diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b0f9538..07e64a3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,6 +2,8 @@ name: CI on: push: + paths-ignore: + - 'README.md' workflow_dispatch: schedule: - cron: '20 16 * * *' @@ -17,11 +19,6 @@ jobs: name: Build tutorial runs-on: ubuntu-24.04 container: ghcr.io/iarsystems/arm - permissions: - security-events: write - actions: read - contents: read - packages: read steps: - name: Checkout project uses: actions/checkout@v4 @@ -33,15 +30,3 @@ jobs: - name: CMake - Build working-directory: tutorial run: cmake --build build --verbose - - - name: IAR C-STAT Static Analysis - working-directory: tutorial - run: | - ichecks --all --output build/checks.manifest - icstat --checks build/checks.manifest --db build/cstat.db --sarif_dir build analyze -- iccarm tutorial.c - - - name: Upload SARIF - uses: github/codeql-action/upload-sarif@v3 - with: - sarif_file: tutorial/build/tutorial.c.sarif - category: cstat-analysis diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..1331d4d --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,41 @@ +name: Code Analysis + +on: + push: + paths-ignore: + - 'README.md' + workflow_dispatch: + schedule: + - cron: '30 16 * * *' + +# Set a new GitHub Actions Secret named IAR_LMS_BEARER_TOKEN +# for your repository. The secret is then propagated to an +# Environment variable used for all jobs within this workflow +env: + IAR_LMS_BEARER_TOKEN: ${{ secrets.IAR_LMS_BEARER_TOKEN }} + +jobs: + tutorial: + name: Analyze tutorial + runs-on: ubuntu-24.04 + container: ghcr.io/iarsystems/arm + permissions: + security-events: write + actions: read + contents: read + packages: read + steps: + - name: Checkout project + uses: actions/checkout@v4 + + - name: IAR C-STAT Static Analysis + working-directory: tutorial + run: | + ichecks --all --output checks.manifest + icstat --checks checks.manifest --db cstat.db --sarif_dir . analyze -- iccarm tutorial.c + + - name: Upload SARIF + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: tutorial/tutorial.c.sarif + category: cstat-analysis diff --git a/README.md b/README.md index e788ffb..7c2522c 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Building CMake projects with IAR -[![CI](https://github.com/iarsystems/cmake-tutorial/actions/workflows/ci.yml/badge.svg)](https://github.com/iarsystems/cmake-tutorial/actions/workflows/ci.yml) +[![CI](https://github.com/iarsystems/cmake-tutorial/actions/workflows/ci.yml/badge.svg)](https://github.com/iarsystems/cmake-tutorial/actions/workflows/ci.yml) [![Code Analysis](https://github.com/iarsystems/cmake-tutorial/actions/workflows/codeql.yml/badge.svg)](https://github.com/iarsystems/cmake-tutorial/actions/workflows/codeql.yml) CMake is an open-source, cross-platform family of tools maintained and supported by Kitware. Among its many features, it essentially provides [Makefile Generators](https://cmake.org/cmake/help/latest/manual/cmake-generators.7.html#id11) and [Ninja Generators](https://cmake.org/cmake/help/latest/manual/cmake-generators.7.html#id12) which compose scripts for cross-compiling C/C++ embedded software projects based on one or more `CMakeLists.txt` configuration files.