Request Ready for Review +1. Verify the commit message and PR title uses the template `Fix #XYZ, SHORT_DESCRIPTION`. For information on commit messages, review [How to Write a Git Commit Message](https://chris.beams.io/posts/git-commit/). The commit message may use the template: +``` +Fix #XYZ, SHORT_DESCRIPTION + +LONG_DESCRIPTION (optional) +``` +2. Verify there is one commit message per topic. For example, review the [provided pull request](https://github.com/nasa/cFE/pull/1203/commits). +3. Squash or amend the commit messages if necessary. For more information, review the sections [How to Squash Commits](#how-to-squash-commits) and [How to Amend Commits](#how-to-amend-commits) . +3. Verify that the PR passes all checks. +4. The project team will label the issue and evaluate the pull request in the weekly configuration control board (CCB) meeting. For more information, visit [The cFS CCB Process](https://github.com/nasa/cFS/wiki/The-cFS-CCB-Process). +5. If the pull request is accepted, it will be merged into cFS. + +#### How to Squash Commits + +##### Interactive Rebase + +1. Switch to the main branch and ensure you are up to date: +```sh +git checkout main && git pull +``` +2. Checkout your feature branch: +```sh +git merge feature_branch +``` +3. Use rebase to open the vi or other editor that lists the commits: +```sh +git rebase main -i +``` +4. A text editor will open with a file that lists all the commits in your branch, and in front of each commit is the word "pick". It looks something like this: +```sh +pick 1fc6c95 do something +pick 6b2481b do something else +pick dd1475d changed some things +pick c619268 fixing typos +``` +5. For every line except the first, you want to replace the word "pick" with the word "squash" or with "f". "squash" merges the commit into previous commit. "f" is like "squash", but discard this commit's log message. So, if you wish to skip the step where you have to update the commit message then use "f". To edit the first commit message, replace "pick" with "r". For example, it should look like this: +```sh +pick 1fc6c95 do something +squash 6b2481b do something else +squash dd1475d changed some things +squash c619268 fixing typos +``` +or +```sh +r 1fc6c95 do something +f 6b2481b do something else +f dd1475d changed some things +f c619268 fixing typos +``` +6. Save and close the file. If you used "pick" and "squash", a new file should pop up in your editor, combining all the commit messages of all the commits. Reword this commit message as you want, and then save and close that file as well. + +7. Push the commit: +```sh +git push --force +``` + +##### Soft Reset +Use the "soft" method with caution. Ensure that you reset back to the original baseline. If you have switched branches and pulled from the remote since starting the branch originally, you may inadvertently overwrite other changes. + +1. To tell Git to reset HEAD to another commit, so index and the working directory will not be altered in any way use a soft reset. All of the files changed between the original HEAD and the commit will be staged. To use a soft reset: +```sh +git reset --soft main +``` +2. Add all changes: +```sh +git add -A +``` +3. Add a commit message: +```sh +git commit -m "Fix #XYZ, SHORT_DESCRIPTION + +LONG_DESCRIPTION (optional)" +``` +4. Push the commit: +```sh +git push --force +``` + +##### Replace Branch +This method had no chances of inadvertently overwriting other stuff. + +1. Make a new branch with a new name at the current main: +```sh +git checkout -b "fix-ISSUE_NUMBER-". +``` +2. Merge: +```sh +git merge --squash ${old_branch} +``` +3. Test the result, then commit to write a new commit message summarizing the full change: +```sh +git commit +``` +4. Rename your new branch over your old branch to replace it: +```sh +git branch -m -f ${new_branch} ${old_branch} +``` +5. Push to GitHub: +```sh +git push --force +``` + +#### How to Amend Commits +1. To modify your last commit message: +```sh +git commit --amend +``` +2. The previous commit message will load an editor session, where you can make changes to the message, save those changes and exit. When you save and close the editor, the editor writes a new commit containing that updated commit message and makes it your new last