Mirrors_Framework/PX4-Autopilot
1
0
Fork 0
mirror of https://github.com/PX4/PX4-Autopilot.git synced 2026-05-24 07:09:48 +08:00
Code Issues Actions 15 Packages Projects Releases Wiki Activity

Merge branch 'main' into pr-fix-gliding

Browse Source
This commit is contained in:
Ryan Johnston
2026-05-02 08:38:56 -05:00
committed by GitHub
parent 08c1834ca9 f63b0d6b6f
commit b714d48f1b
4105 changed files with 97792 additions and 80321 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.clang-tidy
-11
View File
@@ -141,39 +141,28 @@ Checks: '*,
-cppcoreguidelines-avoid-goto,
-hicpp-avoid-goto,
-bugprone-branch-clone,
-bugprone-unhandled-self-assignment,
-cert-oop54-cpp,
-performance-enum-size,
-readability-avoid-nested-conditional-operator,
-cppcoreguidelines-prefer-member-initializer,
-cppcoreguidelines-explicit-virtual-functions,
-cppcoreguidelines-virtual-class-destructor,
-readability-convert-member-functions-to-static,
-readability-make-member-function-const,
-bugprone-assignment-in-if-condition,
-bugprone-implicit-widening-of-multiplication-result,
-bugprone-incorrect-roundings,
-bugprone-macro-parentheses,
-bugprone-multi-level-implicit-pointer-conversion,
-bugprone-signed-char-misuse,
-bugprone-too-small-loop-variable,
-cppcoreguidelines-avoid-non-const-global-variables,
-cppcoreguidelines-use-default-member-init,
-hicpp-multiway-paths-covered,
-hicpp-named-parameter,
-misc-header-include-cycle,
-misc-no-recursion,
-performance-no-int-to-ptr,
-readability-avoid-return-with-void-value,
-readability-avoid-unconditional-preprocessor-if,
-readability-delete-null-pointer,
-readability-duplicate-include,
-readability-redundant-casting,
-readability-redundant-member-init,
-readability-reference-to-constructed-temporary,
-readability-simplify-boolean-expr,
-bugprone-unsafe-functions,
-cert-msc24-c,
-cert-msc32-c,
-cert-msc33-c,
-cert-msc51-cpp,
.claude/skills/commit/SKILL.md
+34
View File
@@ -0,0 +1,34 @@
---
name: commit
description: Create a conventional commit for PX4 changes
argument-hint: "[optional: description of changes]"
allowed-tools: Bash, Read, Glob, Grep
---
# PX4 Conventional Commit
Create a git commit in conventional-commit format: `type(scope): description`.
- **type:** `feat`, `fix`, `refactor`, `perf`, `docs`, `style`, `test`,
`build`, `ci`, `chore`, `revert`. Append `!` before `:` for breaking changes.
- **scope:** the module/driver/area affected — derive from the directory
path of the changed files (`src/modules/ekf2/``ekf2`,
`src/drivers/imu/invensense/icm42688p/``drivers/icm42688p`,
`.github/workflows/``ci`).
- **description:** imperative, concise, ≥5 chars.
**NEVER add Co-Authored-By Claude Code. No Claude attribution.**
## Steps
1. Check branch (`git branch --show-current`). If on `main`, create a feature
branch `<username>/<description>` where `<username>` comes from
`gh api user --jq .login`.
2. Run `git status` and `git diff --staged`. If nothing staged, ask what to stage.
3. Run `make format` (or `./Tools/astyle/fix_code_style.sh <file>`) on changed
C/C++ files.
4. Body (if needed): explain **why**, not what.
5. Check GPG signing: `git config --get user.signingkey`. If set,
`git commit -S -s`; else `git commit -s`.
If the user provided arguments, use them as context: $ARGUMENTS
.claude/skills/pr/SKILL.md
+31
View File
@@ -0,0 +1,31 @@
---
name: pr
description: Create a pull request with conventional commit title and description
argument-hint: "[optional: target branch or description]"
allowed-tools: Bash, Read, Glob, Grep
---
# PX4 Pull Request
**No Claude attribution anywhere (no Co-Authored-By, no "Generated with Claude").**
## Steps
1. Check branch. If on `main`, create a feature branch `<username>/<description>`
where `<username>` comes from `gh api user --jq .login`.
2. Gather context: `git status`, `git log --oneline main..HEAD`,
`git diff main...HEAD --stat`, check for remote tracking branch.
3. Sanity-build the targets we care about. Fix any build errors before opening
the PR:
- `make px4_fmu-v6x` — hardware target
- `make px4_sitl` — simulation
4. PR **title:** `type(scope): description` — under 72 chars, covers the
overall change across all commits. This becomes the squash-merge commit
message.
5. PR **body:** start with a plain leading paragraph explaining what the PR does and why. No headings (`## Summary`, `## Test plan`, etc.), no boilerplate, no Claude attribution. Use bullet lists only to enumerate discrete changes; don't force prose into bullets. Describe testing inline if relevant, no separate test plan section. Use markdown (links, code blocks, lists) only when warranted. Keep it concise and well-formatted.
6. Push with `-u` if needed, then `gh pr create`. Default base is `main`
unless user says otherwise.
7. Return the PR URL.
If the user provided arguments, use them as context: $ARGUMENTS
.claude/skills/rebase-onto-main/SKILL.md
+73
View File
@@ -0,0 +1,73 @@
---
name: rebase-onto-main
description: Rebase a branch onto main, handling squash-merged parent branches cleanly
argument-hint: "[optional: branch name, defaults to current branch]"
allowed-tools: Bash, Read, Glob, Grep, Agent
---
# Rebase Branch onto Main
Rebase the current (or specified) branch onto `main`, correctly handling the case where the branch was built on top of another branch that has since been squash-merged into `main`.
## Background
When a parent branch is squash-merged, its individual commits become a single new commit on `main` with a different hash. A normal `git rebase main` will try to replay the parent's original commits, causing messy conflicts. The fix is to **cherry-pick only the commits unique to this branch** onto a fresh branch from `main`.
## Steps
1. **Identify the branch.** Use `$ARGUMENTS` if provided, otherwise use the current branch.
2. **Fetch and update main:**
```
git fetch origin main:main
```
3. **Find the merge base** between the branch and `main`:
```
git merge-base <branch> main
```
4. **List all commits** on the branch since the merge base:
```
git log --oneline <merge-base>..<branch>
```
5. **Identify which commits are unique to this branch** vs. inherited from a parent branch. Look for:
- Squash-merged commits on `main` that correspond to a group of commits at the bottom of the branch's history (check PR titles, commit message keywords).
- The boundary commit: the first commit that belongs to *this* branch's work, not the parent's.
- If ALL commits are unique (no parent branch), just do a normal `git rebase main` and skip the rest.
6. **Create a fresh branch from `main`:**
```
git checkout -b <branch>-rebase main
```
7. **Cherry-pick only the unique commits** (oldest first):
```
git cherry-pick <first-unique-commit>^..<branch>
```
The `A^..B` range means "from the parent of A through B inclusive."
8. **Handle conflicts** if any arise during cherry-pick. Resolve and `git cherry-pick --continue`.
9. **Replace the old branch:**
```
git branch -m <branch> <branch>-old
git branch -m <branch>-rebase <branch>
```
10. **Verify** the result:
```
git log --oneline main..<branch>
```
Confirm only the expected commits are present.
11. **Ask the user** before force-pushing. When approved:
```
git push origin <branch> --force-with-lease
```
12. **Clean up** the old branch:
```
git branch -D <branch>-old
```
.claude/skills/review-pr/SKILL.md
+207
View File
@@ -0,0 +1,207 @@
---
name: review-pr
description: Review a pull request with structured, domain-aware feedback
argument-hint: "<PR number or URL>"
allowed-tools: Bash, Read, Glob, Grep, Agent
---
# PX4 Pull Request Review
Review a pull request with domain-aware checks based on which files are changed.
**No Claude attribution anywhere.**
## Steps
1. **Fetch PR context.** Run these in parallel:
- `gh pr view <PR> --json number,title,body,baseRefName,headRefName,files,commits,reviewRequests,reviews,author`
- `gh pr checks <PR>` (exit code 8 means some checks are pending, this is normal, not an error)
- `gh pr diff <PR>` -- if this fails with HTTP 406 (300+ files), do NOT retry. Instead use `gh api repos/OWNER/REPO/pulls/NUMBER/files --paginate` to get the full file list in one call, then fetch patches for key infrastructure files individually and sample representative changes from each domain touched.
- `gh api repos/OWNER/REPO/pulls/NUMBER/comments --paginate --jq '.[] | {user: .user.login, body: .body, path: .path, created_at: .created_at}'` to get inline review comments
- `gh api repos/OWNER/REPO/issues/NUMBER/comments --paginate --jq '.[] | {user: .user.login, body: .body, created_at: .created_at}'` to get PR conversation comments
From the PR metadata, note:
- **Assigned reviewers**: who has been requested to review (from `reviewRequests`)
- **Existing reviews**: who has already reviewed and their verdict (from `reviews` -- approved, changes_requested, commented, dismissed)
- **PR comments and inline comments**: read all existing feedback to avoid duplicating points already raised by other reviewers, and to build on their discussion rather than ignoring it
2. **Check CI status.** From the `gh pr checks` output in step 1, summarize pass/fail/pending. If there are failures, fetch logs with `gh run view <run-id> --log-failed`. Include CI status in the output.
3. **Recommend merge strategy.** Analyze the commit history and recommend squash or rebase merge. This decision informs all subsequent commit hygiene feedback.
**Recommend rebase merge** when:
- Commits are atomic, each builds/works independently
- Each commit has a proper `type(scope): description` message
- The PR intentionally separates logical changes (e.g., refactor + feature, or one commit per module)
- The commit history tells a useful story that would be lost by squashing
**Recommend squash merge** when:
- There are WIP, fixup, or review-response commits
- Commit messages are messy or inconsistent
- The PR is a single logical change spread across multiple commits
- There are "oops" or "make format" commits mixed in
Include the recommendation in the output. If recommending rebase, flag any commits that break atomicity or have bad messages. If recommending squash, don't bother flagging individual commit messages (they'll be discarded) but ensure the PR title is correct since it becomes the squash commit message.
4. **Check conventional commit title.** Verify the PR title follows `type(scope): description` per CONTRIBUTING.md. The PR title becomes the commit message on squash-merge, so it must be accurate and descriptive. Verify the scope matches the primary area of changed files. If the PR introduces breaking changes, the title must include `!` before the colon. If rebase merge was recommended in step 3, also scan individual commit messages for anti-patterns: vague messages ("fix", "update"), missing type prefix, review-response noise ("apply suggestions from code review", "do make format"), or WIP markers. Flag these for rewording.
5. **Identify domains touched.** Classify changed files into domains based on paths (a PR may touch multiple):
- **Estimation**: `src/modules/ekf2/`, `src/lib/wind_estimator/`, `src/lib/world_magnetic_model/`
- **Control**: `src/modules/mc_*control*/`, `src/modules/fw_*control*/`, `src/modules/flight_mode_manager/`, `src/lib/rate_control/`, `src/lib/npfg/`, `src/modules/vtol_att_control/`
- **Drivers/CAN**: `src/drivers/`, `src/modules/cyphal/`, `src/drivers/uavcan*/`
- **Simulation**: `src/modules/simulation/`, `Tools/simulation/`
- **System**: `src/modules/commander/`, `src/modules/logger/`, `src/systemcmds/`, `platforms/`, `src/modules/dataman/`
- **Board Addition**: `boards/{manufacturer}/{board}/` (new directories only, not modifications to existing boards)
- **CI/Build**: `.github/`, `CMakeLists.txt`, `Makefile`, `cmake/`, `Tools/`, `Kconfig`
- **Messages/Protocol**: `msg/`, `src/modules/mavlink/`, `src/modules/uxrce_dds_client/`
6. **Apply core checks** (always):
- **Correctness**: logic errors, off-by-ones, unhandled edge cases
- **Type safety**: int16 overflow, float/double promotion, unsigned subtraction, use `uint64_t` for absolute time
- **Initialization**: uninitialized variables, missing default construction
- **Buffer safety**: unchecked array access, stack allocation of large buffers, snprintf bounds
- **Magic numbers**: every numeric literal needs a named constant or justification
- **Framework reuse**: use PX4_ERR/WARN/INFO, existing libraries (AlphaFilter, SlewRate, RateControl), MAVLink constants from the library
- **Naming**: accurate, no unjustified abbreviations, current terminology (GPS -> GNSS for new code)
- **Unnecessary complexity**: can code be removed instead of added? Is there a simpler pattern?
- **Test coverage**: new features should include unit or integration tests; bug fixes should include regression tests where practical. When automated testing is infeasible (hardware-specific), require a flight log link from https://logs.px4.io or bench test evidence.
- **PR hygiene**: focused scope, no unrelated formatting, no stale submodule changes. Commits should be atomic and independently revertable. Multiple WIP or review-response commits should be squashed. Clean, logical commits will be preserved individually on main via rebase merge. **Do NOT assume PRs are squash-merged. Both squash and rebase merge are enabled; merge commits are disabled.** Verify the PR targets `main` unless it is a backport or release-specific fix.
- **Formatting**: `make format` / `make check_format` (astyle) for C/C++ files; `clang-tidy` clean. Python files checked with `mypy` and `flake8`. PRs failing CI format or lint checks will not be merged.
- **Coding style**: C/C++ must follow the [PX4 coding style](https://docs.px4.io/main/en/contribute/code.html)
- **Necessity**: challenge every addition with "Why?" Is this actually needed or just copied? Can we change a default instead of adding runtime detection?
- **Root cause vs symptom**: is this fixing the real problem or masking it?
- **Ecosystem impact**: what does this change mean for QGC users, log analysis tools, and third-party integrations?
- **Sustainability**: who will maintain this? Does it create long-term burden?
- **Architecture fit**: does the code live in the module that naturally owns the data? Are there unnecessary cross-module dependencies?
- **End user impact**: will parameters confuse less-technical users? Are error messages actionable in QGC?
7. **Apply domain checks** based on step 5:
**Estimation:**
- Singularities in aerospace math (euler angles near gimbal lock, sideslip at low airspeed)
- Aliasing from downsampling sensor data without filtering
- Kalman filter correctness (Joseph form, innovation variance, covariance symmetry)
- CPU cost on embedded targets (avoid unnecessary sqrt, limit fusion rate)
- Frame/coordinate system correctness (FRD vs NED, body vs earth)
**Control:**
- Phase margin: output filters consume margin for no benefit; prefer adjusting gyro/d-gyro cutoffs
- Circular dependencies: sensor data feeding back into its own control loop (e.g., throttle-based airspeed in TECS)
- NaN propagation in flight-critical math; check `PX4_ISFINITE` before magnitude checks
- Setpoint generation vs output-stage hacks: prefer proper setpoint smoothing over controller output filtering
- Yaw control edge cases: heading lock, drift, setpoint propagation
- Flight task inheritance chain: correct base class for the desired behavior
- Control allocation: actuator function ordering, motor index mapping
**Drivers/CAN:**
- CAN bus devices behave differently from serial/SPI; check driver assumptions
- ESC index mapping: telemetry index != channel when motors are disabled
- ESC hardware quirks: 4-in-1 ESCs may report current on only one channel
- device_id correctness and I2CSPIDriver patterns
- Time representation: prefer `hrt_abstime` over iteration counts
**Simulation:**
- Physics fidelity: noise models should match reality (GPS noise is not Gaussian)
- Keep gz_bridge generic; vehicle-specific logic belongs in plugins
- Prefer gz-transport over ROS2 dependencies when possible
- Wrench commands for physics correctness vs kinematic constraints
- Library generic/specific boundary: only base classes in common libs
**System:**
- Race conditions and concurrency: no partial fixes, demand complete solutions
- Semaphore/scheduling edge cases; understand RTOS guarantees
- State machine sequential-logic bugs (consecutive RTL, armed/disarmed alternation)
- uORB-driven scheduling (`SubscriptionCallback`), not extra threads
- param_set triggers auto-save; no redundant param_save_default
- Flash/memory efficiency: avoid `std::string` on embedded, minimize SubscriptionData usage
- Constructor initialization order matters
**CI/Build:**
- Pipeline race conditions (tag + branch push double-trigger, git describe correctness)
- Container image size (check layer bloat)
- Ubuntu LTS support policy (latest + one prior only)
- Build time impact
- CMake preferred over Makefiles
**Messages/Protocol:**
- Backwards compatibility: will this break QGC, post-flight tools, or uLog parsers?
- uORB: `timestamp` for publication metadata, `timestamp_sample` close to physical sample, include `device_id`
- Don't version messages unless strictly needed
- Parameter UX: will this confuse users in a GCS? Every new param is a configuration burden
- MAVLink: use library constants, don't implement custom stream rates
**Board Addition:**
- **Flight logs**: require a link to https://logs.px4.io demonstrating basic operation for the vehicle type (hover for multicopters, stable flight for fixed-wing, driving for rovers, etc.); short bench-only logs are insufficient
- **Documentation**: require a docs page in `docs/en/flight_controller/` with pinout, where-to-buy, connector types, version badge, and manufacturer-supported notice block
- **USB VID/PID**: must not reuse another manufacturer's Vendor ID; manufacturer must use their own
- **Board naming**: directory is `boards/{manufacturer}/{board}/`, both lowercase, hyphens for board name
- **Unique board_id**: registered in `boards/boards.json`, no collisions
- **Copied code cleanup**: check for leftover files, configs, or comments from the template board; "Is this real or leftover?"
