Skip to content

CI/CD & Open Source Housekeeping #41

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
lcarcaramo merged 38 commits into from
May 1, 2025
Merged

CI/CD & Open Source Housekeeping #41

lcarcaramo merged 38 commits into from
May 1, 2025

Conversation

@lcarcaramo
Copy link
Member

@lcarcaramo lcarcaramo commented May 1, 2025

💡 Issue Reference

Issue: fixes #3 #8

💻 What does this address?

  • Remind contributors of the DCO signoff requirement for commits in the pull request template since it is easy to overlook.
  • Add GitHub Actions workflows for the following:
    • clang-format (for C/C++ linting)
    • cppcheck (for static code analysis)
    • fuzz (using LibFuzzer, which is part of LLVM)
    • ruff (for Python linting)
    • test (for unit testing)
  • Create Jenkinsfile to run cppcheck, unit tests, and publish the Python distributions of RACFu as GitHub releases (Publishing to PyPi will still need to be manual).
  • The Jenkinsfile also handles getting the correct versions of OpenSSL and ZOSLIB from zopen community since they are now build dependencies required for certificate management.
  • Makefile has been updated to set up explicit compatibility for Linux and Mac (there are some differences) for the purposes of running unit test and other development tasks.
  • LLVM LibFuzzer can new be run using make fuzz.
  • clang-format to lint C/C++ linting can be run using make lint
  • Update JSON for Modern C++ and Unity to the latest available versions.
  • ruff linting rules have been provided by @EmmasBox.
  • Python code style fixes based ruff complaints.
  • Fixes related to LibFuzzer complaints.
    • Require a length for the request JSON to be passed to racfu(). Assuming that the request JSON provided is null terminated string can lead to buffer overflow issues.
    • Pass the length of the result JSON back to callers of racfu() in the racfu_result_t struct. The caller should not automatically assume that the result JSON is a null terminated string. RACFu now provides the length explicitly, which is more robust.
    • Ensure that all memory preserved and returned to the caller is allocated using new. The reason for this is because if there is a mismatch between what is used to allocate and free memory, this results in undefined behavior. Now, memory that gets preserved for the caller is allocated using new and is freed later using delete to avoid undefined behavior.
  • Add a security policy instructing users to use GitHub's Report a Vulnerability to report vulnerabilities.
  • Use a mutex in python/_racfu.c to make the Python distribution of RACFu thread safe. Technically, the GIL prevents true multi-threading in Python, but this has been added to be safe.

📋 Is there a test case?

See GitHub Actions workflows.

A Python wheel was also built and test installed to ensure everything works.

lcarcaramo and others added 30 commits April 18, 2025 09:24
@lcarcaramo
Add Jenkinsfile and security policy.
1c8d318 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Fix publish stage.
f920f7b 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Fix publish stage.
ec83cf4 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Generate sha256 checksums.
a1bd218 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Fix checksum generation and upload.
6619551 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Fix checksum generation and upload.
050202f 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Add GitHub Actions & cleanup checksums file.
a5292ea 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Debug GitHub actions workflows.
5a34298 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Debug workflows.
ca066be 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Try to install clang-format 20 in workflow.
14eb8eb 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Debug clang-format.
867d5ea 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Debug clang-format.
13edace 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Debug clang-format.
dc560ec 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Debug clang-format.
aebbbe7 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Add build badges.
ac6bead 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Merge branch 'dev' into feat/cicd-oss-housekeeping
54ffbb6
@lcarcaramo
Python cleanup & add Ruff linter.
cbc4aa8 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Fix ruff workflow
5ca5b6f 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Python style fixes.
8329da8 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Fuzzing, thread safety, update libraries.
ed8f138 
Signed-off-by: Leonard Carcaramo <[email protected]>
@ElijahSwiftIBM
Merge pull request #31 from ambitus/dev
d9d73fc 
Intgerate into main
@lcarcaramo
Fuzzing fixes.
61c4809 
Signed-off-by: Leonard Carcaramo <[email protected]>
@EmmasBox
Fix DCO
0001d5d
@EmmasBox
Removed template leftover
216ad8e
@EmmasBox
fix past_commits.txt
e8e491d 
Signed-off-by: Emma S. <[email protected]>
@EmmasBox
Fixed DCO (finally)
84b51db 
Signed-off-by: Emma S. <[email protected]>
@lcarcaramo
Merge pull request #36 from EmmasBox/main
0e53be2 
Fix DCO thingy
@EmmasBox
Configured Ruff for more aggressive linting and excluded folders with…
e96793a 
…out python code

Signed-off-by: Emma S. <[email protected]>
@lcarcaramo
Merge pull request #37 from EmmasBox/feat/cicd-oss-housekeeping
aff5e85 
Configured Ruff for more aggressive linting and excluded folders with…
@lcarcaramo
Merge pull request #38 from ambitus/dev
2f7d7e2 
Merge Keyring/Certificate extract changes into main.
@lcarcaramo
Merge certificate management stuff.
ac54988 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Resolve clang-format issues and Add ZOSLIB and OpenSSL to build.
5cadfc3 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Debug build
91b55df 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Debug build & return length with for result JSON.
e3026f5 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Remove pythread from racfu.cpp
583314d 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Cleanup.
268b817 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Cleanup
e24b65f 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo
Fix ZOPEN_ROOTFS check.
d373519 
Signed-off-by: Leonard Carcaramo <[email protected]>
@lcarcaramo lcarcaramo added the enhancement New feature or request label May 1, 2025
@lcarcaramo lcarcaramo added this to the 1.0a2 milestone May 1, 2025
@lcarcaramo lcarcaramo requested a review from ElijahSwiftIBM May 1, 2025 15:36
ElijahSwiftIBM
ElijahSwiftIBM approved these changes May 1, 2025
View reviewed changes
Copy link
Collaborator

@ElijahSwiftIBM ElijahSwiftIBM left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great; really streamlines things!

@lcarcaramo lcarcaramo merged commit a11225d into dev May 1, 2025
11 checks passed
@lcarcaramo lcarcaramo deleted the feat/cicd-oss-housekeeping branch May 2, 2025 14:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ElijahSwiftIBM ElijahSwiftIBM ElijahSwiftIBM approved these changes

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

1.0a2

Development

Successfully merging this pull request may close these issues.

4 participants

@lcarcaramo @ElijahSwiftIBM @EmmasBox