commit. Push the new changes: +```sh +git push --force +``` + +1. To change the actual content of your last commit, stage those changes: +```sh +git add +``` +2. Amend the commit: +```sh +git commit --amend +``` +3. Now the last commit is replaced by your new and improved commit. Push the commit: +```sh +git push --force +``` + +## Writing High-Quality Code + +1. Follow cFS code conventions (formatting, symbol naming, file naming, etc). Do *not* change/reformat existing code, except to address your changes. + - The cFS submodules uses the Format Check workflow to ensure users follow the [clang-format-10](https://github.com/nasa/cFS/blob/main/.clang-format) style. For more information on how to use the Format Check workflow, view [Using GitHub Actions Workflows](#using-github-actions-workflows). + - The [cFS_IdentifierNamingConvention document](https://github.com/nasa/cFE/blob/main/docs/cFS_IdentifierNamingConvention.md) provides a simple naming convention guide for cFE/cFS for commands and telemetry that simplifies the EDS to ground telemetry and commands database conversion. + - The [cFE Application Developers Guide](https://github.com/nasa/cFE/blob/main/docs/cFE%20Application%20Developers%20Guide.md) contains code conventions such as naming conventions for header files. + +2. For any new API's, add unit tests to cover nominal and off-nominal conditions. + +3. Add/edit stubs to the unit test codebase for any new/modified functions. + +4. For any changes to existing API's, alter the unit tests to cover the changes (and remove tests made irrelevant due to your changes). + +5. Review the static code analyses results from the Static Analysis and CodeQL Analysis workflows. For more information on how to use these workflows, view [Using GitHub Actions Workflows](#using-github-actions-workflows). + - Push code changes to the appropriate forked repository. + - Go to the Actions tab and enable GitHub Actions Workflow. The CodeQL Analyis and Static Analysis will be triggered for all pushed code. + - Review these workflows for any warnings or errors. + - Once successful, create a pull request. + +### Using GitHub Actions Workflows + +Several of our GitHub Actions Workflows are used to ensure pushed code and pull requests do not break cFS, create vulnerabilities, and follow our code conventions. Other workflows are used for documentation purposes. + +Most of the workflows in the NASA/cFS repository will run for all branches when code is pushed and a pull request is created, except for the changelog workflow that runs manually. + +All of our workflows will be available for forked repositories once enabled. To enable workflows, navigate to the Actions tab and click "I understand my workflows, go ahead and enable them". + +#### View Failed Workflows + +1. Navigate to Actions in the selected repository. For newly forked repositories, enable workflows after clicking on Actions. +2. In the left sidebar, click the workflow you want to view. +3. From the list of workflow runs, click the name of the run you want to see. +4. Under Jobs or in the visualization graph, click the failed job. +5. Any failed steps are automatically expanded to display the results. + +#### View Workflow Results +1. Navigate to Actions in the selected repository. For newly forked repositories, enable workflows after clicking on Actions. +2. In the left sidebar, click the workflow you want to view. +3. From the list of workflow runs, click the name of the run you want to see. +4. Scroll to the bottom of the page and download the artifacts. For CodeQL results, navigate to the Security Tab and click Code scanning alerts. CodeQL results will only be avaiable on your forked repository. + +or + +1. In pull requests, click the Checks tab. +2. From the list of workflow runs, click the name of the run you want to see. +4. Scroll to the bottom of the page and download the artifacts. For CodeQL results, expand Code scanning alerts at the bottom of the list of checks and select CodeQL. + +#### Configure Workflows + +1. Workflows are under [.github/workflows](https://github.com/nasa/cFS/tree/main/). +2. Configure the files as needed. For more information on how to configure GitHub Actions, visit [Workflow syntax for GitHub