Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add nightly #6826

Closed
wants to merge 138 commits into from
Closed

Add nightly #6826

Show file tree
Hide file tree
Changes from 105 commits
Commits
Show all changes
138 commits
Select commit Hold shift + click to select a range
63bef1a
Add CodeSonar to the workflows
markhermeling Aug 2, 2023
ef958b2
Update codesonar.yaml
markhermeling Aug 2, 2023
309d164
Create github.cert.pem
markhermeling Aug 2, 2023
adb4f2d
Delete async.yml
markhermeling Aug 2, 2023
d5913be
Remove non-CodeSonar workflows
markhermeling Aug 2, 2023
013a385
Merge pull request #1 from markhermeling/markhermeling-patch-1
markhermeling Aug 2, 2023
e4a2da9
Small change in workflow
markhermeling Aug 2, 2023
ad549f7
Fix access to the CodeSonar conf-file
markhermeling Aug 2, 2023
5a58441
Merge pull request #2 from markhermeling/feature/Add_CodeSonar_workflow
markhermeling Aug 2, 2023
e7881a9
Merge remote-tracking branch 'upstream/master' into feature/main-merge
markhermeling Aug 7, 2023
32a138d
Merge pull request #3 from markhermeling:feature/main-merge
markhermeling Aug 7, 2023
297c292
Merge 'upstream/master' into feature/merge-230811
markhermeling Aug 11, 2023
d4b15fa
Remove warning class
markhermeling Aug 11, 2023
3c5b8d1
Merge pull request #5 from markhermeling/feature/merge-230811
markhermeling Aug 11, 2023
6627011
Merge 'upstream/master' - 20230831
markhermeling Aug 31, 2023
759b017
Merge remote-tracking branch 'upstream/master' into feature/upstream-…
markhermeling Sep 5, 2023
8f9453d
Merge pull request #9 from markhermeling/feature/upstream-20230905
markhermeling Sep 6, 2023
13680f0
Curve25519/Ed25519: align buffers
SparkiDev Sep 4, 2023
d0d1f4d
Thumb2 Curve25519 ASM: add versions that don't use umaal
SparkiDev Sep 7, 2023
ddea9bf
Merge branch 'curve25519_thumb2_2' into feature/upstream-20230905
markhermeling Sep 7, 2023
fe86854
Change Root Project path to OSS
markhermeling Sep 7, 2023
b9058a4
Change property name
markhermeling Sep 7, 2023
05a9c77
Merge pull request #11 from markhermeling/feature/move-CodeSonar-Project
markhermeling Sep 7, 2023
35b3fc9
Merge remote-tracking branch 'SparkiDev/curve25519_thumb2_2' into fea…
markhermeling Sep 8, 2023
8a77a21
Merge pull request #10 from markhermeling/feature/upstream-20230905
markhermeling Sep 8, 2023
fd67caa
Merge remote-tracking branch 'upstream/master' into feature/merge-ups…
markhermeling Sep 11, 2023
a64fe26
Changes to switch to ci script
markhermeling Sep 11, 2023
7b71d35
small change
markhermeling Sep 12, 2023
c0515b6
Fix variable name
markhermeling Sep 12, 2023
3addb02
Fix another var
markhermeling Sep 12, 2023
18e3a8f
Change conf file name
markhermeling Sep 12, 2023
2da0832
*SIGH*
markhermeling Sep 12, 2023
460d917
Merge pull request #12 from markhermeling/feature/merge-upstream-2023…
markhermeling Sep 12, 2023
5239fdb
Merge pull request #13 from markhermeling/feature/ci-simplification
markhermeling Sep 12, 2023
7d01477
Merge remote-tracking branch 'upstream/master' into feature/upstream-…
markhermeling Sep 21, 2023
0833d57
FIx the yaml file (ngx -> wolfssl)
markhermeling Sep 21, 2023
45a413d
Merge pull request #15 from markhermeling/feature/upstream-merge-2023…
markhermeling Sep 21, 2023
161e42d
Start of a workflow that mergers from master
markhermelinggt Sep 27, 2023
3745837
Syntax error
markhermelinggt Sep 27, 2023
6fb4692
Update name
markhermelinggt Sep 27, 2023
183dd15
Spaces
markhermelinggt Sep 27, 2023
d1772c1
Remove COdeSonar for now
markhermelinggt Sep 27, 2023
75e4533
Add push
markhermelinggt Sep 27, 2023
9b04dd8
Changes
markhermelinggt Sep 27, 2023
f6161b2
Change to run at one time slot and merge
markhermelinggt Sep 28, 2023
ad89558
Name change only
markhermelinggt Sep 28, 2023
6000a98
Name change
markhermelinggt Sep 28, 2023
d8c82ee
Change time
markhermelinggt Sep 28, 2023
952538a
UTC?
markhermelinggt Sep 28, 2023
b74b86e
Run every hour
markhermelinggt Sep 28, 2023
ef37323
25
markhermelinggt Sep 28, 2023
656c3d4
Branch indication
markhermelinggt Sep 28, 2023
ac25800
30
markhermelinggt Sep 28, 2023
d39c686
Merge remote-tracking branch 'upstream/nightly-snapshot' into release…
markhermelinggt Oct 1, 2023
a874698
Add nightly
markhermelinggt Oct 2, 2023
e9598ec
Add codesonar config file
markhermelinggt Oct 2, 2023
bbc492a
Trigger build
markhermelinggt Oct 2, 2023
d606d11
Trigger build2
markhermelinggt Oct 2, 2023
36ce8d8
trigger3
markhermelinggt Oct 2, 2023
a4c5e77
Trigger4
markhermelinggt Oct 2, 2023
d41af13
Trigger5
markhermelinggt Oct 2, 2023
68b2552
Fix for pwd
markhermelinggt Oct 2, 2023
3ddc8db
Update to run on push as well as once per day
markhermelinggt Oct 2, 2023
9926bc9
Add commit hash and make the variables CI system agnostic
markhermelinggt Oct 3, 2023
a2cb824
testing new commit ID and more generic var names
markhermelinggt Oct 3, 2023
01f2d64
Run on pull request to daily
markhermelinggt Oct 3, 2023
0fc0de8
Change var name
markhermelinggt Oct 3, 2023
ae74083
Fixed commit hash
markhermelinggt Oct 3, 2023
197e88f
Merge pull request #18 from markhermeling/feature/add-commit-id
markhermeling Oct 4, 2023
