Add cmake/cpack infrastructure for building .deb packages from
px4_sitl_sih and px4_sitl_default targets. Includes install rules,
package scripts, Gazebo wrapper, and CI workflow.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Three issues caused the monthly audit to report already-resolved submodules:
1. The audit workflow grepped for "NOASSERTION" anywhere in the output,
matching the Detected column even when the Final column had a valid
override (e.g. libtomcrypt detected as NOASSERTION but overridden to
Unlicense). Changed to grep for "<-- UNRESOLVED" marker instead.
2. Submodules with an explicit NOASSERTION override in license-overrides.yaml
(like libfc-sensor-api, which is proprietary) were still counted as
failures. Now treated as "acknowledged" since someone intentionally
added the override entry.
3. Added missing BSD-3-Clause override for sitl_gazebo-classic (PX4 org
project with no LICENSE file in repo).
Fixes#26932
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
* ci(claude): add review-pr skill for domain-aware PR reviews
Add a Claude Code skill that reviews pull requests with checks
tailored to the domains touched (estimation, control, drivers,
simulation, system, CI/build, messages, board additions).
Built from analysis of 800+ PR reviews across 8 PX4 maintainers.
Includes merge strategy recommendation, interactive dialog for
submitting reviews, and human-sounding PR comment formatting.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
* ci(copilot): add domain-scoped review instructions for GitHub Copilot
Add .github/instructions/ files that give GitHub Copilot PR reviews
the same domain-aware context as the Claude Code review-pr skill.
Each file is scoped via applyTo to the relevant source paths:
core review, estimation, control, drivers/CAN, simulation, system,
CI/build, messages/protocol, and board additions.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
* fix(claude): address Copilot review feedback
- Fix step reference in review-pr skill (step 8 -> step 9)
- Capitalize CMake consistently in skill and Copilot instructions
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
---------
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Add a scalable .deb packaging framework for VOXL2, built on the
existing cmake/package.cmake CPack infrastructure. The framework
handles multi-processor boards by having the POSIX (_default) build
own the .deb and pull in the companion SLPI build's artifacts.
Board-specific files:
- cmake/package.cmake: CPack variable overrides (name, deps, version)
- cmake/install.cmake: install() rules for all .deb contents
- debian/postinst: px4-* symlinks, DSP signature, directory setup
- debian/prerm: service stop, symlink cleanup
- debian/voxl-px4.service: systemd unit (after sscrpcd)
Infrastructure changes:
- cmake/package.cmake: hook for board-specific CPack overrides
- platforms/posix/CMakeLists.txt: hook for board install.cmake
- Makefile: %_deb pattern rule (build _default, then cpack -G DEB)
- CI: auto-discover _deb targets, collect .deb artifacts, upload
to GitHub Releases
Future boards: add cmake/package.cmake + cmake/install.cmake and
CI discovers it automatically. No new file formats or tools needed.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
* ci(ros): use matching branch for px4-ros2-interface-lib
When running on release branches, the ROS integration tests now
check if a matching branch exists in px4-ros2-interface-lib and
clone it instead of always using main. This prevents build failures
caused by uORB message divergence between main and release branches.
Fixes https://github.com/Auterion/px4-ros2-interface-lib/issues/184
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
* ci(ros): dispatch release branch creation to px4-ros2-interface-lib
Add a standalone workflow triggered by the create event that fires a
repository_dispatch to Auterion/px4-ros2-interface-lib when a
release/X.Y branch is created. Also supports manual workflow_dispatch.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
* ci(ros): add empty permissions block to dispatch workflow
Fixes code scanning alert about missing GITHUB_TOKEN permissions.
This workflow only uses a PAT secret, not GITHUB_TOKEN, so no
permissions are needed.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
---------
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
RunsOn v2.12.0 (March 6, 2026) removed v1 cache toolkit support,
causing the buildx GHA cache proxy to return 404 for v1 endpoints.
This has broken container builds on main since March 12.
Removing the explicit version=1 parameter lets buildkit auto-detect
the v2 protocol, which is the only version now supported by both
GitHub (since April 2025) and RunsOn.
First build after this change will have a cold cache.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Add CI enforcement of conventional commit format for PR titles and
commit messages. Includes three Python scripts under Tools/ci/:
- conventional_commits.py: shared parsing/validation library
- check_pr_title.py: validates PR title format, suggests fixes
- check_commit_messages.py: checks commits for blocking errors
(fixup/squash/WIP leftovers) and advisory warnings (review-response,
formatter-only commits)
The workflow (.github/workflows/commit_checks.yml) posts concise
GitHub PR comments with actionable suggestions and auto-removes them
once issues are resolved.
Also updates CONTRIBUTING.md and docs with the conventional commits
convention.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Persistent flaky failures (timeouts, erratic transitions) make these
tests unreliable in CI. Commented out from the workflow matrix so they
can be re-enabled once the test infrastructure is stabilized. The test
definitions in sitl.json are preserved for local use.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Remove the step that uploaded every version tag to the stable/ S3
directory, which caused QGC users selecting "stable" to receive
pre-release firmware (#26340). The stable/ and beta/ directories
are now controlled exclusively by their respective branch pushes,
while version tags only upload to their versioned archive directory
(e.g., v1.16.1/). Pre-release tags are also correctly marked on
GitHub Releases.