- **RC configuration**: prefer `CONFIG_DRIVERS_COMMON_RC` over legacy `CONFIG_DRIVERS_RC_INPUT`
- **No board-specific custom modules**: reject copy-pasted drivers (e.g., custom heater) when existing infrastructure works
- **Bootloader**: expect a bootloader defconfig (`nuttx-config/bootloader/defconfig`) or explanation of shared bootloader
- **CI integration**: board must be added to CI compile workflows so it builds on every PR
- **Flash constraints**: verify enabled modules fit in flash; we are running low across all board targets
- **Port labels**: serial port labels must match what is physically printed on the board
- **Hardware availability**: for unknown manufacturers, verify the product exists and is purchasable (no vaporware)
8. **Format output** as:
- **CI status**: pass/fail summary, link to failed runs if any
- **Merge strategy**: recommend squash or rebase merge with reasoning
- **Title check**: pass/fail with suggestion
- **Review status**: list assigned reviewers and any existing reviews (who approved, who requested changes, key points already raised). Note if your review would duplicate feedback already given.
- **Domains detected**: list which domain checks were applied
- **Summary**: one paragraph on what the PR does and whether the approach is sound
- **Issues**: numbered list, each with file:line, severity (blocker/warning/nit), and explanation. Skip issues already raised by other reviewers unless you have something to add.
- **Verdict**: approve, request changes, or needs discussion
After the structured output, also display a **draft PR comment** formatted using the PR comment formatting rules from step 9. This gives the user a preview of what would be posted.
9. **Interactive dialog.** After displaying the review, present the user with these options:
Present options based on the verdict:
If verdict is **approve**:
```
What would you like to do?
1. Chat about this PR (ask questions, explore code) [default]
2. Approve this PR and post the review comment
3. Adjust the review or draft (tell me what to change)
4. Done for now
```
If verdict is **request changes**:
```
What would you like to do?
1. Chat about this PR (ask questions, explore code) [default]
2. Request changes on this PR and post the review comment
3. Adjust the review or draft (tell me what to change)
4. Done for now
```
If verdict is **needs discussion**:
```
What would you like to do?
1. Chat about this PR (ask questions, explore code) [default]
2. Post the review as a comment (no approval or rejection)
3. Adjust the review or draft (tell me what to change)
4. Done for now
```
Wait for the user to choose before proceeding. If they pick:
- **1 (chat)**: enter a free-form conversation about the PR. The user can ask about specific files, code paths, or decisions. When done, loop back to the options. This is the default if the user just presses enter.
- **2 (submit)**: use the draft PR comment already shown. Before posting, check if you have review permissions: run `gh api repos/OWNER/REPO/collaborators/$(gh api user --jq .login)/permission --jq .permission` -- if `admin` or `write`, submit as a formal review with `gh pr review <PR> --approve --body "..."` or `gh pr review <PR> --request-changes --body "..."` based on the verdict. If no write access, fall back to `gh pr comment <PR> --body "..."`. Always confirm with the user before posting.
- **3 (adjust)**: ask what to change, update the review and draft, then loop back to the options.
- **4 (done)**: stop.
**PR comment formatting rules** (for the draft):
When writing the GitHub comment, rewrite the review to sound like a human reviewer, not a structured report. Do NOT include the full skill output. Instead:
- Drop most meta-sections (CI status, title check, domains detected, severity labels) but keep the merge strategy recommendation (e.g., "I'd suggest a rebase merge here since the commits are clean and atomic" or "This should be squash-merged, the commit history is messy")
- Write conversationally: "Nice work on this. A few things I noticed:" not "Issues: 1. file:line (warning):"
- Lead with a brief take on the overall change (1-2 sentences)
- List only actionable feedback as natural review comments, not numbered checklists
- Skip nits unless they are particularly useful
- End with a clear stance: looks good to merge, needs a few changes, or let's discuss X
- Post with `gh pr comment <PR> --body "$(cat <<'EOF' ... EOF)"`. Do not post without explicit confirmation.
If the user provided arguments, use them as context: $ARGUMENTS
.dockerignore
+1
View File
@@ -0,0 +1 @@
build/
.github/ISSUE_TEMPLATE/docs_bug_report.yml
+2 -2
View File
@@ -1,7 +1,7 @@
name: 📑 Documentation Bug report
description: Create a report to help us improve the docs
title: "[Docs] [Bug] "
labels: ["Documentation 📑"]
title: "docs(bug): "
labels: ["scope:docs"]
body:
- type: textarea
attributes:
.github/actions/build-deb/action.yml
+115
View File
@@ -0,0 +1,115 @@
name: Build PX4 .deb Package
description: Build PX4 SITL, run cpack, validate the .deb, and upload artifact
inputs:
target:
description: 'Build target: default or sih'
required: true
artifact-name:
description: Name for the uploaded artifact
required: true
ccache-key-prefix:
description: Prefix for ccache cache keys
default: deb-ccache
ccache-max-size:
description: Maximum ccache size
default: 400M
runs:
using: composite
steps:
- name: Restore ccache
id: ccache-restore
uses: actions/cache/restore@v5
with:
path: ~/.ccache
key: ${{ inputs.ccache-key-prefix }}-${{ github.ref_name }}-${{ github.sha }}
restore-keys: |
${{ inputs.ccache-key-prefix }}-${{ github.ref_name }}-
${{ inputs.ccache-key-prefix }}-${{ github.base_ref || 'main' }}-
${{ inputs.ccache-key-prefix }}-
- name: Configure ccache
shell: bash
run: |
mkdir -p ~/.ccache
echo "base_dir = ${GITHUB_WORKSPACE}" > ~/.ccache/ccache.conf
echo "compression = true" >> ~/.ccache/ccache.conf
echo "compression_level = 6" >> ~/.ccache/ccache.conf
echo "max_size = ${{ inputs.ccache-max-size }}" >> ~/.ccache/ccache.conf
echo "hash_dir = false" >> ~/.ccache/ccache.conf
echo "compiler_check = content" >> ~/.ccache/ccache.conf
ccache -s
ccache -z
- name: Build PX4 SITL
shell: bash
run: make px4_sitl_${{ inputs.target }}
- name: ccache stats
if: always()
shell: bash
run: ccache -s
- name: Save ccache
uses: actions/cache/save@v5
if: always()
with:
path: ~/.ccache
key: ${{ inputs.ccache-key-prefix }}-${{ github.ref_name }}-${{ github.sha }}
- name: Build .deb package
shell: bash
run: |
cd build/px4_sitl_${{ inputs.target }}
cpack -G DEB
- name: Print package info and contents
shell: bash
run: |
cd build/px4_sitl_${{ inputs.target }}
echo "--- Package info ---"
dpkg-deb -I *.deb
echo "--- Package contents ---"
dpkg-deb -c *.deb
- name: Validate sih package
if: inputs.target == 'sih'
shell: bash
run: |
cd build/px4_sitl_sih
echo "--- Verify NO Gazebo resources ---"
! dpkg-deb -c px4_*.deb | grep share/gz > /dev/null && echo "PASS: no Gazebo" || { echo "FAIL: Gazebo found"; exit 1; }
echo "--- Install test ---"
dpkg -i px4_*.deb
test -x /opt/px4/bin/px4 || { echo "FAIL: px4 binary not found"; exit 1; }
test -L /usr/bin/px4 || { echo "FAIL: symlink not created"; exit 1; }
test ! -d /opt/px4/share/gz || { echo "FAIL: Gazebo dir should not exist"; exit 1; }
echo "--- Smoke test ---"
/opt/px4/bin/px4 -h
echo "PASS: sih package validation successful"
- name: Validate gazebo package
if: inputs.target == 'default'
shell: bash
run: |
cd build/px4_sitl_default
echo "--- Verify Gazebo resources in package ---"
dpkg-deb -c px4-gazebo_*.deb | grep share/gz/models > /dev/null || { echo "FAIL: models missing"; exit 1; }
dpkg-deb -c px4-gazebo_*.deb | grep share/gz/worlds > /dev/null || { echo "FAIL: worlds missing"; exit 1; }
echo "--- Install test ---"
dpkg -i px4-gazebo_*.deb
test -x /opt/px4-gazebo/bin/px4 || { echo "FAIL: px4 binary not found"; exit 1; }
test -x /opt/px4-gazebo/bin/px4-gazebo || { echo "FAIL: wrapper not found"; exit 1; }
test -L /usr/bin/px4-gazebo || { echo "FAIL: symlink not created"; exit 1; }
test -d /opt/px4-gazebo/share/gz/models || { echo "FAIL: Gazebo models not installed"; exit 1; }
echo "--- Smoke test ---"
/opt/px4-gazebo/bin/px4 -h
echo "PASS: gazebo package validation successful"
- name: Upload .deb artifacts
uses: actions/upload-artifact@v7
with:
name: ${{ inputs.artifact-name }}
path: build/px4_sitl_${{ inputs.target }}/*.deb
if-no-files-found: error
.github/actions/build-gazebo-sitl/action.yml
+21
View File
@@ -0,0 +1,21 @@
name: Build Gazebo Classic SITL
description: Build PX4 firmware and Gazebo Classic plugins with ccache stats
runs:
using: composite
steps:
- name: Build - PX4 Firmware (SITL)
shell: bash
run: make px4_sitl_default
- name: Cache - Stats after PX4 Firmware
shell: bash
run: ccache -s
- name: Build - Gazebo Classic Plugins
shell: bash
run: make px4_sitl_default sitl_gazebo-classic
- name: Cache - Stats after Gazebo Plugins
shell: bash
run: ccache -s
.github/actions/save-ccache/action.yml
+22
View File
@@ -0,0 +1,22 @@
name: Save ccache
description: Print ccache stats and save to cache
inputs:
cache-primary-key:
description: Primary cache key from setup-ccache output
required: true
runs:
using: composite
steps:
- name: Cache - Stats
if: always()
shell: bash
run: ccache -s
- name: Cache - Save ccache
if: always()
uses: actions/cache/save@v5
with:
path: ~/.ccache
key: ${{ inputs.cache-primary-key }}
.github/actions/setup-ccache/action.yml
+56
View File
@@ -0,0 +1,56 @@
name: Setup ccache
description: Restore ccache from cache and configure ccache.conf
inputs:
cache-key-prefix:
description: Cache key prefix (e.g. ccache-sitl)
required: true
max-size:
description: Max ccache size (e.g. 300M)
required: false
default: '300M'
base-dir:
description: ccache base_dir value
required: false
default: '${GITHUB_WORKSPACE}'
install-ccache:
description: Install ccache via apt before configuring
required: false
default: 'false'
outputs:
cache-primary-key:
description: Primary cache key (pass to save-ccache)
value: ${{ steps.restore.outputs.cache-primary-key }}
runs:
using: composite
steps:
- name: Cache - Install ccache
if: inputs.install-ccache == 'true'
shell: bash
run: apt-get update && apt-get install -y ccache
- name: Cache - Restore ccache
id: restore
uses: actions/cache/restore@v5
with:
path: ~/.ccache
key: ${{ inputs.cache-key-prefix }}-${{ github.ref_name }}-${{ github.sha }}
restore-keys: |
${{ inputs.cache-key-prefix }}-${{ github.ref_name }}-
${{ inputs.cache-key-prefix }}-${{ github.base_ref || 'main' }}-
${{ inputs.cache-key-prefix }}-
- name: Cache - Configure ccache
shell: bash
run: |
mkdir -p ~/.ccache
echo "base_dir = ${{ inputs.base-dir }}" > ~/.ccache/ccache.conf
echo "compression = true" >> ~/.ccache/ccache.conf
echo "compression_level = 6" >> ~/.ccache/ccache.conf
echo "max_size = ${{ inputs.max-size }}" >> ~/.ccache/ccache.conf
echo "hash_dir = false" >> ~/.ccache/ccache.conf
echo "compiler_check = content" >> ~/.ccache/ccache.conf
ccache -s
ccache -z
.github/instructions/board-addition.instructions.md
+21
View File
@@ -0,0 +1,21 @@
---
applyTo: "boards/**"
---
# Board Addition Review Guidelines
In addition to the core code review guidelines, when reviewing new board additions:
- **Flight logs**: require a link to https://logs.px4.io demonstrating basic operation for the vehicle type (hover for multicopters, stable flight for fixed-wing, driving for rovers, etc.); short bench-only logs are insufficient
- **Documentation**: require a docs page in `docs/en/flight_controller/` with pinout, where-to-buy, connector types, version badge, and manufacturer-supported notice block
- **USB VID/PID**: must not reuse another manufacturer's Vendor ID; manufacturer must use their own
- **Board naming**: directory is `boards/{manufacturer}/{board}/`, both lowercase, hyphens for board name
- **Unique board_id**: registered in `boards/boards.json`, no collisions
- **Copied code cleanup**: check for leftover files, configs, or comments from the template board. Ask "Is this real or leftover?"
- **RC configuration**: prefer `CONFIG_DRIVERS_COMMON_RC` over legacy `CONFIG_DRIVERS_RC_INPUT`
- **No board-specific custom modules**: reject copy-pasted drivers (e.g., custom heater) when existing infrastructure works
- **Bootloader**: expect a bootloader defconfig (`nuttx-config/bootloader/defconfig`) or explanation of shared bootloader
- **CI integration**: board must be added to CI compile workflows so it builds on every PR
- **Flash constraints**: verify enabled modules fit in flash; we are running low across all board targets
- **Port labels**: serial port labels must match what is physically printed on the board
- **Hardware availability**: for unknown manufacturers, verify the product exists and is purchasable (no vaporware)
.github/instructions/ci-build.instructions.md
+13
View File
@@ -0,0 +1,13 @@
---
applyTo: ".github/**,cmake/**,Makefile,CMakeLists.txt,Tools/**,**/Kconfig"
---
# CI/Build Review Guidelines
In addition to the core code review guidelines:
- Check for pipeline race conditions (tag + branch push double-trigger, git describe correctness)
- Container image size: check for layer bloat
- Ubuntu LTS support policy: only latest + one prior LTS version
- Consider build time impact of changes
- Prefer CMake over Makefiles
.github/instructions/code-review.instructions.md
+32
View File
@@ -0,0 +1,32 @@
---
applyTo: "src/**,boards/**,platforms/**,msg/**,cmake/**,Makefile,CMakeLists.txt,Tools/**,.github/**"
---
# PX4 Code Review Guidelines
## Conventions
- PR titles must follow conventional commits: `type(scope): description` (see CONTRIBUTING.md)
- Types: `feat`, `fix`, `docs`, `style`, `refactor`, `perf`, `test`, `build`, `ci`, `chore`, `revert`
- Scope should match the primary area of changed files
- Append `!` before the colon for breaking changes
- Both squash merge and rebase merge are enabled; merge commits are disabled
- Commits should be atomic and independently revertable
- WIP or review-response commits should be squashed before merge
## Core Checks (always apply)
- **Correctness**: logic errors, off-by-ones, unhandled edge cases
- **Type safety**: int16 overflow, float/double promotion, unsigned subtraction, use `uint64_t` for absolute time
- **Initialization**: uninitialized variables, missing default construction
- **Buffer safety**: unchecked array access, stack allocation of large buffers, snprintf bounds
- **Magic numbers**: every numeric literal needs a named constant or justification
- **Framework reuse**: use PX4_ERR/WARN/INFO, existing libraries (AlphaFilter, SlewRate, RateControl), MAVLink constants from the library
- **Naming**: accurate, no unjustified abbreviations, current terminology (GPS -> GNSS for new code)
- **Unnecessary complexity**: can code be removed instead of added? Is there a simpler pattern?
- **Test coverage**: new features should include unit or integration tests; bug fixes should include regression tests where practical
- **Formatting**: `make format` / `make check_format` (astyle) for C/C++ files; `clang-tidy` clean
- **Coding style**: C/C++ must follow the PX4 coding style (https://docs.px4.io/main/en/contribute/code.html)
- **Necessity**: challenge every addition. Is this actually needed or just copied?
- **Architecture fit**: does the code live in the module that naturally owns the data? No unnecessary cross-module dependencies
- **Ecosystem impact**: consider QGC users, log analysis tools, and third-party integrations
.github/instructions/control.instructions.md
+15
View File
@@ -0,0 +1,15 @@
---
applyTo: "src/modules/mc_*control*/**,src/modules/fw_*control*/**,src/modules/flight_mode_manager/**,src/lib/rate_control/**,src/lib/npfg/**,src/modules/vtol_att_control/**"
---
# Control Review Guidelines
In addition to the core code review guidelines:
- Phase margin: output filters consume margin for no benefit; prefer adjusting gyro/d-gyro cutoffs
- Check for circular dependencies: sensor data feeding back into its own control loop (e.g., throttle-based airspeed in TECS)
- NaN propagation in flight-critical math; check `PX4_ISFINITE` before magnitude checks
- Prefer proper setpoint smoothing over controller output filtering (setpoint generation vs output-stage hacks)
- Check yaw control edge cases: heading lock, drift, setpoint propagation
- Verify flight task inheritance chain uses the correct base class for desired behavior
- Control allocation: verify actuator function ordering and motor index mapping
.github/instructions/drivers.instructions.md
+13
View File
@@ -0,0 +1,13 @@
---
applyTo: "src/drivers/**,src/modules/cyphal/**"
---
# Drivers/CAN Review Guidelines
In addition to the core code review guidelines:
- CAN bus devices behave differently from serial/SPI; check driver assumptions
- ESC index mapping: telemetry index != channel when motors are disabled
- ESC hardware quirks: 4-in-1 ESCs may report current on only one channel
- Verify device_id correctness and I2CSPIDriver patterns
- Time representation: prefer `hrt_abstime` over iteration counts
.github/instructions/estimation.instructions.md
+13
View File
@@ -0,0 +1,13 @@
---
applyTo: "src/modules/ekf2/**,src/lib/wind_estimator/**,src/lib/world_magnetic_model/**"
---
# Estimation Review Guidelines
In addition to the core code review guidelines:
- Check for singularities in aerospace math (euler angles near gimbal lock, sideslip at low airspeed)
- Flag aliasing from downsampling sensor data without proper filtering
- Verify Kalman filter correctness (Joseph form, innovation variance, covariance symmetry)
- Consider CPU cost on embedded targets (avoid unnecessary sqrt, limit fusion rate)
- Verify frame/coordinate system correctness (FRD vs NED, body vs earth frame)
.github/instructions/messages.instructions.md
+13
View File
@@ -0,0 +1,13 @@
---
applyTo: "msg/**,src/modules/mavlink/**,src/modules/uxrce_dds_client/**"
---
# Messages/Protocol Review Guidelines
In addition to the core code review guidelines:
- Backwards compatibility: will this break QGC, post-flight tools, or uLog parsers?
