-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathcodeql
More file actions
62 lines (56 loc) · 1.79 KB
/
codeql
File metadata and controls
62 lines (56 loc) · 1.79 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
name: "CodeQL"
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
analyze:
name: Analyze (CodeQL)
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
submodules: true
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: cpp
- name: Install build tools
run: |
sudo apt-get update
sudo apt-get install -y build-essential cmake
- name: Build (detect or compile sources)
run: |
set -euxo pipefail
mkdir -p build
if [ -f CMakeLists.txt ]; then
cmake -S . -B build
cmake --build build -- -j$(nproc)
elif [ -f configure ]; then
./configure
make -j$(nproc)
else
# Try to compile any C/C++ sources found in the repo
SRC=$(find . -type f \( -name '*.c' -o -name '*.cpp' -o -name '*.cc' \) -not -path './build/*' | head -n 1 || true)
if [ -n "$SRC" ]; then
echo "Compiling $SRC"
if echo "$SRC" | grep -E '\\.c$' >/dev/null; then
gcc -c "$SRC" -o build/dummy.o || true
else
g++ -c "$SRC" -o build/dummy.o || true
fi
else
echo "No C/C++ sources found in repo. Using dummy translation unit."
mkdir -p src
cat > src/codeql_dummy.c <<'EOF'
/* Dummy translation unit for CodeQL C/C++ extraction */
int main(void) { return 0; }
EOF
gcc -c src/codeql_dummy.c -o build/dummy.o || true
fi
fi
- name: Perform CodeQL analysis
uses: github/codeql-action/analyze@v2