From 5d7b6c42c0ee7206d3e72b55a9d20ad2369bb836 Mon Sep 17 00:00:00 2001 From: Lars Eggert <200328+larseggert@users.noreply.github.com> Date: Wed, 19 Aug 2020 17:53:51 +0300 Subject: [PATCH] Enable GitHub Code Scanning (#736) --- .github/workflows/codeql-analysis.yml | 50 +++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 .github/workflows/codeql-analysis.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 0000000000..268b6acf86 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,50 @@ +--- +name: "CodeQL" + +on: + push: + branches: [master] + pull_request: + # The branches below must be a subset of the branches above + branches: [master] + schedule: + - cron: '0 17 * * 1' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + with: + fetch-depth: 2 + submodules: 'recursive' + + # If this run was triggered by a pull request event, then checkout + # the head of the pull request instead of the merge commit. + - run: git checkout HEAD^2 + if: ${{ github.event_name == 'pull_request' }} + + # Install dependencies and build submodules before starting analysis. + - run: | + sudo apt-get install -y liblttng-ust-dev + sudo sh scripts/install-powershell-docker.sh + mkdir build + cd build + cmake .. + cmake --build . --target OpenSSL + + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: cpp, csharp, python + + # Analyze this build. + - run: | + cd build + cmake --build . + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1