- uORB: `timestamp` for publication metadata, `timestamp_sample` close to physical sample, include `device_id`
- Don't version messages unless strictly needed
- Parameter UX: will this confuse users in a GCS? Every new param is a configuration burden
- MAVLink: use library constants, don't implement custom stream rates
.github/instructions/simulation.instructions.md
+13
View File
@@ -0,0 +1,13 @@
---
applyTo: "src/modules/simulation/**,Tools/simulation/**"
---
# Simulation Review Guidelines
In addition to the core code review guidelines:
- Physics fidelity: noise models should match reality (GPS noise is not Gaussian)
- Keep gz_bridge generic; vehicle-specific logic belongs in plugins
- Prefer gz-transport over ROS2 dependencies when possible
- Use wrench commands for physics correctness vs kinematic constraints
- Library generic/specific boundary: only base classes in common libs
.github/instructions/system.instructions.md
+15
View File
@@ -0,0 +1,15 @@
---
applyTo: "src/modules/commander/**,src/modules/logger/**,src/systemcmds/**,platforms/**,src/modules/dataman/**"
---
# System Review Guidelines
In addition to the core code review guidelines:
- Race conditions and concurrency: no partial fixes, demand complete solutions
- Semaphore/scheduling edge cases; understand RTOS guarantees
- State machine sequential-logic bugs (consecutive RTL, armed/disarmed alternation)
- Use uORB-driven scheduling (`SubscriptionCallback`), not extra threads
- `param_set` triggers auto-save; no redundant `param_save_default`
- Flash/memory efficiency: avoid `std::string` on embedded, minimize SubscriptionData usage
- Constructor initialization order matters
.github/labeler.yml
+327 -4
View File
@@ -3,8 +3,331 @@
# Docs for the syntax in this file can be found at
# https://github.com/actions/labeler
# Add 'Documentation' label to any changes within 'docs' folder or any subfolders
"Documentation 📑":
"scope:boards":
- changed-files:
- any-glob-to-any-file: docs/**
- any-glob-to-any-file:
- boards/**
- src/drivers/px4io/**
- src/modules/px4iofirmware/**
"scope:build-system":
- changed-files:
- any-glob-to-any-file:
- CMakeLists.txt
- Makefile
- Kconfig
- cmake/**
- platforms/*/cmake/**
- platforms/*/Kconfig
- boards/**/Kconfig
- boards/**/*.cmake
- boards/**/*.px4board
"scope:commander":
- changed-files:
- any-glob-to-any-file:
- src/modules/commander/**
"scope:control":
- changed-files:
- any-glob-to-any-file:
- src/modules/*_att_control/**
- src/modules/*_rate_control/**
- src/modules/*_pos_control/**
- src/modules/*_mode_manager/**
- src/modules/control_allocator/**
- src/modules/flight_mode_manager/**
- src/modules/fw_lateral_longitudinal_control/**
- src/modules/mc_hover_thrust_estimator/**
- src/modules/mc_nn_control/**
- src/modules/mc_raptor/**
- src/modules/rover_*/**
- src/drivers/actuators/**
- src/drivers/dshot/**
- src/drivers/pwm_out/**
- src/drivers/pca9685_pwm_out/**
- src/drivers/tap_esc/**
"scope:dependencies":
- changed-files:
- any-glob-to-any-file:
- .gitmodules
- package.xml
- src/modules/mavlink/mavlink/**
- src/modules/uxrce_dds_client/Micro-XRCE-DDS-Client/**
- src/lib/crypto/monocypher/**
- src/lib/heatshrink/heatshrink/**
- platforms/nuttx/NuttX/**
"scope:docs":
- changed-files:
- any-glob-to-any-file:
- docs/**
- .github/instructions/docs*.md
"scope:drivers":
- changed-files:
- any-glob-to-any-file:
- src/drivers/**
"scope:estimation":
- changed-files:
- any-glob-to-any-file:
- src/modules/ekf2/**
- src/modules/local_position_estimator/**
- src/modules/attitude_estimator_q/**
- src/modules/landing_target_estimator/**
- src/modules/mag_bias_estimator/**
- src/modules/gyro_calibration/**
- src/modules/gyro_fft/**
- Tools/ecl_ekf/**
"scope:infrastructure":
- changed-files:
- any-glob-to-any-file:
- .devcontainer/**
- .github/**
- .vscode/**
- .clang-tidy
- .dockerignore
- Jenkinsfile
- Tools/ci/**
- Tools/docker/**
"scope:logging":
- changed-files:
- any-glob-to-any-file:
- src/modules/logger/**
- src/modules/replay/**
- src/modules/events/**
- src/modules/hardfault_stream/**
- src/lib/events/**
- Tools/flight_review/**
- Tools/log_encryption/**
"scope:mavlink":
- changed-files:
- any-glob-to-any-file:
- src/modules/mavlink/**
- src/drivers/telemetry/**
- src/drivers/transponder/**
- Tools/HIL/**
"scope:middleware":
- changed-files:
- any-glob-to-any-file:
- src/modules/muorb/**
- src/modules/uxrce_dds_client/**
- src/modules/zenoh/**
- src/drivers/cyphal/**
- src/drivers/uavcan/**
- src/drivers/uavcannode/**
- platforms/ros2/**
- msg/translation_node/**
"scope:navigation":
- changed-files:
- any-glob-to-any-file:
- src/modules/navigator/**
- src/modules/dataman/**
- src/modules/land_detector/**
- src/modules/payload_deliverer/**
- src/lib/collision_prevention/**
- src/lib/geofence/**
- src/lib/landing_slope/**
- src/lib/takeoff/**
- src/lib/weather_vane/**
"scope:offboard":
- changed-files:
- any-glob-to-any-file:
- src/modules/mavlink/mavlink_offboard.cpp
- src/modules/mavlink/mavlink_receiver.*
- src/modules/mavlink/streams/TRAJECTORY_REPRESENTATION_*.hpp
- src/modules/uxrce_dds_client/**
- src/modules/zenoh/**
- msg/OffboardControlMode.msg
- msg/TrajectorySetpoint.msg
- msg/versioned/TrajectorySetpoint.msg
- msg/versioned/VehicleCommand.msg
- msg/versioned/VehicleCommandAck.msg
"scope:parameters":
- changed-files:
- any-glob-to-any-file:
- "**/*_params.c"
- "**/*_params.cpp"
- "**/*_params.yaml"
- "**/parameters.c"
- "**/parameters.cpp"
- "**/module.yaml"
- src/lib/parameters/**
- src/modules/param/**
- Tools/param_metadata/**
- ROMFS/px4fmu_common/init.d*/**/*.params
"scope:release":
- changed-files:
- any-glob-to-any-file:
- docs/**/releases/**
- docs/**/release_process.md
- Tools/packaging/**
- platforms/**/package*.sh
"scope:sensors":
- changed-files:
- any-glob-to-any-file:
- src/modules/sensors/**
- src/modules/airspeed_selector/**
- src/modules/battery_status/**
- src/modules/esc_battery/**
- src/modules/temperature_compensation/**
- src/drivers/adc/**
- src/drivers/barometer/**
- src/drivers/batt_smbus/**
- src/drivers/differential_pressure/**
- src/drivers/distance_sensor/**
- src/drivers/gnss/**
- src/drivers/gps/**
- src/drivers/hygrometer/**
- src/drivers/imu/**
- src/drivers/ins/**
- src/drivers/irlock/**
- src/drivers/magnetometer/**
- src/drivers/optical_flow/**
- src/drivers/power_monitor/**
- src/drivers/pps_capture/**
- src/drivers/rpm/**
- src/drivers/rpm_capture/**
- src/drivers/smart_battery/**
- src/drivers/tattu_can/**
- src/drivers/temperature_sensor/**
- src/drivers/uwb/**
- src/drivers/wind_sensor/**
"scope:simulation":
- changed-files:
- any-glob-to-any-file:
- launch/**
- posix-configs/**
- src/modules/simulation/**
- Tools/simulation/**
- ROMFS/px4fmu_common/init.d-posix/**
- platforms/posix/**
"scope:testing":
- changed-files:
- any-glob-to-any-file:
- integrationtests/**
- test/**
- test_data/**
- validation/**
- src/systemcmds/tests/**
- src/examples/**
- "**/*[Tt]est.*"
- "**/*_test.*"
- "**/test_*.*"
- .github/workflows/*test*.yml
- .github/workflows/checks.yml
- .github/workflows/fuzzing.yml
"scope:tools":
- changed-files:
- any-glob-to-any-file:
- Tools/**
- msg/tools/**
- src/templates/**
"scope:uorb":
- changed-files:
- any-glob-to-any-file:
- msg/**
- srv/**
- platforms/common/uORB/**
- src/lib/uORB/**
- Tools/msg/**
- Tools/uorb_graph/**
"kind:test":
- changed-files:
- any-glob-to-any-file:
- integrationtests/**
- test/**
- test_data/**
- validation/**
- src/systemcmds/tests/**
- "**/*[Tt]est.*"
- "**/*_test.*"
- "**/test_*.*"
"risk:safety-critical":
- changed-files:
- any-glob-to-any-file:
- src/modules/commander/**
- src/modules/navigator/**
- src/modules/ekf2/**
- src/modules/sensors/**
- src/modules/*_control/**
- src/modules/control_allocator/**
- src/modules/land_detector/**
- src/modules/flight_mode_manager/**
- src/drivers/actuators/**
- src/drivers/imu/**
- src/drivers/ins/**
- src/drivers/pwm_out/**
- src/lib/collision_prevention/**
- src/lib/flight_tasks/**
- src/lib/geofence/**
"risk:security":
- changed-files:
- any-glob-to-any-file:
- SECURITY.md
- src/drivers/stub_keystore/**
- src/drivers/sw_crypto/**
- src/lib/crypto/**
- Tools/log_encryption/**
- Tools/test_keys/**
"vehicle:airship":
- changed-files:
- any-glob-to-any-file:
- src/modules/airship_att_control/**
- docs/**/frames_airship/**
"vehicle:copter":
- changed-files:
- any-glob-to-any-file:
- src/modules/mc_*/**
- docs/**/frames_multicopter/**
- docs/**/complete_vehicles_mc/**
"vehicle:fixed-wing":
- changed-files:
- any-glob-to-any-file:
- src/modules/fw_*/**
- docs/**/frames_plane/**
- docs/**/flying/fixed_wing*
"vehicle:rover":
- changed-files:
- any-glob-to-any-file:
- src/modules/rover_*/**
- docs/**/frames_rover/**
"vehicle:spacecraft":
- changed-files:
- any-glob-to-any-file:
- src/modules/spacecraft/**
"vehicle:uuv":
- changed-files:
- any-glob-to-any-file:
- src/modules/uuv_*/**
- docs/**/frames_sub/**
"vehicle:vtol":
- changed-files:
- any-glob-to-any-file:
- src/modules/vtol_att_control/**
- docs/**/frames_vtol/**
.github/workflows/build_all_targets.yml
+80 -51
View File
@@ -69,32 +69,31 @@ jobs:
runs-on: [runs-on,runner=1cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false]
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
seeders: ${{ steps.set-seeders.outputs.seeders }}
timestamp: ${{ steps.set-timestamp.outputs.timestamp }}
branchname: ${{ steps.set-branch.outputs.branchname }}
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v6
- name: Cache Python pip
uses: actions/cache@v4
uses: actions/cache@v5
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('**./Tools/setup/requirements.txt') }}
restore-keys: |
${{ runner.os }}-pip-
- name: Update python packaging to avoid canonicalize_version() error
run: |
pip3 install -U packaging
- name: Install Python Dependencies
uses: py-actions/py-dependency-install@v4
with:
path: "./Tools/setup/requirements.txt"
run: pip3 install -U packaging -r ./Tools/setup/requirements.txt
- id: set-matrix
name: Generate Build Matrix
run: echo "matrix=$(./Tools/ci/generate_board_targets_json.py --group)" >> $GITHUB_OUTPUT
- id: set-seeders
name: Generate Seeder Matrix
run: echo "seeders=$(./Tools/ci/generate_board_targets_json.py --group --seeders)" >> $GITHUB_OUTPUT
- id: set-timestamp
name: Save Current Timestamp
run: echo "timestamp=$(date +"%Y%m%d%H%M%S")" >> $GITHUB_OUTPUT
@@ -116,11 +115,52 @@ jobs:
echo "${{ steps.set-branch.outputs.branchname }}"
echo "$(./Tools/ci/generate_board_targets_json.py --group --verbose)"