26ca188
Merge remote-tracking branch 'upstream/nightly-snapshot' into release…
markhermelinggt Oct 4, 2023
709c1bb
Add push and stable conf
markhermelinggt Oct 4, 2023
5cab864
Add stable_results and thorough
markhermelinggt Oct 4, 2023
02c3e5c
Merge from upstream/nightly
markhermeling Oct 4, 2023
a496f2a
Merge pull request #19 from markhermeling/feature/add-push-and-stable…
markhermeling Oct 4, 2023
cdbeb01
Merge from upstream/nightly
markhermeling Oct 4, 2023
bdbce47
buid -> build
markhermelinggt Oct 4, 2023
ab03f41
Merge from upstream/nightly
markhermeling Oct 4, 2023
7cad921
Merge from upstream/nightly
markhermeling Oct 4, 2023
5570291
Merge from upstream/nightly
markhermeling Oct 4, 2023
8c6ea55
Move to WolfSSL-Projects
markhermelinggt Oct 4, 2023
9bce1ac
Merge from upstream/nightly
markhermeling Oct 4, 2023
2e9fc07
Merge from upstream/nightly
markhermeling Oct 4, 2023
3d4d263
Fix environment var
markhermelinggt Oct 5, 2023
2bcbec0
Merge from upstream/nightly
markhermeling Oct 5, 2023
45fad4b
Fix path in the final bit
markhermelinggt Oct 5, 2023
c8d808c
Add upload
markhermelinggt Oct 5, 2023
f76bed2
Use merge upstream action
markhermelinggt Oct 5, 2023
ea90a52
Rerun
markhermelinggt Oct 5, 2023
8c3bddd
Push again
markhermelinggt Oct 5, 2023
37b0480
Fix ownership
markhermelinggt Oct 5, 2023
a30353d
Remove .git
markhermelinggt Oct 5, 2023
81d9576
Remove url
markhermelinggt Oct 5, 2023
34b4725
Merge remote-tracking branch 'upstream/nightly-snapshot' into release…
markhermelinggt Oct 5, 2023
bdbe780
merge from upstream
markhermelinggt Oct 5, 2023
634976e
Merge from upstream/nightly
markhermeling Oct 5, 2023
45f8b84
Merge from upstream/nightly
markhermeling Oct 5, 2023
2a0b5d6
Go back to codesonar-ci main branch
markhermelinggt Oct 5, 2023
582eaf2
Branch change
markhermelinggt Oct 5, 2023
cf1c1e4
Merge branch 'release/daily' into feature/add-push-and-stable-conf
markhermeling Oct 5, 2023
13cce0b
Merge pull request #20 from markhermeling/feature/add-push-and-stable…
markhermeling Oct 5, 2023
b60d500
Remove everyMerge.yaml
markhermelinggt Oct 5, 2023
71a910b
Remove merge from this script
markhermelinggt Oct 5, 2023
37e947b
Merge script
markhermelinggt Oct 5, 2023
db7be95
Fix to reporting
markhermelinggt Oct 5, 2023
b4fa045
Small typo
markhermelinggt Oct 5, 2023
4c1f4b0
Forgot authentication
markhermelinggt Oct 5, 2023
705b1a9
typo
markhermelinggt Oct 6, 2023
25974af
Try to automatically merge from daily
markhermelinggt Oct 6, 2023
a20c1ee
yaml fixes
markhermelinggt Oct 6, 2023
555ab64
Rename
markhermelinggt Oct 6, 2023
e21f7cc
Wrong cron time
markhermelinggt Oct 6, 2023
46b9fa7
run on self-hosted
markhermelinggt Oct 6, 2023
5e95917
Manual trigger
markhermelinggt Oct 6, 2023
7a6c971
Back to schedule. Manual only works on default branch
markhermelinggt Oct 6, 2023
d5fd1f8
Merge remote-tracking branch 'upstream/nightly-snapshot' into release…
markhermelinggt Oct 6, 2023
44bc822
Merge branch 'release/daily' of https://github.com/markhermeling/wolf…
markhermelinggt Oct 6, 2023
39297eb
Remove trigger on push/pr
markhermelinggt Oct 8, 2023
d06d452
Merge branch 'release/daily' of https://github.com/markhermeling/wolf…
markhermelinggt Oct 8, 2023
f6b6796
Switch to 10 mins
markhermelinggt Oct 8, 2023
7828a54
Change job name in daily.yaml
markhermeling Oct 8, 2023
abd0b48
Merge branch 'release/daily' of https://github.com/markhermeling/wolf…
markhermelinggt Oct 8, 2023
ba8300a
Merge from nightly-snapshot
markhermelinggt Oct 12, 2023
b3d9564
Update daily.yaml
markhermeling Oct 12, 2023
69f0c06
Merge from nightly-snapshot
markhermelinggt Oct 13, 2023
0e9b751
Merge from nightly-snapshot
markhermelinggt Oct 17, 2023
05b86de
Merge from nightly-snapshot
markhermelinggt Oct 24, 2023
1af8f23
Turn on prioritization on daily + thorough
markhermelinggt Oct 25, 2023
ffe93af
Merge from nightly-snapshot
markhermelinggt Oct 25, 2023
b5657dd
Some priority changes as requested
markhermelinggt Oct 25, 2023
ecca6cb
Merge branch 'release/daily' of https://github.com/markhermeling/wolf…
markhermelinggt Oct 25, 2023
e9bf294
Remove thorough
markhermelinggt Oct 25, 2023
33160a1
Add emailing of stuff
markhermelinggt Oct 25, 2023
81d68ed
Add pulling for the report
markhermelinggt Oct 25, 2023
88d675a
Remove merge.yml
markhermelinggt Oct 25, 2023
96c9f67
Move pwfile cleanup later
markhermelinggt Oct 25, 2023
f237659
Merge pull request #22 from markhermeling/feature/mail-integration
markhermeling Oct 26, 2023
7f12911
Merge from nightly-snapshot
markhermelinggt Oct 29, 2023
a9049f4
Merge from nightly-snapshot
markhermelinggt Oct 30, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 22 additions & 0 deletions .github/github.cert.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
-----BEGIN CERTIFICATE-----
MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
-----END CERTIFICATE-----
61 changes: 61 additions & 0 deletions .github/workflows/daily.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
name: Daily Merge and CodeSonar run
on:
push:
branches:
- release/daily
pull_request:
branches:
- 'release/daily'
schedule:
- cron: '17 2 * * *'