Actions](https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions). + +#### Our Workflows + +Additional information on our GitHub Action Workflows can be found in our [Security Policy](https://github.com/nasa/cFS/security/policy). + +##### Format Check +[![Format Check](https://github.com/nasa/osal/actions/workflows/format-check.yml/badge.svg)](https://github.com/nasa/osal/actions/workflows/format-check.yml) + +This action uses clang-format-10 to check for format errors. + +##### CodeQL Analysis +[![CodeQL Analaysis](https://github.com/nasa/cfs/actions/workflows/codeql-build.yml/badge.svg)](https://github.com/nasa/cfs/actions/workflows/codeql-build.yml) + +This action runs GitHub's industry-leading static analysis engine, CodeQL, against our repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed in the repository's code scanning alerts found under the security tab. CodeQL runs an extensible set of [queries](https://github.com/github/codeql), which have been developed by the community and the [GitHub Security Lab](https://securitylab.github.com/) to find common vulnerabilities in your code. + +Our CodeQL action uses a configuration file to use specific queries, which can be found at [.github/codeql](https://github.com/nasa/cFS/tree/main/.github/codeql). + + +##### Static Analaysis +[![Static Analaysis](https://github.com/nasa/cfs/actions/workflows/static-analysis.yml/badge.svg)](https://github.com/nasa/cfs/actions/workflows/static-analysis.yml) + +This action runs a static analysis tool for C/C++ code known as cppcheck. Cppcheck is designed to be able to analyze C/C++ code even if it has non-standard syntax, which is common in embedded projects. + +##### Deprecated Build, Test, and Run +[![Deprecated Build, Test, and Run](https://github.com/nasa/cfs/actions/workflows/build-cfs-deprecated.yml/badge.svg)](https://github.com/nasa/cfs/actions/workflows/build-cfs-deprecated.yml) + +This action builds, tests, and runs the cFS bundle using deprecated code. + +##### Build, Test, and Run [OMIT_DEPRECATED=true] +[![Build, Test, and Run %5B OMIT_DEPRECATED=true %5B](https://github.com/nasa/cfs/actions/workflows/build-cfs.yml/badge.svg)](https://github.com/nasa/cfs/actions/workflows/build-cfs.yml) + +This action builds, tests, and runs the cFS bundle omitting deprecated code. + +##### Documentation and Guides +[![Documentation and Guides](https://github.com/nasa/cfs/actions/workflows/build-documentation.yml/badge.svg)](https://github.com/nasa/cfs/actions/workflows/build-documentation.yml) + +This action creates doxygen documents for cFE, cFS users guide, and osal guide. + +##### Changelog +[![Changelog](https://github.com/nasa/cfs/actions/workflows/changelog.yml/badge.svg)](https://github.com/nasa/cfs/actions/workflows/changelog.yml) + +This action creates a changelog file which documents all the issues in cFS. + +##### Local Unit Test +[![Local Unit Test](https://github.com/nasa/osal/actions/workflows/local_unit_test.yml/badge.svg)](https://github.com/nasa/osal/actions/workflows/local_unit_test.yml) + +This action tests our code using GCC's coverage testing tool gcov. + +## Quick Links to Submodules +Before you [report bugs](#report-bugs) or submit [feature requests](#feature-requests), search through the open issues in each submodule to ensure that your ticket is relevant, not redundant, nor in conflict with other tickets: +* [cFS Bundle Issues](https://github.com/nasa/cfs/issues) +* [cFE Issues](https://github.com/nasa/cfe/issues) +* [OSAL Issues](https://github.com/nasa/osal/issues) +* [PSP Issues](https://github.com/nasa/psp/issues) + +### Apps +* [ci_lab Issues](https://github.com/nasa/ci_lab/tree/296d12cde4f90d112d1578cb584ddae200a2d282) +* [sample_app Issues](https://github.com/nasa/sample_app/issues) +* [sample_lib Issues](https://github.com/nasa/sample_lib/issues) +* [sch_lab Issues](https://github.com/nasa/sch_lab/tree/882846bb778432c8780555b9d4bef45535584174) +* [to_lab Issues](https://github.com/nasa/to_lab/tree/031de3dde3f5265e98d7cd2bc154d93bee8520b0) + +### Tools +* [cFS-GroundSystem Issues](https://github.com/nasa/cFS-GroundSystem/issues) +* [elf2cfetbl Issues](https://github.com/nasa/elf2cfetbl/tree/6762b1c3b455665dae57e35f14a50fe327830391) +* [tblCRCTool Issues](https://github.com/nasa/tblCRCTool/tree/b02864ba56b12e00ab152225e3e8f9d6c039d48c) + +If