# ===========================================================================
# CACHE SEEDER JOBS
# ===========================================================================
# Build one representative target per chip family to warm the ccache.
# Matrix jobs fall back to these caches via restore-keys when no
# group-specific cache exists yet. If any seeder fails, the build matrix
# does not start, catching common build errors early.
# ===========================================================================
seed:
name: Seed [${{ matrix.chip_family }}]
needs: group_targets
runs-on: [runs-on,"runner=8cpu-linux-${{ matrix.runner }}","image=ubuntu24-full-${{ matrix.runner }}","run-id=${{ github.run_id }}",spot=false,extras=s3-cache]
strategy:
matrix: ${{ fromJson(needs.group_targets.outputs.seeders) }}
fail-fast: false
container:
image: ${{ matrix.container }}
credentials:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
steps:
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-depth: 1
- name: Configure Git Safe Directory
run: git config --system --add safe.directory '*'
- uses: ./.github/actions/setup-ccache
id: ccache
with:
cache-key-prefix: ccache-${{ matrix.chip_family }}-${{ matrix.runner }}-seeder
max-size: 400M
- name: Build seed target
run: make ${{ matrix.target }}
- uses: ./.github/actions/save-ccache
if: always()
with:
cache-primary-key: ${{ steps.ccache.outputs.cache-primary-key }}
setup:
name: Build [${{ matrix.runner }}][${{ matrix.group }}]
# runs-on: ubuntu-latest
runs-on: [runs-on,"runner=8cpu-linux-${{ matrix.runner }}","image=ubuntu24-full-${{ matrix.runner }}","run-id=${{ github.run_id }}",spot=false]
needs: group_targets
runs-on: [runs-on,"runner=4cpu-linux-${{ matrix.runner }}","image=ubuntu24-full-${{ matrix.runner }}","run-id=${{ github.run_id }}",spot=false,extras=s3-cache]
needs: [group_targets, seed]
if: "!failure() && !cancelled()"
strategy:
matrix: ${{ fromJson(needs.group_targets.outputs.matrix) }}
fail-fast: false
@@ -131,41 +171,35 @@ jobs:
password: ${{ secrets.GITHUB_TOKEN }}
steps:
- uses: runs-on/action@v2
- uses: actions/checkout@v4
- uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Git ownership workaround
- name: Configure Git Safe Directory
run: git config --system --add safe.directory '*'
# ccache key breakdown:
# ccache-<system os>-<system arch>-<builder group>-
# ccache-<linux>-<arm64>-<aarch64-0>-
# ccache-<linux>-<x64>-<nuttx-0>-
- name: Cache Restore from Key
id: cc_restore
uses: actions/cache/restore@v4
- name: Cache - Restore ccache
id: ccache-restore
uses: actions/cache/restore@v5
with:
path: ~/.ccache
key: ${{ format('ccache-{0}-{1}-{2}', runner.os, matrix.runner, matrix.group) }}
key: ccache-${{ matrix.chip_family }}-${{ matrix.runner }}-${{ matrix.group }}-${{ github.ref_name }}-${{ github.sha }}
restore-keys: |
ccache-${{ runner.os }}-${{ matrix.runner }}-${{ matrix.group }}-
ccache-${{ runner.os }}-${{ matrix.runner }}-
ccache-${{ runner.os }}-${{ matrix.runner }}-
ccache-${{ runner.os }}-
ccache-
ccache-${{ matrix.chip_family }}-${{ matrix.runner }}-${{ matrix.group }}-${{ github.ref_name }}-
ccache-${{ matrix.chip_family }}-${{ matrix.runner }}-${{ matrix.group }}-${{ github.base_ref || 'main' }}-
ccache-${{ matrix.chip_family }}-${{ matrix.runner }}-${{ matrix.group }}-
ccache-${{ matrix.chip_family }}-${{ matrix.runner }}-
- name: Cache Config and Stats
- name: Cache - Configure ccache
run: |
mkdir -p ~/.ccache
echo "base_dir = ${GITHUB_WORKSPACE}" > ~/.ccache/ccache.conf
echo "compression = true" >> ~/.ccache/ccache.conf
echo "compression_level = 6" >> ~/.ccache/ccache.conf
echo "max_size = 120M" >> ~/.ccache/ccache.conf
echo "hash_dir = false" >> ~/.ccache/ccache.conf
echo "compiler_check = content" >> ~/.ccache/ccache.conf
ccache -s
ccache -z
mkdir -p ~/.ccache
echo "base_dir = ${GITHUB_WORKSPACE}" > ~/.ccache/ccache.conf
echo "compression = true" >> ~/.ccache/ccache.conf
echo "compression_level = 6" >> ~/.ccache/ccache.conf
echo "max_size = ${{ matrix.cache_size }}" >> ~/.ccache/ccache.conf
echo "hash_dir = false" >> ~/.ccache/ccache.conf
echo "compiler_check = content" >> ~/.ccache/ccache.conf
ccache -s
ccache -z
- name: Building Artifacts for [${{ matrix.targets }}]
run: |
@@ -176,23 +210,15 @@ jobs:
./Tools/ci/package_build_artifacts.sh
- name: Upload Build Artifacts
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v7
with:
name: px4_${{matrix.group}}_build_artifacts
path: artifacts/
- name: Cache Post Build Stats
if: always()
run: |
ccache -s
ccache -z
- name: Cache Save
if: always()
uses: actions/cache/save@v4
- uses: ./.github/actions/save-ccache
if: success()
with:
path: ~/.ccache
key: ${{ steps.cc_restore.outputs.cache-primary-key }}
cache-primary-key: ${{ steps.ccache-restore.outputs.cache-primary-key }}
# ===========================================================================
# ARTIFACT UPLOAD JOB
@@ -211,7 +237,7 @@ jobs:
uploadlocation: ${{ steps.upload-location.outputs.uploadlocation }}
steps:
- name: Download Artifacts
uses: actions/download-artifact@v4
uses: actions/download-artifact@v8
with:
path: artifacts/
merge-multiple: true
@@ -265,5 +291,8 @@ jobs:
with:
draft: true
prerelease: ${{ steps.upload-location.outputs.is_prerelease == 'true' }}
files: artifacts/*.px4
files: |
artifacts/*.px4
artifacts/*.deb
artifacts/**/*.sbom.spdx.json
name: ${{ steps.upload-location.outputs.uploadlocation }}
.github/workflows/build_deb_package.yml
+218
View File
@@ -0,0 +1,218 @@
name: SITL Packages and Containers
on:
push:
tags: ['v*']
pull_request:
paths:
- 'cmake/package.cmake'
- 'platforms/posix/CMakeLists.txt'
- 'Tools/packaging/**'
- 'boards/px4/sitl/sih.px4board'
- '.github/workflows/build_deb_package.yml'
- '.github/actions/build-deb/**'
workflow_dispatch:
inputs:
deploy_containers:
description: 'Push container images to registry'
required: false
type: boolean
default: false
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
packages: write
jobs:
# ---------------------------------------------------------------------------
# Setup: extract version and determine whether to push containers
# ---------------------------------------------------------------------------
setup:
name: Setup
runs-on: [runs-on,"runner=1cpu-linux-x64","image=ubuntu24-full-x64","run-id=${{ github.run_id }}",extras=s3-cache,spot=false]
outputs:
px4_version: ${{ steps.version.outputs.px4_version }}
should_push: ${{ steps.push.outputs.should_push }}
steps:
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-depth: 0
fetch-tags: true
- name: Set PX4 version
id: version
run: echo "px4_version=$(git describe --tags --match 'v[0-9]*')" >> $GITHUB_OUTPUT
- name: Check if we should push containers
id: push
run: |
if [[ "${{ startsWith(github.ref, 'refs/tags/') }}" == "true" ]] || \
[[ "${{ github.event_name }}" == "workflow_dispatch" && "${{ github.event.inputs.deploy_containers }}" == "true" ]]; then
echo "should_push=true" >> $GITHUB_OUTPUT
else
echo "should_push=false" >> $GITHUB_OUTPUT
fi
# ---------------------------------------------------------------------------
# Build .deb packages (all distros, arches, targets)
# ---------------------------------------------------------------------------
build-deb:
name: "Build .deb (${{ matrix.target }}/${{ matrix.codename }}/${{ matrix.arch }})"
needs: setup
runs-on: [runs-on,"runner=4cpu-linux-${{ matrix.runner }}","image=ubuntu24-full-${{ matrix.runner }}","run-id=${{ github.run_id }}",extras=s3-cache,spot=false]
container:
image: ${{ matrix.container }}
volumes:
- /github/workspace:/github/workspace
strategy:
fail-fast: false
matrix:
include:
- { codename: noble, arch: amd64, runner: x64, container: "ubuntu:24.04", target: default, setup_flags: "" }
- { codename: noble, arch: arm64, runner: arm64, container: "ubuntu:24.04", target: default, setup_flags: "" }
- { codename: jammy, arch: amd64, runner: x64, container: "ubuntu:22.04", target: default, setup_flags: "" }
- { codename: jammy, arch: arm64, runner: arm64, container: "ubuntu:22.04", target: default, setup_flags: "" }
- { codename: noble, arch: amd64, runner: x64, container: "ubuntu:24.04", target: sih, setup_flags: "--no-sim-tools" }
- { codename: noble, arch: arm64, runner: arm64, container: "ubuntu:24.04", target: sih, setup_flags: "--no-sim-tools" }
- { codename: jammy, arch: amd64, runner: x64, container: "ubuntu:22.04", target: sih, setup_flags: "--no-sim-tools" }
- { codename: jammy, arch: arm64, runner: arm64, container: "ubuntu:22.04", target: sih, setup_flags: "--no-sim-tools" }
env:
RUNS_IN_DOCKER: true
steps:
- uses: runs-on/action@v2
- name: Fix git in container
run: |
apt-get update && apt-get install -y git
git config --global --add safe.directory $(realpath .)
- uses: actions/checkout@v6
with:
fetch-depth: 0
fetch-tags: true
- name: Use AWS regional apt mirror
if: startsWith(runner.name, 'runs-on--')
run: ./Tools/ci/use_aws_apt_mirror.sh
- name: Cache apt packages
uses: actions/cache@v5
with:
path: /var/cache/apt/archives
key: apt-${{ matrix.target }}-${{ matrix.codename }}-${{ matrix.arch }}-${{ hashFiles('Tools/setup/ubuntu.sh') }}
restore-keys: apt-${{ matrix.target }}-${{ matrix.codename }}-${{ matrix.arch }}-
- name: Install dependencies
run: ./Tools/setup/ubuntu.sh --no-nuttx ${{ matrix.setup_flags }}
- name: Build and package .deb
uses: ./.github/actions/build-deb
with:
target: ${{ matrix.target }}
artifact-name: px4-sitl-debs-${{ matrix.target }}-${{ matrix.codename }}-${{ matrix.arch }}
ccache-key-prefix: deb-ccache-${{ matrix.target }}-${{ matrix.codename }}-${{ matrix.arch }}
# ---------------------------------------------------------------------------
# Build Docker images from Noble .debs
# ---------------------------------------------------------------------------
build-docker:
name: "Build Image (${{ matrix.image }}/${{ matrix.arch }})"
needs: [setup, build-deb]
runs-on: [runs-on,"runner=4cpu-linux-${{ matrix.runner }}","image=ubuntu24-full-${{ matrix.runner }}","run-id=${{ github.run_id }}",extras=s3-cache,spot=false]
strategy:
fail-fast: false
matrix:
include:
- { image: sih, repo: px4-sitl, target: sih, arch: amd64, runner: x64, platform: "linux/amd64", dockerfile: Dockerfile.sih }
- { image: sih, repo: px4-sitl, target: sih, arch: arm64, runner: arm64, platform: "linux/arm64", dockerfile: Dockerfile.sih }
- { image: gazebo, repo: px4-sitl-gazebo, target: default, arch: amd64, runner: x64, platform: "linux/amd64", dockerfile: Dockerfile.gazebo }
- { image: gazebo, repo: px4-sitl-gazebo, target: default, arch: arm64, runner: arm64, platform: "linux/arm64", dockerfile: Dockerfile.gazebo }
steps:
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-depth: 1
- name: Download Noble .deb artifact
uses: actions/download-artifact@v8
with:
name: px4-sitl-debs-${{ matrix.target }}-noble-${{ matrix.arch }}
path: docker-context
- name: Prepare build context
run: cp Tools/packaging/px4-entrypoint.sh docker-context/
- name: Login to registries
if: needs.setup.outputs.should_push == 'true'
run: |
echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u "${{ github.actor }}" --password-stdin
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v4
with:
driver: docker-container
platforms: ${{ matrix.platform }}
- name: Build and push container image
uses: docker/build-push-action@v7
with:
context: docker-context
file: Tools/packaging/${{ matrix.dockerfile }}
tags: |
px4io/${{ matrix.repo }}:${{ needs.setup.outputs.px4_version }}-${{ matrix.arch }}
px4io/${{ matrix.repo }}:latest-${{ matrix.arch }}
ghcr.io/px4/${{ matrix.repo }}:${{ needs.setup.outputs.px4_version }}-${{ matrix.arch }}
ghcr.io/px4/${{ matrix.repo }}:latest-${{ matrix.arch }}
platforms: ${{ matrix.platform }}
load: false
push: ${{ needs.setup.outputs.should_push == 'true' }}
provenance: false
cache-from: type=gha,scope=sitl-${{ matrix.image }}-${{ matrix.arch }}
cache-to: type=gha,mode=max,scope=sitl-${{ matrix.image }}-${{ matrix.arch }}
# ---------------------------------------------------------------------------
# Deploy: create multi-arch manifests and push to registries
# ---------------------------------------------------------------------------
deploy:
name: "Deploy (${{ matrix.image }})"
needs: [setup, build-docker]
if: needs.setup.outputs.should_push == 'true'
runs-on: [runs-on,"runner=1cpu-linux-x64","image=ubuntu24-full-x64","run-id=${{ github.run_id }}",extras=s3-cache,spot=false]
strategy:
matrix:
include:
- { image: sih, repo: px4-sitl }
- { image: gazebo, repo: px4-sitl-gazebo }
steps:
- uses: runs-on/action@v2
- name: Login to registries
run: |
echo "${{ secrets.DOCKERHUB_TOKEN }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin
echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u "${{ github.actor }}" --password-stdin
- name: Create and push multi-arch manifests
run: |
VERSION="${{ needs.setup.outputs.px4_version }}"
for REGISTRY in px4io ghcr.io/px4; do
IMAGE="${REGISTRY}/${{ matrix.repo }}"
for TAG in ${VERSION} latest; do
docker manifest create ${IMAGE}:${TAG} \
--amend ${IMAGE}:${TAG}-arm64 \
--amend ${IMAGE}:${TAG}-amd64
docker manifest annotate ${IMAGE}:${TAG} ${IMAGE}:${TAG}-arm64 --arch arm64
docker manifest annotate ${IMAGE}:${TAG} ${IMAGE}:${TAG}-amd64 --arch amd64
docker manifest push ${IMAGE}:${TAG}
done
done
.github/workflows/checks.yml
+64 -25
View File
@@ -12,49 +12,88 @@ on:
paths-ignore:
- 'docs/**'
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
runs-on: ubuntu-latest
gate_checks:
name: Gate Checks [${{ matrix.check }}]
runs-on: [runs-on,runner=2cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false,extras=s3-cache]
container:
image: px4io/px4-dev:v1.16.0-rc1-258-g0369abd556
image: ghcr.io/px4/px4-dev:v1.17.0-rc2
strategy:
fail-fast: false
fail-fast: true
matrix:
check: [
"check_format",
"check_newlines",
"tests",
"tests_coverage",
"px4_fmu-v2_default stack_check",
"validate_module_configs",
"shellcheck_all",
"NO_NINJA_BUILD=1 px4_fmu-v5_default",
"NO_NINJA_BUILD=1 px4_sitl_default",
"px4_sitl_allyes",
"module_documentation",
]
steps:
- uses: actions/checkout@v4
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-depth: 0
fetch-depth: 1
- name: Configure Git Safe Directory
run: git config --system --add safe.directory '*'
- name: Building [${{ matrix.check }}]
run: |
cd "$GITHUB_WORKSPACE"
git config --global --add safe.directory "$GITHUB_WORKSPACE"
make ${{ matrix.check }}
env:
PX4_SBOM_DISABLE: 1
run: make ${{ matrix.check }}
- name: Uploading Coverage to Codecov.io
if: contains(matrix.check, 'coverage')
uses: codecov/codecov-action@v1
tests:
name: Unit Tests
runs-on: [runs-on,runner=8cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false,extras=s3-cache]
container:
image: ghcr.io/px4/px4-dev:v1.17.0-rc2
permissions:
contents: write
env:
GIT_COMMITTER_EMAIL: bot@px4.io
GIT_COMMITTER_NAME: PX4BuildBot
steps:
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
token: ${{ secrets.CODECOV_TOKEN }}
flags: unittests
file: coverage/lcov.info
fetch-depth: 1
- name: Configure Git Safe Directory
run: git config --system --add safe.directory '*'
- uses: ./.github/actions/setup-ccache
id: ccache
with:
cache-key-prefix: ccache-sitl
max-size: 300M
- name: Build and run unit tests
env:
PX4_SBOM_DISABLE: 1
run: make tests
- uses: ./.github/actions/save-ccache
if: always()
with:
cache-primary-key: ${{ steps.ccache.outputs.cache-primary-key }}
- name: Auto-update EKF change indication baselines
if: github.event_name == 'push'
uses: stefanzweifel/git-auto-commit-action@v7
with:
file_pattern: 'src/modules/ekf2/test/change_indication/*.csv'
commit_user_name: ${{ env.GIT_COMMITTER_NAME }}
commit_user_email: ${{ env.GIT_COMMITTER_EMAIL }}
commit_message: |
[AUTO COMMIT] update EKF change indication
See .github/workflows/checks.yml for more details
- name: Check for EKF functional changes
run: git diff --exit-code
working-directory: src/modules/ekf2/test/change_indication
.github/workflows/clang-tidy.yml
+121 -29
View File
@@ -16,14 +16,21 @@ permissions:
contents: read
jobs:
clang_tidy:
# Push-to-main: unchanged historical behavior. Single clang build dir
# with BUILD_TESTING=OFF. `make clang-tidy` builds and analyzes every
# TU in compile_commands.json. Test files are not in the DB and
# therefore never analyzed.
clang_tidy_push:
name: Clang-Tidy
if: github.event_name != 'pull_request'
runs-on: [runs-on, runner=16cpu-linux-x64, "run-id=${{ github.run_id }}", "extras=s3-cache"]
container:
image: px4io/px4-dev:v1.17.0-beta1
image: ghcr.io/px4/px4-dev:v1.17.0-rc2
permissions:
contents: read
steps:
- uses: runs-on/action@v2
- uses: actions/checkout@v4
- uses: actions/checkout@v6
with:
fetch-depth: 0
fetch-tags: true
@@ -31,39 +38,124 @@ jobs:
- name: Configure Git Safe Directory
run: git config --system --add safe.directory '*'
- name: Restore Compiler Cache
id: cc_restore
uses: actions/cache/restore@v4
- uses: ./.github/actions/setup-ccache
id: ccache
with:
path: ~/.ccache
key: ccache-clang-tidy-${{ github.head_ref || github.ref_name }}
restore-keys: |
ccache-clang-tidy-${{ github.head_ref || github.ref_name }}-
ccache-clang-tidy-main-
ccache-clang-tidy-
cache-key-prefix: ccache-clang-tidy
max-size: 150M
- name: Configure Compiler Cache
- name: Build and Analyze - Clang-Tidy
run: make -j$(nproc) clang-tidy
- uses: ./.github/actions/save-ccache
if: always()
with:
cache-primary-key: ${{ steps.ccache.outputs.cache-primary-key }}
# Pull request: diff-based analysis with a second BUILD_TESTING=ON
# build dir so test files in the PR diff can be linted by
# clang-tidy-diff-18.py with resolved gtest/fuzztest includes.
# Results are uploaded as a `pr-review` artifact for the PR Review
# Poster workflow to post as inline comments.
clang_tidy_pr:
name: Clang-Tidy
if: github.event_name == 'pull_request'
runs-on: [runs-on, runner=8cpu-linux-x64, "run-id=${{ github.run_id }}", "extras=s3-cache"]
container:
image: ghcr.io/px4/px4-dev:v1.17.0-rc2
permissions:
contents: read
pull-requests: read
steps:
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-depth: 0
fetch-tags: true
- name: Configure Git Safe Directory
run: git config --system --add safe.directory '*'
- uses: ./.github/actions/setup-ccache
id: ccache
with:
cache-key-prefix: ccache-clang-tidy
max-size: 150M
# fuzztest (enabled via BUILD_TESTING in the -test build dir) pulls
# in abseil via FetchContent, and abseil runs a try_compile with
# fuzztest's -fsanitize=address flags. The px4-dev container ships
# clang but not the clang compiler-rt runtime, so that link fails
# and the configure reports a misleading "pthreads not found".
# libclang-rt-18-dev provides libclang_rt.asan and friends.
- name: Install clang compiler-rt
run: |
mkdir -p ~/.ccache
echo "base_dir = ${GITHUB_WORKSPACE}" > ~/.ccache/ccache.conf
echo "compression = true" >> ~/.ccache/ccache.conf
echo "compression_level = 6" >> ~/.ccache/ccache.conf
echo "max_size = 120M" >> ~/.ccache/ccache.conf
echo "hash_dir = false" >> ~/.ccache/ccache.conf
echo "compiler_check = content" >> ~/.ccache/ccache.conf
ccache -s
ccache -z
apt-get update
apt-get install -y --no-install-recommends libclang-rt-18-dev
# `make clang-ci` prepares both clang build directories:
# - build/px4_sitl_default-clang: full build, BUILD_TESTING=OFF
# (used by run-clang-tidy-pr.py for whole-file analysis of
# changed production code)
# - build/px4_sitl_default-clang-test: configure-only, BUILD_TESTING=ON
# (used by clang-tidy-diff-18.py so test files are in the
# compilation database with resolved gtest/fuzztest includes)
- name: Build clang SITL
run: make -j$(nproc) clang-ci
- name: Run Clang-Tidy Analysis
run: make -j16 clang-tidy
run: python3 Tools/ci/run-clang-tidy-pr.py origin/${{ github.base_ref }}
- name: Compiler Cache Stats
# Produce a `pr-review` artifact for the PR Review Poster workflow
# to consume. clang-tidy-diff-18 emits a unified fixes.yml that
# the producer script translates into line-anchored review comments.
- name: Export clang-tidy fixes for PR review
if: always()
run: ccache -s
run: |
mkdir -p pr-review
# Drop changed C/C++ source files that are not in
# compile_commands.json for the test-enabled build. Files not
# in the DB are platform-specific sources, vendored code, or
# submodule code we don't own. Feeding them to clang-tidy-diff
# produces false positives from unresolved headers.
python3 Tools/ci/clang-tidy-diff-filter.py \
--build-dir build/px4_sitl_default-clang-test \
--base-ref origin/${{ github.base_ref }} \
--out pr-review/diff.patch
if [ -s pr-review/diff.patch ]; then
clang-tidy-diff-18.py -p1 \
-path build/px4_sitl_default-clang-test \
-export-fixes pr-review/fixes.yml \
-j0 < pr-review/diff.patch || true
else
echo "No analyzable files in diff; skipping clang-tidy-diff"
fi
- name: Save Compiler Cache
- name: Build pr-review artifact
if: always()
uses: actions/cache/save@v4
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
python3 Tools/ci/clang-tidy-fixes-to-review.py \
--fixes pr-review/fixes.yml \
--repo-root "$GITHUB_WORKSPACE" \
--repo "$GITHUB_REPOSITORY" \
--pr-number "${{ github.event.pull_request.number }}" \
--commit-sha "${{ github.event.pull_request.head.sha }}" \
--out-dir pr-review \
--event COMMENT
- name: Upload pr-review artifact
if: always()
uses: actions/upload-artifact@v7
with:
path: ~/.ccache
key: ${{ steps.cc_restore.outputs.cache-primary-key }}
name: pr-review
path: |
pr-review/manifest.json
pr-review/comments.json
retention-days: 1
- uses: ./.github/actions/save-ccache
if: always()
with:
cache-primary-key: ${{ steps.ccache.outputs.cache-primary-key }}
.github/workflows/commit_checks.yml
+148
View File
@@ -0,0 +1,148 @@
name: Commit Quality
on:
pull_request:
types: [opened, edited, synchronize, reopened]
permissions:
contents: read
pull-requests: write
issues: write
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
PR_NUMBER: ${{ github.event.pull_request.number }}
IS_FORK: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
jobs:
pr-title:
name: PR Title
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v6
with:
sparse-checkout: Tools/ci
fetch-depth: 1
- name: Check PR title
id: check
run: |
python3 Tools/ci/check_pr_title.py "${{ github.event.pull_request.title }}" --markdown-file comment.md && rc=0 || rc=$?
echo "exit_code=$rc" >> "$GITHUB_OUTPUT"
- name: Post or clear comment
if: env.IS_FORK == 'false'
env:
GH_TOKEN: ${{ github.token }}
run: |
if [ "${{ steps.check.outputs.exit_code }}" != "0" ]; then
python3 Tools/ci/pr_comment.py --marker pr-title --pr "$PR_NUMBER" --result fail < comment.md
else
python3 Tools/ci/pr_comment.py --marker pr-title --pr "$PR_NUMBER" --result pass
fi
- name: Result
if: steps.check.outputs.exit_code != '0'
run: |
echo "::error::PR title does not follow conventional commits format. See the PR comment for details."
exit 1
commit-messages:
name: Commit Messages
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v6
with:
sparse-checkout: Tools/ci
fetch-depth: 1
- name: Check commit messages
id: check
env:
GH_TOKEN: ${{ github.token }}
run: |
gh api \
"repos/${{ github.repository }}/pulls/${PR_NUMBER}/commits?per_page=100" \
| python3 Tools/ci/check_commit_messages.py --markdown-file comment.md && rc=0 || rc=$?
echo "exit_code=$rc" >> "$GITHUB_OUTPUT"
# Check for warnings (non-empty markdown on exit 0)
if [ "$rc" -eq 0 ] && [ -s comment.md ]; then
echo "has_warnings=true" >> "$GITHUB_OUTPUT"
else
echo "has_warnings=false" >> "$GITHUB_OUTPUT"
fi
- name: Post or clear comment
if: env.IS_FORK == 'false'
env:
GH_TOKEN: ${{ github.token }}
run: |
if [ "${{ steps.check.outputs.exit_code }}" != "0" ]; then
python3 Tools/ci/pr_comment.py --marker commit-msgs --pr "$PR_NUMBER" --result fail < comment.md
elif [ "${{ steps.check.outputs.has_warnings }}" == "true" ]; then
python3 Tools/ci/pr_comment.py --marker commit-msgs --pr "$PR_NUMBER" --result warn < comment.md
else
python3 Tools/ci/pr_comment.py --marker commit-msgs --pr "$PR_NUMBER" --result pass
fi
- name: Result
if: steps.check.outputs.exit_code != '0'
run: |
echo "::error::Commit message errors found. See the PR comment for details."
exit 1
pr-body:
name: PR Description
runs-on: ubuntu-latest
steps:
- name: Checkout
if: env.IS_FORK == 'false'
uses: actions/checkout@v6
with:
sparse-checkout: Tools/ci
fetch-depth: 1
- name: Check PR body
id: check
env:
PR_BODY: ${{ github.event.pull_request.body }}
run: |
message=""
if [ -z "$PR_BODY" ]; then
message="PR description is empty. Please add a summary of the changes."
echo "::warning::PR description is empty."
else
cleaned=$(echo "$PR_BODY" | sed 's/<!--.*-->//g' | tr -d '[:space:]')
if [ -z "$cleaned" ]; then
message="PR description contains only template comments. Please fill in the details."
echo "::warning::PR description contains only template comments."
fi
fi
echo "message=$message" >> "$GITHUB_OUTPUT"
- name: Post or clear comment
if: env.IS_FORK == 'false'
env:
GH_TOKEN: ${{ github.token }}
run: |
if [ -n "${{ steps.check.outputs.message }}" ]; then
printf '%s\n' \
"## PR Description (advisory)" \
"" \
"This is **not blocking**, but your PR description appears to be empty or incomplete." \
"" \
"${{ steps.check.outputs.message }}" \
"" \
"A good PR description helps reviewers understand what changed and why." \
"" \
"---" \
"*This comment will be automatically removed once the issue is resolved.*" \
| python3 Tools/ci/pr_comment.py --marker pr-body --pr "$PR_NUMBER" --result warn
else
python3 Tools/ci/pr_comment.py --marker pr-body --pr "$PR_NUMBER" --result pass
fi
.github/workflows/compile_macos.yml
+36 -34
View File
@@ -19,49 +19,51 @@ concurrency:
jobs:
build:
runs-on: macos-latest
strategy:
matrix:
config: [
px4_fmu-v5_default,
px4_sitl
]
steps:
- name: install Python 3.10
uses: actions/setup-python@v5
uses: actions/setup-python@v6
with:
python-version: "3.10"
- uses: actions/checkout@v4
- uses: actions/checkout@v6
- name: Cache - Restore Homebrew Packages
uses: actions/cache@v5
with:
path: ~/Library/Caches/Homebrew/downloads
key: macos-homebrew-${{ runner.arch }}-${{ hashFiles('Tools/setup/macos.sh') }}
restore-keys: |
macos-homebrew-${{ runner.arch }}-
- name: Cache - Restore pip Packages
uses: actions/cache@v5
with:
path: ~/Library/Caches/pip
key: macos-pip-${{ runner.arch }}-${{ hashFiles('Tools/setup/requirements.txt') }}
restore-keys: |
macos-pip-${{ runner.arch }}-
- name: setup
run: |
./Tools/setup/macos.sh
echo "${{ github.workspace }}/.venv/bin" >> $GITHUB_PATH
- name: Prepare ccache timestamp
id: ccache_cache_timestamp
shell: cmake -P {0}
run: |
string(TIMESTAMP current_date "%Y-%m-%d-%H;%M;%S" UTC)
file(APPEND "$ENV{GITHUB_OUTPUT}" "timestamp=${current_date}\n")
- name: ccache cache files
uses: actions/cache@v4
- uses: ./.github/actions/setup-ccache
id: ccache
with:
path: ~/.ccache
key: macos_${{matrix.config}}-ccache-${{steps.ccache_cache_timestamp.outputs.timestamp}}
restore-keys: macos_${{matrix.config}}-ccache-
- name: setup ccache
run: |
mkdir -p ~/.ccache
echo "base_dir = ${GITHUB_WORKSPACE}" > ~/.ccache/ccache.conf
echo "compression = true" >> ~/.ccache/ccache.conf
echo "compression_level = 6" >> ~/.ccache/ccache.conf
echo "max_size = 40M" >> ~/.ccache/ccache.conf
echo "hash_dir = false" >> ~/.ccache/ccache.conf
ccache -s
ccache -z
cache-key-prefix: ccache-macos
max-size: 200M
- name: make ${{matrix.config}}
run: |
ccache -z
make ${{matrix.config}}
ccache -s
- name: Build px4_sitl
run: make px4_sitl
- name: Cache - Stats after px4_sitl
run: ccache -s
- name: Build px4_fmu-v5_default
run: make px4_fmu-v5_default
- uses: ./.github/actions/save-ccache
if: always()
with:
cache-primary-key: ${{ steps.ccache.outputs.cache-primary-key }}
.github/workflows/compile_ubuntu.yml
+26 -11
View File
@@ -4,9 +4,6 @@ on:
push:
branches:
- 'main'
- 'stable'
- 'beta'
- 'release/**'
paths-ignore:
- 'docs/**'
pull_request:
@@ -29,12 +26,13 @@ jobs:
fail-fast: false
matrix:
version: ['ubuntu:22.04', 'ubuntu:24.04']
runs-on: [runs-on,runner=4cpu-linux-x64,"image=ubuntu24-full-x64","run-id=${{ github.run_id }}",spot=false]
runs-on: [runs-on,runner=4cpu-linux-x64,"image=ubuntu24-full-x64","run-id=${{ github.run_id }}",spot=false,extras=s3-cache]
container:
image: ${{ matrix.version }}
volumes:
- /github/workspace:/github/workspace
steps:
- uses: runs-on/action@v2
- name: Fix git in container
run: |
@@ -47,11 +45,28 @@ jobs:
apt update && apt install git -y
git config --global --add safe.directory $(realpath .)
- uses: actions/checkout@v4
- uses: actions/checkout@v6
- name: Install Deps, Build, and Make Quick Check
run: |
# we need to install dependencies and build on the same step
# given the stateless nature of docker images
./Tools/setup/ubuntu.sh
make quick_check
- name: Use AWS regional apt mirror
if: startsWith(runner.name, 'runs-on--')
run: ./Tools/ci/use_aws_apt_mirror.sh
- name: Install Deps
run: ./Tools/setup/ubuntu.sh
- uses: ./.github/actions/setup-ccache
id: ccache
with:
cache-key-prefix: ccache-ubuntu-${{ matrix.version }}
max-size: 200M
- name: Build px4_sitl_default
run: make px4_sitl_default
- name: Build px4_fmu-v5_default
run: make px4_fmu-v5_default
- uses: ./.github/actions/save-ccache
if: always()
with:
cache-primary-key: ${{ steps.ccache.outputs.cache-primary-key }}
.github/workflows/dev_container.yml
+34 -29
View File
@@ -4,9 +4,6 @@ on:
push:
branches:
- 'main'
- 'stable'
- 'beta'
- 'release/**'
tags:
- 'v*'
pull_request:
@@ -24,6 +21,11 @@ on:
description: 'Container tag (e.g. v1.16.0)'
required: true
type: string
build_ref:
description: 'Git ref to build from (branch, tag, or SHA). Leave empty to build from the dispatch ref.'
required: false
type: string
default: ''
deploy_to_registry:
description: 'Whether to push built images to the registry'
required: false
@@ -45,12 +47,12 @@ jobs:
meta_tags: ${{ steps.meta.outputs.tags }}
meta_labels: ${{ steps.meta.outputs.labels }}
steps:
- uses: runs-on/action@v1
- uses: actions/checkout@v4
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-tags: true
submodules: false
ref: ${{ github.event.inputs.build_ref || github.ref }}
fetch-depth: 0
fetch-tags: true
# If manual dispatch, take the userprovided input
- name: Set PX4 Tag Version
@@ -64,7 +66,7 @@ jobs:
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
uses: docker/metadata-action@v6
with:
images: |
ghcr.io/PX4/px4-dev
@@ -89,22 +91,22 @@ jobs:
runner: x64
runs-on: [runs-on,"runner=4cpu-linux-${{ matrix.runner }}","image=ubuntu24-full-${{ matrix.runner }}","run-id=${{ github.run_id }}",extras=s3-cache,spot=false]
steps:
- uses: runs-on/action@v1
- uses: actions/checkout@v4
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-tags: true
submodules: false
ref: ${{ github.event.inputs.build_ref || github.ref }}
fetch-depth: 0
fetch-tags: true
- name: Login to Docker Hub
uses: docker/login-action@v3
uses: docker/login-action@v4
if: ${{ startsWith(github.ref, 'refs/tags/') || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_to_registry) }}
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
uses: docker/login-action@v4
if: ${{ startsWith(github.ref, 'refs/tags/') || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_to_registry) }}
with:
registry: ghcr.io
@@ -112,13 +114,13 @@ jobs:
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@v4
with:
driver: docker-container
platforms: ${{ matrix.platform }}
- name: Build and Load Container Image
uses: docker/build-push-action@v6
uses: docker/build-push-action@v7
id: docker
with:
context: Tools/setup
@@ -130,8 +132,8 @@ jobs:
load: false
push: ${{ startsWith(github.ref, 'refs/tags/') || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_to_registry) }}
provenance: false
cache-from: type=gha,version=1,scope=${{ matrix.arch }}
cache-to: type=gha,version=1,mode=max,scope=${{ matrix.arch }}
cache-from: type=gha,scope=${{ matrix.arch }}
cache-to: type=gha,mode=max,scope=${{ matrix.arch }},ignore-error=true
deploy:
name: Deploy To Registry
@@ -140,23 +142,26 @@ jobs:
packages: write
runs-on: [runs-on,"runner=4cpu-linux-x64","image=ubuntu24-full-x64","run-id=${{ github.run_id }}",extras=s3-cache,spot=false]
needs: [build, setup]
if: ${{ startsWith(github.ref, 'refs/tags/') || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_to_registry) }}
if: |
!cancelled() &&
needs.setup.result == 'success' &&
(startsWith(github.ref, 'refs/tags/') || (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy_to_registry == 'true'))
steps:
- uses: runs-on/action@v1
- uses: actions/checkout@v4
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-tags: true
submodules: false
ref: ${{ github.event.inputs.build_ref || github.ref }}
fetch-depth: 0
fetch-tags: true
- name: Login to Docker Hub
uses: docker/login-action@v3
uses: docker/login-action@v4
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
uses: docker/login-action@v4
with:
registry: ghcr.io
username: ${{ github.actor }}
@@ -164,10 +169,10 @@ jobs:
- name: Verify Images Exist Before Creating Manifest
run: |
docker manifest inspect px4io/px4-dev:${{ needs.setup.outputs.px4_version }}-arm64 || echo "⚠️ Warning: No ARM64 image found!"
docker manifest inspect px4io/px4-dev:${{ needs.setup.outputs.px4_version }}-amd64 || echo "⚠️ Warning: No AMD64 image found!"
docker manifest inspect ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }}-arm64 || echo "⚠️ Warning: No ARM64 image found!"
docker manifest inspect ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }}-amd64 || echo "⚠️ Warning: No AMD64 image found!"