Co-authored-by: Julian Oes <julian@oes.ch>
Fixes#26340
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Rename workflow to "Static Analysis" with job name "Clang-Tidy" for
clearer GitHub Checks UI. Use Title Case action-verb step names.
Switch from runs-on/cache to actions/cache since the runs-on Magic
Cache sidecar transparently handles S3 backing.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
github.ref_name resolves to '26367/merge' for pull_request events,
causing cache misses. Use github.head_ref (PR source branch) with
fallback to github.ref_name for push events.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Use separate cache/restore and cache/save steps with if: always()
on the save step, matching the build_all_targets pattern.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
- Switch from addnab/docker-run-action to native container directive
- Use runs-on 16-core runner with S3 cache (extras=s3-cache)
- Add ccache setup matching build_all_targets pattern
- Run clang-tidy with -j16 to leverage all cores
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
The free GitHub runner (4 vCPUs) takes ~22 minutes. Switch to a
16-core runs-on runner and bump parallelism to -j16 to reduce
clang-tidy analysis time.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Pin the container image to v1.17.0-beta1 which includes clang-tidy 18
and all required clang dependencies pre-installed. This removes the
need to install clang-tidy via apt on each workflow run.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Remove modalai_voxl2 and qurt from CI exclusion lists and add
container overrides to use the private ghcr.io/px4/px4-dev-voxl2
image which contains the Qualcomm Hexagon SDK.
- Add voxl2 build group with x64 runner for cross-compilation
- Add GHCR credentials to workflow for private container pull
- Add packages:read permission to workflow
- Auto-build libfc_sensor.so stub during cmake configure
- Handle missing .px4/.elf gracefully in artifact packaging
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
When build-site uses always() in its if condition, the skipped status
from its upstream dependencies propagates to deploy-aws which lacks
always(). Add always() with explicit success checks to ensure deploy
runs when both metadata-regen and build-site succeed.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
The metadata-regen job runs inside the px4io/px4-dev container which
has no Node.js. The actions/setup-node action only installs on the
host runner, not inside the container, causing yarn: not found errors.
Replace actions/setup-node with direct Node.js installation via
NodeSource and enable corepack for Yarn support.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Add a docs filter to detect-changes and gate build-site so it is
skipped when a PR only touches the workflow YAML file. Push and
dispatch triggers are unaffected.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
The version guard rejects non-main/release branches, but build-site
also runs on PRs where the branch name is arbitrary. Default to "main"
for PR builds since deploy-aws is skipped anyway.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
- Add safe.directory + fetch-depth: 0 for container jobs
- Support workflow_dispatch in metadata-regen and deploy-aws
- Guard PR comments against fork PRs
- Add ccache save to pr-metadata-regen
- Use metadata_sync.sh --generate --sync instead of manual steps
- Fix msg_docs source path in metadata_sync.sh
- Guard set-version against non-release branches
- Clean up build-site needs list
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
The docs-orchestrator workflow referenced px4io/px4-dev-nuttx-focal:2024-11-07
which does not exist on Docker Hub, causing the T2: Metadata Sync job
to fail on push to main.
Use px4io/px4-dev:v1.17.0-beta1 which has all required toolchains.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
The sticky-pull-request-comment action requires a non-empty file
when using the path input. When the filtered link checker finds no
broken links in changed files, it produces an empty file causing
the action to fail with "Either message or path input is required".
Ensure the results file always has content by writing a fallback
message when the file is missing or empty.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Prefix job names with T1-T4 to make the execution order and dependency
chain visible at a glance in the GitHub Actions UI.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
After a force push, GitHub evaluates path filters against only the
pushed commits, not the full PR diff. Changes to the orchestrator
workflow file itself were not matching the docs/** path filter,
preventing the orchestrator from running on the PR.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Pass the changed files JSON through an environment variable instead
of direct interpolation to avoid shell quoting issues.
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Add fetch-depth: 0 to the checkout step in docs_flaw_checker.yml.
Without a full clone, tj-actions/changed-files cannot find the merge
base between main and the PR branch, causing the job to fail with
"no merge base".
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
Add conditional metadata generation for PRs that modify both docs and
source files. This fixes broken link checker reports when a PR adds a
new module and documents it simultaneously - previously the link checker
would fail because metadata files are only generated on push to main.
Changes:
- Add docs-orchestrator.yml workflow with:
- detect-changes job to check if PR touches source paths
- pr-metadata-regen job that generates metadata and uploads as artifact
- link-check job that downloads metadata artifact when available
- build-site job for VitePress site generation
- deploy-aws and crowdin-upload jobs for push events
- Prettier formatting step before auto-commit on push
- Add Prettier for markdown formatting:
- Add prettier ^3.2.0 as devDependency in docs/package.json
- Add docs/.prettierrc with prose-preserving config
- Remove normalize_whitespace from metadata_sync.sh (Prettier handles
whitespace normalization now)
Signed-off-by: Ramon Roche <mrpollo@gmail.com>