your bug or feature hasn't been reported or requested before, create a new issue in the appropriate repository. If it you find a similar issue, please add a comment on it with your experience or input. + +Please ensure that your name is associated with your github profile before contributing. diff --git a/README.md b/README.md index d76a9e4d0..4ad57ca90 100644 --- a/README.md +++ b/README.md @@ -5,15 +5,18 @@ # Core Flight System - BUNDLE -The Core Flight System (cFS) is a generic flight software architcture framework used on flagship spacecraft, human spacecraft, cubesats, and Raspberry Pi. This repository is a bundle of submodules that make up the cFS framework. Note the "lab" apps are intended as examples only, and enable this bundle to build, execute, receive commands, and send telemetry. This is not a flight distribution, which is typically made up of the cFE, OSAL, PSP, and a selection of flight apps that correspond to specific mission requirements. +The Core Flight System (cFS) is a generic flight software architecture framework used on flagship spacecraft, human spacecraft, cubesats, and Raspberry Pi. This repository is a bundle of submodules that make up the cFS framework. Note the "lab" apps are intended as examples only, and enable this bundle to build, execute, receive commands, and send telemetry. This is not a flight distribution, which is typically made up of the cFE, OSAL, PSP, and a selection of flight apps that correspond to specific mission requirements. This bundle has not been fully verified as an operational system, and is provided as a starting point vs an end product. Testing of this bundle consists of building, executing, sending setup commands and verifying receipt of telemetry. Unit testing is also run, but extensive analysis is not performed. All verification and validation per mission requirements is the responsibility of the mission (although attempts are made in the cFS Framework to provide a testing framework to facilitate the process). The cFS Framework is a core subset of cFS. There are additional OSALs, PSPs, and tools as listed below available from a variety of sources. -## References to Auto-generated Documentation +## References Documentation - cFE User's Guide: https://github.com/nasa/cFS/blob/gh-pages/cFE_Users_Guide.pdf - OSAL User's Guide: https://github.com/nasa/cFS/blob/gh-pages/OSAL_Users_Guide.pdf + - cFE App Developer's Guide: https://github.com/nasa/cFE/blob/main/docs/cFE%20Application%20Developers%20Guide.md + - Training documentation: https://ntrs.nasa.gov/citations/20205000691 + - cFS Overview: https://cfs.gsfc.nasa.gov/cFS-OviewBGSlideDeck-ExportControl-Final.pdf ## Release Notes @@ -40,17 +43,28 @@ See related repositories for current open issues. ## Major future work +### Caelum (aka 7.0) Major release development plans (Targeting end of 2020 for release candidate) + - Certification framework with automated build verification tests of framework requirements - Executable on real/emulated/simulated/ or dockerized targets - - Add PSP coverage testing framework - - Add PSP and cFE functional testing framework for APIs - - Scrub OSAL coverage and functional tests + - Add PSP coverage testing framework (nasa/psp#184, nasa/psp#174) + - Add PSP and cFE functional testing framework for APIs (nasa/cfe#779) + - Scrub OSAL coverage and functional tests + - Scrub cFE coverage tests + - Add cFE API functional tests + - NOTE: Command verification pending tool open source release + - Documentation (updated traceability, APIs/ICDs, general update) + - Framework for mission customization of core services + - Header customization support (nasa/cFE#726) + - Remove deprecated code + - Cmd/Tlm structure scrub for alignment/padding/consistency + - Library query and reporting and ES resource management (nasa/cFE#28, nasa/cFE#797) + +### Other (may not make 7.0) - Open source automated build verification execution framework for emulated targets (likely docker based) - - Provide capability for mission customization of core services - Deployment quality of life improvements (configuration, transition to CMake source selection vs compiler directives) - Update OS support (VxWorks 7, RTEMS 5) - Time services refactor - - Documentation (updated traceability, APIs/ICDs, general update) - Symmetric multi-processing APIs - Electronic Data Sheet integration option and improvements to packet layouts for portability/consistency - Toolchain updates @@ -59,9 +73,19 @@ See related repositories for current open issues. For best results, submit issues:questions or issues:help wanted requests to this repo. -Official cFS page: http://cfs.gsfc.nasa.gov -Community email list subscription request: https://lists.nasa.gov/mailman/listinfo/cfs-community +### Join the mailing list + +To **subscribe to our mailing list,** send an email to cfs-community-join@lists.nasa.gov with the word *subscribe* in the subject line. + +The cfs-community mailing list includes cFS users and developers. The cFS Product Team also uses the mailing list to share information on current and future releases, bug findings and fixes, enhancement requests, community meetings, etc. + +If you'd like to unsubscribe, send an email with the word *unsubscribe* to cfs-community-leave@lists.nasa.gov. Mailing list requests are typically processed within 5 minutes. + +### Contact the cFS Product Team + +You can email the cFS Product Team at cfs-program@lists.nasa.gov to explore partnerships and other arrangements for in-depth support. + ## Setup @@ -98,7 +122,7 @@ Note: The steps above are for a debug, permissive mode build and includes deprec The cFS-GroundSystem tool can be used to send commands and receive telemetry. For details on using and setting up the Ground System, see the [Guide-GroundSystem](https://github.com/nasa/cFS-GroundSystem/blob/main/Guide-GroundSystem.md). Note it depends on PyQt5 and PyZMQ: 1. Install PyQt5 and PyZMQ on your system. Some systems may also require installing libcanberra-gtk-module. - + 2. Compile cmdUtil and start the ground system executable cd tools/cFS-GroundSystem/Subsystems/cmdUtil @@ -141,7 +165,7 @@ The following list is user submitted, and not CCB controlled. They are released - SCA: Stored Command Absolute application at https://github.com/nasa/SCA - SCH: Scheduler application at https://github.com/nasa/SCH - TO: Telemetry Output application at https://github.com/nasa/CFS_TO - - Skeleton App: A bare-bones application to which you can add your business logic at https://github.com/nasa/skeleton_app + - Skeleton App: A bare-bones application to which you can add your business logic at https://github.com/nasa/skeleton_app - Other Interfaces - SIL: Simulink Interface Layer at https://github.com/nasa/SIL - ECI: External Code Interface at https://github.com/nasa/ECI @@ -156,4 +180,4 @@ The following list is user submitted, and not CCB controlled. They are released - TBD - Other PSPs - TBD - + diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..97b27b98b --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,65 @@ +# Security Policy + +## Reporting a Vulnerability + +For general cFS vulnerabilities, please [open a cFS framework issue](https://github.com/nasa/cfs/issues/new/choose). Please use the "Bug Report" template and provide as much information as possible. Apply appropriate labels for each report. + +For security related vulnerabilities, follow the general cFS vulnerabilites instructions and tag the issue with the "security" label. + +## Security Reports + +To submit sensitive security reports or findings, [contact the cFS Product Team](README.md#contact-the-cfs-product-team). + +## Testing + +**Disclaimer: nasa/cFS is not responsible for any liability incurred as stated under the [Apache License 2.0](https://github.com/nasa/cFS/blob/main/LICENSE).** + +Testing is an important aspect our team values to improve the cFS bundle. Several tools are used for testing: + +### CodeQL + +The [cFS CodeQL GitHub Actions workflow](https://github.com/nasa/cFS/actions/workflows/codeql-build.yml) is available to the public. To review the results, fork the cFS repository and run the CodeQL workflow. + +CodeQL is ran for every push and pull-request on all branches of cFS in GitHub Actions. + +For the CodeQL GitHub Actions setup, visit https://github.com/github/codeql-action. + +### LGTM + +LGTM [results](https://lgtm.com/projects/g/nasa/cFS?mode=list) are available to the public. Since suppression comments are not used, many warnings and errors may not be