docker manifest inspect px4io/px4-dev:${{ needs.setup.outputs.px4_version }}-arm64
docker manifest inspect px4io/px4-dev:${{ needs.setup.outputs.px4_version }}-amd64
docker manifest inspect ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }}-arm64
docker manifest inspect ghcr.io/px4/px4-dev:${{ needs.setup.outputs.px4_version }}-amd64
- name: Create and Push Multi-Arch Manifest for Docker Hub
run: |
.github/workflows/docs-orchestrator.yml
+51 -37
View File
@@ -46,8 +46,8 @@ jobs:
source_changed: ${{ steps.changes.outputs.source }}
docs_changed: ${{ steps.changes.outputs.docs }}
steps:
- uses: actions/checkout@v4
- uses: dorny/paths-filter@v3
- uses: actions/checkout@v6
- uses: dorny/paths-filter@v4
id: changes
with:
filters: |
@@ -70,22 +70,19 @@ jobs:
contents: read
runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false,extras=s3-cache]
container:
image: px4io/px4-dev:v1.17.0-beta1
image: ghcr.io/px4/px4-dev:v1.17.0-rc2
steps:
- uses: runs-on/action@v1
- name: Checkout
uses: actions/checkout@v4
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-depth: 0
submodules: recursive
- name: Git ownership workaround
- name: Configure Git Safe Directory
run: git config --system --add safe.directory '*'
- name: Cache Restore - ccache
id: cache-ccache
uses: actions/cache/restore@v4
uses: actions/cache/restore@v5
with:
path: ~/.ccache
key: ccache-docs-metadata-${{ github.sha }}
@@ -104,7 +101,7 @@ jobs:
CCACHE_DIR: ~/.ccache
- name: Cache Save - ccache
uses: actions/cache/save@v4
uses: actions/cache/save@v5
if: always()
with:
path: ~/.ccache
@@ -116,7 +113,7 @@ jobs:
CCACHE_DIR: ~/.ccache
- name: Upload metadata artifact
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v7
with:
name: pr-metadata
path: docs/
@@ -132,12 +129,12 @@ jobs:
contents: write
runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false,extras=s3-cache]
container:
image: px4io/px4-dev:v1.17.0-beta1
image: ghcr.io/px4/px4-dev:v1.17.0-rc2
steps:
- uses: runs-on/action@v1
- uses: runs-on/action@v2
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@v6
with:
fetch-depth: 0
submodules: recursive
@@ -148,7 +145,7 @@ jobs:
- name: Cache Restore - ccache
id: cache-ccache
uses: actions/cache/restore@v4
uses: actions/cache/restore@v5
with:
path: ~/.ccache
key: ccache-docs-metadata-${{ github.sha }}
@@ -167,7 +164,7 @@ jobs:
CCACHE_DIR: ~/.ccache
- name: Cache Save - ccache
uses: actions/cache/save@v4
uses: actions/cache/save@v5
if: always()
with:
path: ~/.ccache
@@ -213,25 +210,24 @@ jobs:
if: always() && (github.event_name == 'pull_request')
permissions:
contents: read
pull-requests: write
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@v6
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
- name: Download metadata artifact
if: needs.pr-metadata-regen.result == 'success'
uses: actions/download-artifact@v4
uses: actions/download-artifact@v8
with:
name: pr-metadata
path: docs/
- name: Get changed doc files
id: changed-files
uses: tj-actions/changed-files@v46.0.5
uses: tj-actions/changed-files@v47
with:
json: true
write_output_files: true
@@ -248,13 +244,13 @@ jobs:
cat ./logs/prFiles.json
- name: Setup Node.js
uses: actions/setup-node@v4
uses: actions/setup-node@v6
with:
node-version: 20
- name: Run filtered link checker (changed files)
run: |
npm -g install markdown_link_checker_sc@0.0.138
npm -g install markdown_link_checker_sc@0.0.144
if [ "$(jq length ./logs/prFiles.json)" -gt 0 ]; then
markdown_link_checker_sc \
-r "$GITHUB_WORKSPACE" \
@@ -281,15 +277,35 @@ jobs:
> ./logs/link-check-results.md || true
cat ./logs/link-check-results.md
- name: Post PR comment with link check results
if: github.event.pull_request.head.repo.full_name == github.repository
uses: marocchino/sticky-pull-request-comment@v2
- name: Prepare pr-comment artifact
id: prepare-pr-comment
run: |
if [ ! -s ./logs/filtered-link-check-results.md ]; then
echo "No link-check results file; skipping pr-comment artifact."
echo "prepared=false" >> "$GITHUB_OUTPUT"
exit 0
fi
mkdir -p pr-comment
cp ./logs/filtered-link-check-results.md pr-comment/body.md
cat > pr-comment/manifest.json <<EOF
{
"pr_number": ${{ github.event.pull_request.number }},
"marker": "<!-- pr-comment-poster:docs-link-check -->",
"mode": "upsert"
}
EOF
echo "prepared=true" >> "$GITHUB_OUTPUT"
- name: Upload pr-comment artifact
if: steps.prepare-pr-comment.outputs.prepared == 'true'
uses: actions/upload-artifact@v7
with:
header: flaws
path: ./logs/filtered-link-check-results.md
name: pr-comment
path: pr-comment/
retention-days: 1
- name: Upload link check results
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v7
with:
name: link-check-results
path: logs/
@@ -313,16 +329,14 @@ jobs:
branchname: ${{ steps.set-branch.outputs.branchname }}
releaseversion: ${{ steps.set-version.outputs.releaseversion }}
steps:
- uses: runs-on/action@v1
- name: Checkout
uses: actions/checkout@v4
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
- name: Download metadata artifact (PR)
if: github.event_name == 'pull_request' && needs.pr-metadata-regen.result == 'success'
uses: actions/download-artifact@v4
uses: actions/download-artifact@v8
with:
name: pr-metadata
path: docs/
@@ -346,7 +360,7 @@ jobs:
echo "releaseversion=$version" >> $GITHUB_OUTPUT
- name: Setup Node
uses: actions/setup-node@v4
uses: actions/setup-node@v6
with:
node-version: 20
cache: npm
@@ -365,7 +379,7 @@ jobs:
npm run docs:sitemap
- name: Upload artifact
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v7
with:
name: px4_docs_build
path: docs/.vitepress/dist/
@@ -387,7 +401,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Download Artifact
uses: actions/download-artifact@v4
uses: actions/download-artifact@v8
with:
name: px4_docs_build
path: ~/_book
.github/workflows/docs_crowdin_download.yml
+5 -5
View File
@@ -22,7 +22,7 @@ jobs:
lc: [ko, uk, zh-CN] # Target languages https://developer.crowdin.com/language-codes/
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@v6
- name: Debug Environment Variables
run: |
echo "CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_DOCS_PROJECT_ID }}"
@@ -34,14 +34,14 @@ jobs:
upload_sources: false
upload_translations: false
download_translations: true
commit_message: New Crowdin translations - ${{ matrix.lc }}
commit_message: 'docs(i18n): PX4 guide translations (Crowdin) - ${{ matrix.lc }}'
localization_branch_name: l10n_crowdin_docs_translations_${{ matrix.lc }}
crowdin_branch_name: main
create_pull_request: true
pull_request_base_branch_name: 'main'
pull_request_title: New PX4 guide translations (Crowdin) - ${{ matrix.lc }}
pull_request_body: 'New PX4 guide Crowdin translations by [Crowdin GH Action](https://github.com/crowdin/github-action) for ${{ matrix.lc }}'
pull_request_labels: 'Documentation 📑'
pull_request_title: 'docs(i18n): PX4 guide translations (Crowdin) - ${{ matrix.lc }}'
pull_request_body: 'docs(i18n): PX4 guide Crowdin translations by [Crowdin GH Action](https://github.com/crowdin/github-action) for ${{ matrix.lc }}'
pull_request_labels: 'scope:docs'
pull_request_reviewers: hamishwillee
download_language: ${{ matrix.lc }}
env:
.github/workflows/docs_crowdin_upload.yml
+1 -1
View File
@@ -24,7 +24,7 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@v6
- name: crowdin push
uses: crowdin/github-action@v2
with:
.github/workflows/docs_deploy.yml
+5 -6
View File
@@ -22,12 +22,11 @@ jobs:
build:
runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",extras=s3-cache,spot=false]
steps:
- uses: runs-on/action@v1
- name: Checkout
uses: actions/checkout@v4
- uses: runs-on/action@v2
- uses: actions/checkout@v6
- name: Setup Node
uses: actions/setup-node@v4
uses: actions/setup-node@v6
with:
node-version: 20
cache: npm
@@ -46,7 +45,7 @@ jobs:
- name: Upload artifact
if: ${{ github.event_name == 'push' || (github.event_name == 'pull_request' && github.event.pull_request.merged) || github.event_name == 'workflow_dispatch' }}
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v7
with:
name: px4_docs_build
path: docs/.vitepress/dist/
@@ -59,7 +58,7 @@ jobs:
steps:
- name: Download Artifact
uses: actions/download-artifact@v4
uses: actions/download-artifact@v8
with:
name: px4_docs_build
path: ~/_book
.github/workflows/ekf_functional_change_indicator.yml
-35
View File
@@ -1,35 +0,0 @@
name: EKF Change Indicator
on:
pull_request:
branches:
- '**'
paths-ignore:
- 'docs/**'
# If two events are triggered within a short time in the same PR, cancel the run of the oldest event
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
cancel-in-progress: true
jobs:
unit_tests:
runs-on: ubuntu-latest
container:
image: px4io/px4-dev:v1.16.0-rc1-258-g0369abd556
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: main test
run: |
cd "$GITHUB_WORKSPACE"
git config --global --add safe.directory "$GITHUB_WORKSPACE"
make tests TESTFILTER=EKF
- name: Check if there is a functional change
run: git diff --exit-code
working-directory: src/modules/ekf2/test/change_indication
.github/workflows/ekf_update_change_indicator.yml
-54
View File
@@ -1,54 +0,0 @@
name: EKF Update Change Indicator
on:
push:
paths-ignore:
- 'docs/**'
jobs:
unit_tests:
runs-on: ubuntu-latest
container:
image: px4io/px4-dev:v1.16.0-rc1-258-g0369abd556
env:
GIT_COMMITTER_EMAIL: bot@px4.io
GIT_COMMITTER_NAME: PX4BuildBot
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: main test
run: |
cd "$GITHUB_WORKSPACE"
git config --global --add safe.directory "$GITHUB_WORKSPACE"
make tests TESTFILTER=EKF
- name: Check if there exists diff and save result in variable
id: diff-check
working-directory: src/modules/ekf2/test/change_indication
run: |
if git diff --quiet; then
echo "CHANGE_INDICATED=false" >> $GITHUB_OUTPUT
else
echo "CHANGE_INDICATED=true" >> $GITHUB_OUTPUT
fi
- name: auto-commit any changes to change indication
if: steps.diff-check.outputs.CHANGE_INDICATED == 'true'
uses: stefanzweifel/git-auto-commit-action@v4
with:
file_pattern: 'src/modules/ekf2/test/change_indication/*.csv'
commit_user_name: ${{ env.GIT_COMMITTER_NAME }}
commit_user_email: ${{ env.GIT_COMMITTER_EMAIL }}
commit_message: |
[AUTO COMMIT] update change indication
See .github/workflows/ekf_update_change_indicator.yml for more details
- name: if there is a functional change, fail check
if: steps.diff-check.outputs.CHANGE_INDICATED == 'true'
run: exit 1
.github/workflows/failsafe_sim.yml
+16 -8
View File
@@ -18,7 +18,7 @@ concurrency:
jobs:
build:
runs-on: ubuntu-latest
runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false,extras=s3-cache]
defaults:
run:
shell: bash
@@ -29,22 +29,30 @@ jobs:
"failsafe_web",
]
container:
image: px4io/px4-dev:v1.16.0-rc1-258-g0369abd556
image: ghcr.io/px4/px4-dev:v1.17.0-rc2
options: --privileged --ulimit core=-1 --security-opt seccomp=unconfined
steps:
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Configure Git Safe Directory
run: git config --system --add safe.directory '*'
- name: Install Node v20.18.0
uses: actions/setup-node@v4
uses: actions/setup-node@v6
with:
node-version: 20.18.0
- uses: actions/checkout@v4
- name: Cache - Restore Emscripten SDK
id: cache-emsdk
uses: actions/cache@v5
with:
fetch-depth: 0
- name: Git ownership workaround
run: git config --system --add safe.directory '*'
path: _emscripten_sdk
key: emsdk-4.0.15
- name: Install empscripten
if: steps.cache-emsdk.outputs.cache-hit != 'true'
run: |
git clone https://github.com/emscripten-core/emsdk.git _emscripten_sdk
cd _emscripten_sdk
.github/workflows/flash_analysis.yml
+106 -35
View File
@@ -24,9 +24,9 @@ env:
jobs:
analyze_flash:
name: Analyzing ${{ matrix.target }}
runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false]
runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false,extras=s3-cache]
container:
image: px4io/px4-dev:v1.16.0-rc1-258-g0369abd556
image: ghcr.io/px4/px4-dev:v1.17.0-rc2
strategy:
matrix:
target: [px4_fmu-v5x, px4_fmu-v6x]
@@ -36,25 +36,58 @@ jobs:
px4_fmu-v6x-bloaty-output: ${{ steps.gen-output.outputs.px4_fmu-v6x-bloaty-output }}
px4_fmu-v6x-bloaty-summary-map: ${{ steps.gen-output.outputs.px4_fmu-v6x-bloaty-summary-map }}
steps:
- uses: actions/checkout@v4
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-depth: 0
submodules: recursive
- name: Git ownership workaround
- name: Configure Git Safe Directory
run: git config --system --add safe.directory '*'
- name: Cache - Restore ccache (current)
id: cache_current
uses: actions/cache/restore@v5
with:
path: ~/.ccache
key: ccache-flash-${{ matrix.target }}-current-${{ github.ref_name }}-${{ github.sha }}
restore-keys: |
ccache-flash-${{ matrix.target }}-current-${{ github.ref_name }}-
ccache-flash-${{ matrix.target }}-current-
- name: Cache - Configure ccache
run: |
mkdir -p ~/.ccache
echo "base_dir = ${GITHUB_WORKSPACE}" > ~/.ccache/ccache.conf
echo "compression = true" >> ~/.ccache/ccache.conf
echo "compression_level = 6" >> ~/.ccache/ccache.conf
echo "max_size = 200M" >> ~/.ccache/ccache.conf
echo "hash_dir = false" >> ~/.ccache/ccache.conf
echo "compiler_check = content" >> ~/.ccache/ccache.conf
ccache -s
ccache -z
- name: Build Target
run: make ${{ matrix.target }}_flash-analysis
- name: Store the ELF with the change
run: cp ./build/**/*.elf ./with-change.elf
- name: Cache - Stats after Current Build
run: ccache -s
- name: Cache - Save ccache (current)
if: always()
uses: actions/cache/save@v5
with:
path: ~/.ccache
key: ${{ steps.cache_current.outputs.cache-primary-key }}
- name: Clean previous build
run: |
make clean
make distclean
make submodulesclean
ccache -C
- name: If it's a PR checkout the base branch
if: ${{ github.event.pull_request }}
@@ -68,12 +101,34 @@ jobs:
- name: Update submodules
run: make submodulesupdate
- name: Cache - Restore ccache (baseline)
id: cache_baseline
uses: actions/cache/restore@v5
with:
path: ~/.ccache
key: ccache-flash-${{ matrix.target }}-baseline-${{ github.sha }}
restore-keys: |
ccache-flash-${{ matrix.target }}-baseline-
- name: Cache - Reset ccache stats
run: ccache -z
- name: Build
run: make ${{ matrix.target }}_flash-analysis
- name: Store the ELF before the change
run: cp ./build/**/*.elf ./before-change.elf
- name: Cache - Stats after Baseline Build
run: ccache -s
- name: Cache - Save ccache (baseline)
if: always()
uses: actions/cache/save@v5
with:
path: ~/.ccache
key: ${{ steps.cache_baseline.outputs.cache-primary-key }}
- name: bloaty-action
uses: PX4/bloaty-action@v1.0.0
id: bloaty-step
@@ -93,9 +148,6 @@ jobs:
echo '${{ steps.bloaty-step.outputs.bloaty-summary-map }}' >> $GITHUB_OUTPUT
echo "$EOF" >> $GITHUB_OUTPUT
# TODO:
# This part of the workflow is causing errors for forks. We should find a way to fix this and enable it again for forks.
# Track this issue https://github.com/PX4/PX4-Autopilot/issues/24408
post_pr_comment:
name: Publish Results
runs-on: [runs-on,runner=1cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}"]
@@ -105,22 +157,22 @@ jobs:
V5X-SUMMARY-MAP-PERC: ${{ fromJSON(fromJSON(needs.analyze_flash.outputs.px4_fmu-v5x-bloaty-summary-map).vm-percentage) }}
V6X-SUMMARY-MAP-ABS: ${{ fromJSON(fromJSON(needs.analyze_flash.outputs.px4_fmu-v6x-bloaty-summary-map).vm-absolute) }}
V6X-SUMMARY-MAP-PERC: ${{ fromJSON(fromJSON(needs.analyze_flash.outputs.px4_fmu-v6x-bloaty-summary-map).vm-percentage) }}
if: github.event.pull_request && github.event.pull_request.head.repo.full_name == github.repository
if: github.event.pull_request
steps:
- name: Find Comment
uses: peter-evans/find-comment@v3
uses: peter-evans/find-comment@v4
id: fc
with:
issue-number: ${{ github.event.pull_request.number }}
comment-author: 'github-actions[bot]'
body-includes: FLASH Analysis
body-includes: '<!-- pr-comment-poster:flash-analysis -->'
- name: Set Build Time
id: bt
run: |
echo "timestamp=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_OUTPUT
- name: Create or update comment
- name: Write pr-comment artifact
# This can't be moved to the job-level conditions, as GH actions don't allow a job-level if condition to access the env.
if: |
steps.fc.outputs.comment-id != '' ||
@@ -128,27 +180,46 @@ jobs:
env.V5X-SUMMARY-MAP-ABS <= fromJSON(env.MIN_FLASH_NEG_DIFF_FOR_COMMENT) ||
env.V6X-SUMMARY-MAP-ABS >= fromJSON(env.MIN_FLASH_POS_DIFF_FOR_COMMENT) ||
env.V6X-SUMMARY-MAP-ABS <= fromJSON(env.MIN_FLASH_NEG_DIFF_FOR_COMMENT)
uses: peter-evans/create-or-update-comment@v4
run: |
mkdir -p pr-comment
cat > pr-comment/manifest.json <<EOF
{
"pr_number": ${{ github.event.pull_request.number }},
"marker": "<!-- pr-comment-poster:flash-analysis -->",
"mode": "upsert"
}
EOF
cat > pr-comment/body.md <<'PR_COMMENT_BODY_EOF'
<!-- pr-comment-poster:flash-analysis -->
## 🔎 FLASH Analysis
<details>
<summary>px4_fmu-v5x [Total VM Diff: ${{ env.V5X-SUMMARY-MAP-ABS }} byte (${{ env.V5X-SUMMARY-MAP-PERC}} %)]</summary>
```
${{ needs.analyze_flash.outputs.px4_fmu-v5x-bloaty-output }}
```
</details>
<details>
<summary>px4_fmu-v6x [Total VM Diff: ${{ env.V6X-SUMMARY-MAP-ABS }} byte (${{ env.V6X-SUMMARY-MAP-PERC }} %)]</summary>
```
${{ needs.analyze_flash.outputs.px4_fmu-v6x-bloaty-output }}
```
</details>
**Updated: _${{ steps.bt.outputs.timestamp }}_**
PR_COMMENT_BODY_EOF
- name: Upload pr-comment artifact
if: |
steps.fc.outputs.comment-id != '' ||
env.V5X-SUMMARY-MAP-ABS >= fromJSON(env.MIN_FLASH_POS_DIFF_FOR_COMMENT) ||
env.V5X-SUMMARY-MAP-ABS <= fromJSON(env.MIN_FLASH_NEG_DIFF_FOR_COMMENT) ||
env.V6X-SUMMARY-MAP-ABS >= fromJSON(env.MIN_FLASH_POS_DIFF_FOR_COMMENT) ||
env.V6X-SUMMARY-MAP-ABS <= fromJSON(env.MIN_FLASH_NEG_DIFF_FOR_COMMENT)
uses: actions/upload-artifact@v7
with:
comment-id: ${{ steps.fc.outputs.comment-id }}
issue-number: ${{ github.event.pull_request.number }}
body: |
## 🔎 FLASH Analysis
<details>
<summary>px4_fmu-v5x [Total VM Diff: ${{ env.V5X-SUMMARY-MAP-ABS }} byte (${{ env.V5X-SUMMARY-MAP-PERC}} %)]</summary>
```
${{ needs.analyze_flash.outputs.px4_fmu-v5x-bloaty-output }}
```
</details>
<details>
<summary>px4_fmu-v6x [Total VM Diff: ${{ env.V6X-SUMMARY-MAP-ABS }} byte (${{ env.V6X-SUMMARY-MAP-PERC }} %)]</summary>
```
${{ needs.analyze_flash.outputs.px4_fmu-v6x-bloaty-output }}
```
</details>
**Updated: _${{ steps.bt.outputs.timestamp }}_**
edit-mode: replace
name: pr-comment
path: pr-comment/
retention-days: 1
.github/workflows/fuzzing.yml
+19 -9
View File
@@ -12,19 +12,25 @@ env:
jobs:
Fuzzing:
runs-on: ubuntu-latest
runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false,extras=s3-cache]
container:
image: px4io/px4-dev:v1.16.0-rc2-4-gb67c65bfe6
steps:
- name: Install Dependencies
run: |
apt update && apt install -y clang
- uses: runs-on/action@v2
- name: Fix git in Container
run: |
git config --global --add safe.directory $(realpath .)
- uses: actions/checkout@v6
- uses: actions/checkout@v4
- name: Configure Git Safe Directory
run: git config --system --add safe.directory '*'
- name: Install clang
run: apt-get update && apt-get install -y clang
- uses: ./.github/actions/setup-ccache
id: ccache
with:
cache-key-prefix: ccache-sitl
max-size: 300M
- name: Build and Run Fuzz Tests
run: |
@@ -38,7 +44,11 @@ jobs:
./Tools/ci/run_fuzz_tests.sh $fuzz_binary 15m
done
# Create a github issue in case of a failure
- uses: ./.github/actions/save-ccache
if: always()
with:
cache-primary-key: ${{ steps.ccache.outputs.cache-primary-key }}
- name: Create Issue
if: ${{ failure() }}
uses: JasonEtco/create-an-issue@v2
.github/workflows/issue_triage_label.yml
+24
View File
@@ -0,0 +1,24 @@
name: Issue Triage Label
on:
issues:
types: [opened]
permissions:
issues: write
jobs:
add-triage-label:
runs-on: ubuntu-latest
steps:
- name: Add status:needs-triage label to new issues
uses: actions/github-script@v7
with:
script: |
await github.rest.issues.addLabels({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.payload.issue.number,
labels: ['status:needs-triage'],
});
.github/workflows/itcm_check.yml
+17 -7
View File
@@ -22,9 +22,9 @@ concurrency:
jobs:
check_itcm:
name: Checking ${{ matrix.target }}
runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false]
runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false,extras=s3-cache]
container:
image: px4io/px4-dev:v1.16.0-rc1-258-g0369abd556
image: ghcr.io/px4/px4-dev:v1.17.0-rc2
strategy:
fail-fast: false
matrix:
@@ -46,14 +46,19 @@ jobs:
boards/nxp/mr-tropic/nuttx-config/scripts/itcm_functions_includes.ld
boards/nxp/mr-tropic/nuttx-config/scripts/itcm_static_functions.ld
steps:
- uses: actions/checkout@v4
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-depth: 0
submodules: recursive
- name: Git ownership workaround
fetch-depth: 1
- name: Configure Git Safe Directory
run: git config --system --add safe.directory '*'
- uses: ./.github/actions/setup-ccache
id: ccache
with:
cache-key-prefix: ccache-itcm-${{ matrix.target }}
max-size: 200M
- name: Build Target
run: make ${{ matrix.target }}
@@ -65,3 +70,8 @@ jobs:
- name: Execute the itcm-check
run: python3 Tools/itcm_check.py --elf-file built.elf --script-files ${{ matrix.scripts }}
- uses: ./.github/actions/save-ccache
if: always()
with:
cache-primary-key: ${{ steps.ccache.outputs.cache-primary-key }}
.github/workflows/label.yml
+43 -5
View File
@@ -1,11 +1,13 @@
# This workflow will triage pull requests and apply a label based on the
# paths that are modified in the pull request.
# The paths are set up in .github/labeler.yml
# This workflow will triage pull requests and apply labels based on the
# PR title prefix and paths that are modified in the pull request.
# The path labels are set up in .github/labeler.yml
#
# See: https://github.com/actions/labeler
name: Labeler
on: [pull_request_target]
on:
pull_request_target:
types: [opened, edited, synchronize, reopened, ready_for_review]
jobs:
label:
@@ -13,9 +15,45 @@ jobs:
runs-on: ubuntu-latest
permissions:
contents: read
issues: write
pull-requests: write
steps:
- uses: actions/labeler@v5
- name: Label PR title type
env:
GH_TOKEN: ${{ github.token }}
GH_REPO: ${{ github.repository }}
PR_NUMBER: ${{ github.event.pull_request.number }}
PR_TITLE: ${{ github.event.pull_request.title }}
run: |
set -euo pipefail
if [[ ! "$PR_TITLE" =~ ^(feat|fix|docs|style|refactor|perf|test|build|ci|chore|revert)\([a-zA-Z0-9_./-]+\)!?:\ .{5,}$ ]]; then
echo "No conventional commit type detected; Commit Quality validates title format."
exit 0
fi
type="${BASH_REMATCH[1]}"
case "$type" in
feat) label="kind:feature" ;;
fix) label="kind:bug" ;;
refactor) label="kind:refactor" ;;
perf) label="kind:improvement" ;;
test) label="kind:test" ;;
docs|style|build|ci|chore|revert) label="kind:chore" ;;
esac
current_labels="$(gh pr view "$PR_NUMBER" --json labels --jq '.labels[].name')"
if grep -Fxq "$label" <<< "$current_labels"; then
echo "PR already has $label."
exit 0
fi
echo "Adding $label based on PR title type '$type'."
gh pr edit "$PR_NUMBER" --add-label "$label"
- uses: actions/labeler@v6
with:
repo-token: "${{ secrets.GITHUB_TOKEN }}"
.github/workflows/mavros_mission_tests.yml
-45
View File
@@ -1,45 +0,0 @@
name: MAVROS Mission Tests
on:
push:
branches:
- 'main'
paths-ignore:
- 'docs/**'
pull_request:
branches:
- '**'
paths-ignore:
- 'docs/**'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Build SITL and Run Tests (inside old ROS container)
run: |
docker run --rm \
-v "${GITHUB_WORKSPACE}:/workspace" \
-w /workspace \
px4io/px4-dev-ros-melodic:2021-09-08 \
bash -c '
git config --global --add safe.directory /workspace
make px4_sitl_default
make px4_sitl_default sitl_gazebo-classic
./test/rostest_px4_run.sh \
mavros_posix_test_mission.test \
mission:=MC_mission_box \
vehicle:=iris
'
.github/workflows/mavros_offboard_tests.yml
-44
View File
@@ -1,44 +0,0 @@
name: MAVROS Offboard Tests
on:
push:
branches:
- 'main'
paths-ignore:
- 'docs/**'
pull_request:
branches:
- '**'
paths-ignore:
- 'docs/**'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Build SITL and Run Tests (inside old ROS container)
run: |
docker run --rm \
-v "${GITHUB_WORKSPACE}:/workspace" \
-w /workspace \
px4io/px4-dev-ros-melodic:2021-09-08 \
bash -c '
git config --global --add safe.directory /workspace
make px4_sitl_default
make px4_sitl_default sitl_gazebo-classic
./test/rostest_px4_run.sh \
mavros_posix_tests_offboard_posctl.test \
vehicle:=iris
'
.github/workflows/mavros_tests.yml
+73
View File
@@ -0,0 +1,73 @@
name: MAVROS Tests
on:
push:
branches:
- 'main'
paths-ignore:
- 'docs/**'
pull_request:
branches:
- '**'
paths-ignore:
- 'docs/**'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
test:
name: "MAVROS ${{ matrix.config.name }}"
runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false,extras=s3-cache]
permissions:
contents: read
container:
image: px4io/px4-dev-ros-noetic:2021-09-08
env:
PX4_SBOM_DISABLE: 1
strategy:
fail-fast: false
matrix:
config:
- {name: "Mission", test_file: "mavros_posix_test_mission.test", params: "mission:=MC_mission_box vehicle:=iris"}
- {name: "Offboard", test_file: "mavros_posix_tests_offboard_posctl.test", params: "vehicle:=iris"}
steps:
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-depth: 1
- name: Configure Git Safe Directory
run: git config --system --add safe.directory '*'
- name: Setup - Install Python Test Dependencies
run: pip3 install -r Tools/setup/requirements.txt
- uses: ./.github/actions/setup-ccache
id: ccache
with:
cache-key-prefix: ccache-sitl-gazebo-classic
max-size: 350M
- uses: ./.github/actions/build-gazebo-sitl
- name: Test - MAVROS ${{ matrix.config.name }}
run: |
./test/rostest_px4_run.sh \
${{ matrix.config.test_file }} \
${{ matrix.config.params }}
timeout-minutes: 10
- uses: ./.github/actions/save-ccache
if: always()
with:
cache-primary-key: ${{ steps.ccache.outputs.cache-primary-key }}
- name: Upload - Failed Test Logs
if: failure()
uses: actions/upload-artifact@v7
with:
name: failed-mavros-${{ matrix.config.name }}-logs.zip
path: |
logs/**/**/**/*.log
logs/**/**/**/*.ulg
.github/workflows/nuttx_env_config.yml
-46
View File
@@ -1,46 +0,0 @@
name: Nuttx Target with extra env config
on:
push:
branches:
- 'main'
paths-ignore:
- 'docs/**'
pull_request:
branches:
- '**'
paths-ignore:
- 'docs/**'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
runs-on: ubuntu-latest
container:
image: px4io/px4-dev:v1.16.0-rc1-258-g0369abd556
strategy:
matrix:
config:
- px4_fmu-v5_default
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Build PX4 and Run Test [${{ matrix.config }}]
run: |
cd "$GITHUB_WORKSPACE"
git config --global --add safe.directory "$GITHUB_WORKSPACE"
export PX4_EXTRA_NUTTX_CONFIG='CONFIG_NSH_LOGIN_PASSWORD="test";CONFIG_NSH_CONSOLE_LOGIN=y'
echo "PX4_EXTRA_NUTTX_CONFIG: $PX4_EXTRA_NUTTX_CONFIG"
make ${{ matrix.config }} nuttx_context
echo "Check that the config option is set"
grep CONFIG_NSH_LOGIN_PASSWORD build/${{ matrix.config }}/NuttX/nuttx/.config
.github/workflows/pr-comment-poster.yml
+155
View File
@@ -0,0 +1,155 @@
name: PR Comment Poster
# Generic PR comment poster. Any analysis workflow (clang-tidy, flash_analysis,
# fuzz coverage, SITL perf, etc.) can produce a `pr-comment` artifact and this
# workflow will post or update a sticky PR comment with its contents. Designed
# so that analysis jobs running on untrusted fork PRs can still get their
# results posted back to the PR.
#
# ==============================================================================
# SECURITY INVARIANTS
# ==============================================================================
# This workflow runs on `workflow_run` which means it runs in the BASE REPO
# context with a WRITE token, even when the triggering PR comes from a fork.
# That is the entire reason it exists, and also the reason it is a loaded
# footgun. Anyone modifying this file MUST preserve the following invariants:
#
# 1. NEVER check out PR code. No `actions/checkout` with a ref. No git clone
# of a fork branch. No execution of scripts from the downloaded artifact.
# The ONLY things read from the artifact are `manifest.json` and `body.md`,
# and both are treated as opaque data (JSON parsed by the poster script
# and markdown posted verbatim via the GitHub API).
#
# 2. `pr_number` is validated to be a positive integer before use.
# `marker` is validated to be printable ASCII only before use. Validation
# happens inside Tools/ci/pr-comment-poster.py which is checked out from
# the base branch, not from the artifact.
#
# 3. The comment body is passed to the GitHub API as a JSON field, never
# interpolated into a shell command string.
#
# 4. This workflow file lives on the default branch. `workflow_run` only
# loads workflow files from the default branch, so a fork cannot modify
# THIS file as part of a PR. The fork CAN cause this workflow to fire
# by triggering a producer workflow that uploads a `pr-comment` artifact.
# That is intended.
#
# 5. The artifact-name filter (`pr-comment`) is the only gate on which
# workflow runs get processed. Any workflow in this repo that uploads
# an artifact named `pr-comment` is trusted to have written the
# manifest and body itself, NOT copied fork-controlled content into
# them. Producer workflows are responsible for that.
#
# 6. `actions/checkout@v6` below uses NO ref (so it pulls the base branch,
# the default-branch commit this workflow file was loaded from) AND uses
# sparse-checkout to materialize ONLY Tools/ci/pr-comment-poster.py and
# its stdlib-only helper module Tools/ci/_github_helpers.py. The rest of
# the repo never touches the workspace. This is safe: the only files the
# job executes are base-repo Python scripts that were reviewed through
# normal code review, never anything from the PR.
#
# ==============================================================================
# ARTIFACT CONTRACT
# ==============================================================================
# Producers upload an artifact named exactly `pr-comment` containing:
#
# manifest.json:
# {
# "pr_number": 12345, // required, int > 0
# "marker": "<!-- pr-comment-poster:flash-analysis -->", // required, printable ASCII
# "mode": "upsert" // optional, default "upsert"
# }
#
# body.md: the markdown content of the comment. Posted verbatim.
#
# The `marker` string is used to find an existing comment to update. It MUST
# be unique per producer (e.g. include the producer name). If no existing
# comment contains the marker, a new one is created. If the marker is found
# in an existing comment, that comment is edited in place.
#
# Producers MUST write `pr_number` from their own workflow context
# (`github.event.pull_request.number`) and MUST NOT read it from any
# fork-controlled source.
on:
workflow_run:
# Producers that may upload a `pr-comment` artifact. When a new producer
# is wired up, add its workflow name here. Runs of workflows not in this
# list will never trigger the poster. Every run of a listed workflow will
# trigger the poster, which will no-op if no `pr-comment` artifact exists.
workflows:
- "FLASH usage analysis"
- "Docs - Orchestrator"
types:
- completed
permissions:
pull-requests: write
actions: read
contents: read
jobs:
post:
name: Post PR Comment
runs-on: ubuntu-latest
# Only run for pull_request producer runs. Push-to-main and other
# non-PR triggers would have no comment to post, and silently no-oping
# inside the script made it look like the poster was broken. Gating at
# the job level surfaces those as a clean "Skipped" in the UI instead.
if: >-
github.event.workflow_run.conclusion != 'cancelled'
&& github.event.workflow_run.event == 'pull_request'
steps:
# Checkout runs first so the poster script is available AND so that
# actions/checkout@v6's default clean step does not delete the artifact
# zip that the next step writes into the workspace. Sparse-checkout
# restricts the materialized tree to just the poster script.
- name: Checkout poster script only
uses: actions/checkout@v6
with:
sparse-checkout: |
Tools/ci/pr-comment-poster.py
Tools/ci/_github_helpers.py
sparse-checkout-cone-mode: false
- name: Download pr-comment artifact
id: download
uses: actions/github-script@v9
with:
script: |
const artifacts = await github.rest.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: context.payload.workflow_run.id,
});
const match = artifacts.data.artifacts.find(a => a.name === 'pr-comment');
if (!match) {
core.info('No pr-comment artifact on this run; nothing to post.');
core.setOutput('found', 'false');
return;
}
const download = await github.rest.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: match.id,
archive_format: 'zip',
});
const fs = require('fs');
fs.writeFileSync('pr-comment.zip', Buffer.from(download.data));
core.setOutput('found', 'true');
- name: Unpack artifact
if: steps.download.outputs.found == 'true'
run: |
mkdir -p pr-comment
unzip -q pr-comment.zip -d pr-comment
- name: Validate artifact
if: steps.download.outputs.found == 'true'
run: python3 Tools/ci/pr-comment-poster.py validate pr-comment
- name: Upsert sticky comment
if: steps.download.outputs.found == 'true'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: python3 Tools/ci/pr-comment-poster.py post pr-comment
.github/workflows/pr-review-poster.yml
+179
View File
@@ -0,0 +1,179 @@
name: PR Review Poster
# Generic PR review-comment poster. Sibling of "PR Comment Poster": that
# workflow posts sticky issue-style comments, this one posts line-anchored
# review comments on the "Files changed" tab. Any analysis workflow that
# wants to flag specific lines can produce a `pr-review` artifact and this
# workflow will dismiss any stale matching review and post a fresh one.
# Designed so analysis jobs running on untrusted fork PRs can still get
# their inline annotations posted back to the PR.
#
# ==============================================================================
# SECURITY INVARIANTS
# ==============================================================================
# This workflow runs on `workflow_run` which means it runs in the BASE REPO
# context with a WRITE token, even when the triggering PR comes from a fork.
# That is the entire reason it exists, and also the reason it is a loaded
# footgun. Anyone modifying this file MUST preserve the following invariants:
#
# 1. NEVER check out PR code. No `actions/checkout` with a ref. No git clone
# of a fork branch. No execution of scripts from the downloaded artifact.
# The ONLY things read from the artifact are `manifest.json` and
# `comments.json`, and both are treated as opaque data (JSON parsed by
# the poster script and the comment fields posted via the GitHub API).
#
# 2. `pr_number` is validated to be a positive integer before use.
# `marker` is validated to be printable ASCII only before use.
# `commit_sha` is validated to be 40 lowercase hex characters.
# `event` is validated against an allowlist of `COMMENT` only.
# `APPROVE` and `REQUEST_CHANGES` are intentionally forbidden:
# bots should not approve PRs, and REQUEST_CHANGES reviews cannot
# be dismissed by the GITHUB_TOKEN under branch protection rules.
# Validation happens inside
# Tools/ci/pr-review-poster.py which is checked out from the base
# branch, not from the artifact.
#
# 3. Comment bodies and the optional summary are passed to the GitHub API
# as JSON fields, never interpolated into a shell command string.
#
# 4. This workflow file lives on the default branch. `workflow_run` only
# loads workflow files from the default branch, so a fork cannot modify
# THIS file as part of a PR. The fork CAN cause this workflow to fire
# by triggering a producer workflow that uploads a `pr-review`
# artifact. That is intended.
#
# 5. The artifact-name filter (`pr-review`) is the only gate on which
# workflow runs get processed. Any workflow in this repo that uploads
# an artifact named `pr-review` is trusted to have written the
# manifest and comments itself, NOT copied fork-controlled content
# into them. Producer workflows are responsible for that.
#
# 6. `actions/checkout@v6` below uses NO ref (so it pulls the base branch,
# the default-branch commit this workflow file was loaded from) AND
# uses sparse-checkout to materialize ONLY
# Tools/ci/pr-review-poster.py and its stdlib-only helper module
# Tools/ci/_github_helpers.py. The rest of the repo never touches the
# workspace. This is safe: the only files the job executes are
# base-repo Python scripts that were reviewed through normal code
# review, never anything from the PR.
#
# 7. Stale-review dismissal is restricted to reviews whose AUTHOR is
# `github-actions[bot]` AND whose body contains the producer's
# marker. A fork PR cannot impersonate the bot login, and cannot
# inject the marker into a human reviewer's body without API
# access. Both filters together prevent the poster from ever
# dismissing a human review.
#
# ==============================================================================
# ARTIFACT CONTRACT
# ==============================================================================
# Producers upload an artifact named exactly `pr-review` containing:
#
# manifest.json:
# {
# "pr_number": 12345, // required, int > 0
# "marker": "<!-- pr-review-poster:clang-tidy -->", // required, printable ASCII
# "event": "COMMENT", // required, "COMMENT" only
# "commit_sha": "0123456789abcdef0123456789abcdef01234567", // required, 40 hex chars
# "summary": "Optional review summary text" // optional
# }
#
# comments.json: JSON array of line-anchored review comment objects:
# [
# {"path": "src/foo.cpp", "line": 42, "side": "RIGHT", "body": "..."},
# {"path": "src/bar.hpp", "start_line": 10, "line": 15,
# "side": "RIGHT", "start_side": "RIGHT", "body": "..."}
# ]
#
# The `marker` string is used to find an existing matching review to
# dismiss before posting a new one. It MUST be unique per producer (e.g.
# include the producer name).
#
# Producers MUST write `pr_number` and `commit_sha` from their own
# workflow context (`github.event.pull_request.number` and
# `github.event.pull_request.head.sha`) and MUST NOT read either from any
# fork-controlled source.
on:
workflow_run:
# Producers that may upload a `pr-review` artifact. When a new
# producer is wired up, add its workflow name here. Runs of workflows
# not in this list will never trigger the poster. Every run of a
# listed workflow will trigger the poster, which will no-op if no
# `pr-review` artifact exists.
workflows:
- "Static Analysis"
types:
- completed
permissions:
pull-requests: write
actions: read
contents: read
jobs:
post:
name: Post PR Review
runs-on: ubuntu-latest
# Only run for pull_request producer runs. Push-to-main and other
# non-PR triggers have no review to post, so gating at the job level
# surfaces those as a clean "Skipped" in the UI instead of a
# silent no-op buried inside the script.
if: >-
github.event.workflow_run.conclusion != 'cancelled'
&& github.event.workflow_run.event == 'pull_request'
steps:
# Checkout runs first so the poster scripts are available AND so
# that actions/checkout@v6's default clean step does not delete the
# artifact zip that the next step writes into the workspace.
# Sparse-checkout restricts the materialized tree to just the
# poster script and its stdlib helper module.
- name: Checkout poster script only
uses: actions/checkout@v6
with:
sparse-checkout: |
Tools/ci/pr-review-poster.py
Tools/ci/_github_helpers.py
sparse-checkout-cone-mode: false
- name: Download pr-review artifact
id: download
uses: actions/github-script@v9
with:
script: |
const artifacts = await github.rest.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: context.payload.workflow_run.id,
});
const match = artifacts.data.artifacts.find(a => a.name === 'pr-review');
if (!match) {
core.info('No pr-review artifact on this run; nothing to post.');
core.setOutput('found', 'false');
return;
}
const download = await github.rest.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: match.id,
archive_format: 'zip',
});
const fs = require('fs');
fs.writeFileSync('pr-review.zip', Buffer.from(download.data));
core.setOutput('found', 'true');
- name: Unpack artifact
if: steps.download.outputs.found == 'true'
run: |
mkdir -p pr-review
unzip -q pr-review.zip -d pr-review
- name: Validate artifact
if: steps.download.outputs.found == 'true'
run: python3 Tools/ci/pr-review-poster.py validate pr-review
- name: Post PR review
if: steps.download.outputs.found == 'true'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: python3 Tools/ci/pr-review-poster.py post pr-review
.github/workflows/python_checks.yml
+11 -8
View File
@@ -14,20 +14,23 @@ on:
jobs:
build:
runs-on: ubuntu-24.04
runs-on: [runs-on,runner=1cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}"]
steps:
- uses: actions/checkout@v4
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-depth: 0
fetch-depth: 1
- name: Install Python3
run: sudo apt-get install python3 python3-setuptools python3-pip -y
- name: Setup Python
uses: actions/setup-python@v6
with:
python-version: "3.10"
- name: Install tools
run: python3 -m pip install mypy types-requests flake8 --break-system-packages
run: pip install mypy types-requests flake8
- name: Check MAVSDK test scripts with mypy
run: $HOME/.local/bin/mypy --strict test/mavsdk_tests/*.py
run: mypy --strict test/mavsdk_tests/*.py
- name: Check MAVSDK test scripts with flake8
run: $HOME/.local/bin/flake8 test/mavsdk_tests/*.py
run: flake8 test/mavsdk_tests/*.py
.github/workflows/ros_integration_tests.yml
+50 -43
View File
@@ -23,16 +23,18 @@ concurrency:
jobs:
build:
runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu22-full-x64,"run-id=${{ github.run_id }}",spot=false]
runs-on: [runs-on,runner=8cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false,extras=s3-cache]
container:
image: px4io/px4-dev-ros2-galactic:2021-09-08
options: --privileged --ulimit core=-1 --security-opt seccomp=unconfined
env:
PX4_SBOM_DISABLE: 1
steps:
- uses: actions/checkout@v4
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Git Ownership Workaround
fetch-depth: 1
- name: Configure Git Safe Directory
run: git config --system --add safe.directory '*'
- name: Update ROS Keys
@@ -45,30 +47,21 @@ jobs:
run: |
apt update && apt install -y gazebo11 libgazebo11-dev gstreamer1.0-plugins-bad gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-ugly libgstreamer-plugins-base1.0-dev
- name: Prepare ccache timestamp
id: ccache_cache_timestamp
shell: cmake -P {0}
run: |
string(TIMESTAMP current_date "%Y-%m-%d-%H;%M;%S" UTC)
message("::set-output name=timestamp::${current_date}")
- name: ccache cache files
uses: actions/cache@v4
- uses: ./.github/actions/setup-ccache
id: ccache
with:
path: ~/.ccache
key: ros_integration_tests-${{matrix.config.build_type}}-ccache-${{steps.ccache_cache_timestamp.outputs.timestamp}}
restore-keys: ros_integration_tests-${{matrix.config.build_type}}-ccache-
- name: setup ccache
run: |
mkdir -p ~/.ccache
echo "base_dir = ${GITHUB_WORKSPACE}" > ~/.ccache/ccache.conf
echo "compression = true" >> ~/.ccache/ccache.conf
echo "compression_level = 6" >> ~/.ccache/ccache.conf
echo "max_size = 300M" >> ~/.ccache/ccache.conf
echo "hash_dir = false" >> ~/.ccache/ccache.conf
ccache -s
ccache -z
cache-key-prefix: ccache-ros-integration
max-size: 400M
- name: Get and build micro-xrce-dds-agent
- name: Cache - Restore Micro-XRCE-DDS Agent
id: cache-xrce-agent
uses: actions/cache@v5
with:
path: /opt/Micro-XRCE-DDS-Agent
key: xrce-agent-v2.2.1-fastdds-2.8.2-galactic-2021-09-08
- name: Build - Micro-XRCE-DDS Agent (v2.2.1)
if: steps.cache-xrce-agent.outputs.cache-hit != 'true'
run: |
cd /opt
git clone --recursive https://github.com/eProsima/Micro-XRCE-DDS-Agent.git
@@ -79,17 +72,35 @@ jobs:
cd build
cmake ..
make -j2
- name: ccache post-run micro-xrce-dds-agent
run: ccache -s
- name: Get and build the ros2 interface library
- name: Cache - Restore PX4 ROS 2 Interface Library Workspace
id: cache-px4-ros2-ws
uses: actions/cache@v5
with:
path: /opt/px4_ws
# Bump 'v1' when the cached workspace layout changes in a way
# that is not captured by the message/service hash below.
key: px4-ros2-ws-v1-galactic-2021-09-08-${{ hashFiles('msg/*.msg', 'msg/versioned/*.msg', 'srv/*.srv') }}
- name: Build - PX4 ROS 2 Interface Library
if: steps.cache-px4-ros2-ws.outputs.cache-hit != 'true'
shell: bash
run: |
PX4_DIR="$(pwd)"
. /opt/ros/galactic/setup.bash
mkdir -p /opt/px4_ws/src
cd /opt/px4_ws/src
git clone --recursive https://github.com/Auterion/px4-ros2-interface-lib.git
# On a PR, target the branch we're merging into (main or release/X.Y).
# On a direct push, fall back to the branch we're running on.
BRANCH="${GITHUB_BASE_REF:-$GITHUB_REF_NAME}"
REPO_URL="https://github.com/Auterion/px4-ros2-interface-lib.git"
if git ls-remote --heads "$REPO_URL" "$BRANCH" | grep -q "$BRANCH"; then
echo "Cloning px4-ros2-interface-lib with matching branch: $BRANCH"
git clone --recursive --branch "$BRANCH" "$REPO_URL"
else
echo "Branch '$BRANCH' not found in px4-ros2-interface-lib, using default (main)"
git clone --recursive "$REPO_URL"
fi
# Ignore python packages due to compilation issue (can be enabled when updating ROS)
touch px4-ros2-interface-lib/px4_ros2_py/COLCON_IGNORE || true
touch px4-ros2-interface-lib/examples/python/COLCON_IGNORE || true
@@ -98,17 +109,8 @@ jobs:
"${PX4_DIR}/Tools/copy_to_ros_ws.sh" "$(pwd)"
rm -rf src/translation_node src/px4_msgs_old
colcon build --symlink-install
- name: ccache post-run ros workspace
run: ccache -s
- name: Build PX4
run: make px4_sitl_default
- name: ccache post-run px4/firmware
run: ccache -s
- name: Build SITL Gazebo
run: make px4_sitl_default sitl_gazebo-classic
- name: ccache post-run sitl_gazebo-classic
run: ccache -s
- uses: ./.github/actions/build-gazebo-sitl
- name: Core dump settings
run: |
@@ -120,12 +122,17 @@ jobs:
run: |
. /opt/px4_ws/install/setup.bash
/opt/Micro-XRCE-DDS-Agent/build/MicroXRCEAgent udp4 localhost -p 8888 -v 0 &
test/ros_test_runner.py --verbose --model iris --upload --force-color
test/ros_test_runner.py --verbose --model iris --force-color
timeout-minutes: 45
- uses: ./.github/actions/save-ccache
if: always()
with:
cache-primary-key: ${{ steps.ccache.outputs.cache-primary-key }}
- name: Upload failed logs
if: failure()
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v7
with:
name: failed-logs.zip
path: |
.github/workflows/ros_translation_node.yml
+29 -16
View File
@@ -10,6 +10,9 @@ on:
- '**'
paths-ignore:
- 'docs/**'
permissions:
contents: read
defaults:
run:
shell: bash
@@ -20,8 +23,8 @@ concurrency:
jobs:
build_and_test:
name: Build and test
runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false]
name: Build and test [${{ matrix.config.ros_version }}]
runs-on: [runs-on,runner=4cpu-linux-x64,image=ubuntu24-full-x64,"run-id=${{ github.run_id }}",spot=false,extras=s3-cache]
strategy:
fail-fast: false
matrix:
@@ -29,33 +32,43 @@ jobs:
- {ros_version: "humble", ubuntu: "jammy"}
- {ros_version: "jazzy", ubuntu: "noble"}
container:
image: rostooling/setup-ros-docker:ubuntu-${{ matrix.config.ubuntu }}-latest
image: ros:${{ matrix.config.ros_version }}-ros-base-${{ matrix.config.ubuntu }}
steps:
- name: Setup ROS 2 (${{ matrix.config.ros_version }})
uses: ros-tooling/setup-ros@v0.7
with:
required-ros-distributions: ${{ matrix.config.ros_version }}
- name: Checkout repository
uses: actions/checkout@v4
- uses: runs-on/action@v2
- uses: actions/checkout@v6
with:
fetch-depth: 0
# Workaround for https://github.com/actions/runner/issues/2033
- name: ownership workaround
- name: Configure Git Safe Directory
run: git config --system --add safe.directory '*'
- uses: ./.github/actions/setup-ccache
id: ccache
with:
cache-key-prefix: ccache-ros-translation-${{ matrix.config.ros_version }}
max-size: 150M
base-dir: /ros_ws
install-ccache: 'true'
- name: Check .msg file versioning
if: github.event_name == 'pull_request'
run: |
./Tools/ci/check_msg_versioning.sh ${{ github.event.pull_request.base.sha }} ${{github.event.pull_request.head.sha}}
- name: Build and test
- name: Build - Translation Node
run: |
ros_ws=/ros_ws
mkdir -p $ros_ws/src
./Tools/copy_to_ros_ws.sh $ros_ws
cd $ros_ws
source /opt/ros/${{ matrix.config.ros_version }}/setup.sh
colcon build --cmake-args -DCMAKE_BUILD_TYPE=Release --symlink-install --event-handlers=console_cohesion+
source ./install/setup.sh
./build/translation_node/translation_node_unit_tests
colcon build --cmake-args -DCMAKE_BUILD_TYPE=Release -DCMAKE_CXX_COMPILER_LAUNCHER=ccache -DCMAKE_C_COMPILER_LAUNCHER=ccache --symlink-install --event-handlers=console_cohesion+
- name: Test - Translation Node Unit Tests
run: |
source /ros_ws/install/setup.sh
/ros_ws/build/translation_node/translation_node_unit_tests
- uses: ./.github/actions/save-ccache
if: always()
with:
cache-primary-key: ${{ steps.ccache.outputs.cache-primary-key }}

Some files were not shown because too many files have changed in this diff Show More