jobs:
Daily_Merge_and_CodeSonar_Analyze:
permissions: write-all
runs-on: self-hosted
container:
image: canuckmh/wolfssl-cso-builder:7.4p0
credentials:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
env:
CAFILE: ".github/github.cert.pem"
TOKEN: "${{ secrets.GITHUB_TOKEN }}"
API_URL: https://api.github.com
REQUEST_NUMBER: ${{ github.event.pull_request.number }}
ROOT_TREE: "WolfSSL-Projects/WolfSSL-GitHub"
PROJECT_NAME: "wolfssl"
BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
COMMIT_HASH: $GITHUB_SHA
CSONAR_HUB_URL: "https://partnerdemo.codesonar.com"
CSONAR_HUB_USER: "${{ secrets.CSONAR_HUB_USER }}"
CSONAR_HUB_PASSWORD: "${{ secrets.CSONAR_HUB_PASS }}"
CSONAR_CSHOME: /opt/codesonar
CSO_GITHUB: /opt/codesonar-github
REPO_URL: "http://github.com/markhermeling/wolfssl" # the github.repositoryUrl is not an http-link.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With this setup would this test have a dependency on the forked wolfssl repository?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It does not. It merges from daily-snapshot into my own fork and runs the analysis there. I figured the separation would be nice.