accurate. Therefore, the results may contain false positives and other inapplicable warnings and errors. + +LGTM is ran for every pull-request on all branches of cFS. + +For more information about LGTM, visit https://lgtm.com/. + +### Cppcheck + +The [cFS Cppcheck GitHub Actions workflow and results](https://github.com/nasa/cFS/actions/workflows/static-analysis.yml) are available to the public. To view the results, select a workflow and download the artifacts. + +Cppcheck is ran for every push on the main branch and every pull request on all branches of cFS in Github Actions. + +For more information about Cppcheck, visit http://cppcheck.sourceforge.net/. + +### CodeSonar + +CodeSonar results are not available to the public. + +CodeSonar is typically ran on a “once per release” sort of schedule. + +For more information about CodeSonar, visit https://www.grammatech.com/codesonar-cc. + +### Fuzz Testing + +The application used to fuzz test cFS and its results are not available to the public. + +The latest version of cFS is fuzzed nightly using a continuous integration pipeline. + +For more information about AFL used by the Fuzzing cFS application, visit https://github.com/google/AFL. + +## Additional Support + +For additional support, submit a GitHub issue. + +You can also [join the cfs community mailing list](README.md#join-the-mailing-list) for technical discussions with cFS developers and users. + +If you wish to report a cybersecurity incident or concern, please contact the NASA Security Operations Center either by phone at 1-877-627-2732 or via email address soc@nasa.gov. diff --git a/apps/ci_lab b/apps/ci_lab index d305869fd..306216728 160000 --- a/apps/ci_lab +++ b/apps/ci_lab @@ -1 +1 @@ -Subproject commit d305869fde6123142e3d3442072b7273293e5c2b +Subproject commit 30621672863e99bf2d43488e566d60784bb4e715 diff --git a/apps/sample_app b/apps/sample_app index c1348d6fc..1c32ed48c 160000 --- a/apps/sample_app +++ b/apps/sample_app @@ -1 +1 @@ -Subproject commit c1348d6fcb7f911396c9928a1779ddad6fe0c339 +Subproject commit 1c32ed48ca358a3fdd55f1bdc9ae0dda61a4f4f7 diff --git a/apps/sample_lib b/apps/sample_lib index ce70d3d90..12c82b585 160000 --- a/apps/sample_lib +++ b/apps/sample_lib @@ -1 +1 @@ -Subproject commit ce70d3d90943abeeac1ece23e6cf4bae1b217d4b +Subproject commit 12c82b58595fe92dad2f110bf1996dc6832c52b9 diff --git a/apps/sch_lab b/apps/sch_lab index 450075fb1..4a1b72e5a 160000 --- a/apps/sch_lab +++ b/apps/sch_lab @@ -1 +1 @@ -Subproject commit 450075fb1414c3104b7efad18d9fcd596d1d38bf +Subproject commit 4a1b72e5a3092369b49d5c65f325bc48e1f7f832 diff --git a/apps/to_lab b/apps/to_lab index d4a78baae..17e4fccf6 160000 --- a/apps/to_lab +++ b/apps/to_lab @@ -1 +1 @@ -Subproject commit d4a78baaecd8aa5863b67393f55b49d328b4cf22 +Subproject commit 17e4fccf6658a82af01e7b6a03fdca48cfd8c81a diff --git a/cfe b/cfe index 5ac3f0a02..176e3df03 160000 --- a/cfe +++ b/cfe @@ -1 +1 @@ -Subproject commit 5ac3f0a02038b82894c1803339f92b294ae9f0b7 +Subproject commit 176e3df03f54f7753cb34beb3e986202604d6cef diff --git a/osal b/osal index 8cfd6fe71..677605094 160000 --- a/osal +++ b/osal @@ -1 +1 @@ -Subproject commit 8cfd6fe71a5506be8e463f26d92441785fd3e242 +Subproject commit 677605094498564928f1ce334a1571e30bc9171c diff --git a/psp b/psp index 3f63a42cd..efef92127 160000 --- a/psp +++ b/psp @@ -1 +1 @@ -Subproject commit 3f63a42cd76f370c6ed08cb265acef45ee92d82d +Subproject commit efef92127a4f26945ad6cb256dd7a0a17b9b3568 diff --git a/tools/cFS-GroundSystem b/tools/cFS-GroundSystem index 5e879b9f9..24f625b66 160000 --- a/tools/cFS-GroundSystem +++ b/tools/cFS-GroundSystem @@ -1 +1 @@ -Subproject commit 5e879b9f9eb4dad353e615449d3baacb8b7fde9b +Subproject commit 24f625b6610f1f2461244111b6e973b63a710dbe diff --git a/tools/elf2cfetbl b/tools/elf2cfetbl index 7a3d1cab6..858a176f0 160000 --- a/tools/elf2cfetbl +++ b/tools/elf2cfetbl @@ -1 +1 @@ -Subproject commit 7a3d1cab61de365fbc8ff969c6930701220f9578 +Subproject commit 858a176f05db108bc985613309481214df076e95 diff --git a/tools/tblCRCTool b/tools/tblCRCTool index 1b82c5515..9761ab512 160000 --- a/tools/tblCRCTool +++ b/tools/tblCRCTool @@ -1 +1 @@ -Subproject commit 1b82c551579d4c01f2225b7cda0a0de34cc5e46d +Subproject commit 9761ab51264ee6bff859a2e3a7adace67fa27328