Skip to content

Commit 6847422

Browse files
author
Chelsea Boling
authored
Update codeql-analysis.yml
1 parent 4a9486f commit 6847422

File tree

1 file changed

+45
-16
lines changed

1 file changed

+45
-16
lines changed

.github/workflows/codeql-analysis.yml

Lines changed: 45 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ jobs:
2929
strategy:
3030
fail-fast: false
3131
matrix:
32-
language: [ 'cpp', 'python' ]
32+
language: [ 'cpp' ]
3333
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
3434
# Learn more:
3535
# https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
@@ -40,19 +40,48 @@ jobs:
4040
with:
4141
submodules: recursive
4242

43-
# Initializes the CodeQL tools for scanning.
44-
- name: Initialize CodeQL
45-
uses: github/codeql-action/init@v1
46-
with:
47-
languages: ${{ matrix.language }}
48-
# If you wish to specify custom queries, you can do so here or in a config file.
49-
# By default, queries listed here will override any specified in a config file.
50-
# Prefix the list here with "+" to use these queries and those in the config file.
51-
# queries: ./path/to/local/query, your-org/your-repo/queries@main
52-
53-
- name: Compile and package
43+
# setup dev environment here if necessary
44+
- name: Environment variables
45+
env:
46+
GITHUB_TOKEN: ${{ github.token }}
47+
GITHUB_REF: ${{ github.ref }}
48+
GITHUB_SHA: ${{ github.sha }}
49+
GITHUB_REPO: ${{ github.repository }}
50+
GITHUB_WORKSPACE: ${{ github.workspace }}
51+
run: |
52+
echo $GITHUB_TOKEN
53+
echo $GITHUB_REF
54+
echo $GITHUB_SHA
55+
echo $GITHUB_REPO
56+
echo $GITHUB_WORKSPACE
57+
- name: Setup CodeQL Runner
58+
run: |
59+
pwd
60+
wget -q https://github.com/github/codeql-action/releases/download/codeql-bundle-20201106/codeql-runner-linux
61+
sudo install -o root -g root -m 0755 codeql-runner-linux /usr/local/bin/
62+
ls -l
63+
echo ${{ github.workspace }}
64+
65+
- name: Execute CodeQL Runner
5466
run: |
55-
whoami
56-
python3 ./setup.py install
57-
- name: Perform CodeQL Analysis
58-
uses: github/codeql-action/analyze@v1
67+
68+
latest_SHA_on_ref=$(git rev-parse HEAD)
69+
default_branch=$(git symbolic-ref HEAD)
70+
71+
sudo codeql-runner-linux init \
72+
--checkout-path ${{ github.workspace }} \
73+
--github-url https://github.com \
74+
--repository ${{ github.repository }} \
75+
--github-auth ${{ github.token }} \
76+
--languages ${{ matrix.language }} \
77+
--source-root=${{ github.workspace }} \
78+
79+
sudo python3 ./setup.py install
80+
81+
sudo codeql-runner-linux analyze \
82+
--checkout-path ${{ github.workspace }} \
83+
--github-url https://github.com \
84+
--repository cmboling/${{ github.repository }} \
85+
--github-auth ${{ github.token }} \
86+
--commit $latest_SHA_on_ref \
87+
--ref $default_branch

0 commit comments

Comments
 (0)