TARGET: ${{ github.base_ref }}
IS_PR: ${{ github.event_name }}
steps:
- name: Set parallelism and project name
run: |
echo "PARALLEL=`nproc`" >> $GITHUB_ENV
- name: Checkout
uses: actions/checkout@v3
- name: Fix ownership warning
run: git config --global --add safe.directory /__w/wolfssl/wolfssl
- name : configure
run: ./autogen.sh ; ./configure --enable-all
- name: Checkout CodeSonar CI-Script
uses: actions/checkout@v4
with:
repository: CodeSecure-SE/codesonar_ci
path: codesonar-scripts
- name: Build and Analyze
run: python3 codesonar-scripts/build_and_analyze.py codesonar.conf make -j $PARALLEL
- name: Download results
run: $CSONAR_CSHOME/codesonar/bin/codesonar dump_warnings.py --project-file $PROJECT_NAME.prj --hub $CSONAR_HUB_URL --gained-since-previous-analysis --sarif --sarif-detail brief -o diff.sarif
- name: Upload artefact
uses: actions/upload-artifact@v3
with:
name: SARIF results summary
path: diff.sarif
23 changes: 23 additions & 0 deletions .github/workflows/merge.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
name: Daily Merge from upstream/daily-snapshot
on:
workflow_dispatch:

schedule:
- cron: '47 1 * * *'

jobs:
merge-upstream:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
ref: release/daily
fetch-depth: 0
- name: Merge Upstream
uses: exions/merge-upstream@v1
with:
upstream: wolfssl/wolfssl
upstream-branch: daily-snapshot
branch: release/daily

39 changes: 39 additions & 0 deletions codesonar.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
#CodeSonar configuration file

#The following is from stable_results preset:
GLOBAL_FUNCTION_POINTER_MODE = context_sensitive
GLOBAL_TAINT_MODE = context_sensitive
TAINT_PLUS_DP_REFINEMENT_TIMEOUT = 30
RELAXED_TOPDOWN_FUNCPTR_RESOLUTION = No

#the following is from thorough preset:
SEARCH_BOUND = 300
TAINT_SEARCH_BOUND = 300
PATH_FINDING_EFFORT = 2000
PATH_SHORTENING_EFFORT = 300
MAX_ATTEMPTED_SIMILAR_PATHS = 16
TAINT_MAX_ATTEMPTED_SIMILAR_PATHS = 16
MAX_SUMMARIES_PER_PROCEDURE = 7
MAX_MODIFIED_VALUES = 150
TAINT_MAX_MODIFIED_VALUES = 150
MAX_CHECKED_INPUTS_PER_PROCEDURE = 100
TAINT_MAX_CHECKED_INPUTS_PER_PROCEDURE = 100
MAX_CHECKS_PER_INPUT = 30
MAX_GLOBAL_CHECK_AGE = 2
MAX_CHECK_COMPLEXITY = 40
MAX_EXPRESSION_COMPLEXITY = 48
TAINT_MAX_EXPRESSION_COMPLEXITY = 80
TAINT_MAX_SET_CARDINALITY = 20
TIME_LIMIT_INTRA_EXPLORE = 600
TIME_LIMIT_INTRA_CLASSIFY = 600
TIME_LIMIT_INTER_CLASSIFY = 600
TIME_LIMIT_RESOLVE = 600
TIME_LIMIT_REFINE = 600
TIME_LIMIT_LEAK_CLASSIFY = 600
TIME_LIMIT_LEAK_REFINE = 600
TIME_LIMIT_PROP_EXHAUSTIVE = 600
REPORT_IMPLIED_INEQUALITY = Yes
TAINT_CALLSITE_EXPANSION_EFFORT = 3000
DP_REFINEMENT_EXACT_TIMEOUT = 20
DP_REFINEMENT_APPROXIMATE_TIMEOUT = 20
TAINT_PLUS_DP_REFINEMENT_TIMEOUT = 40