Skip to content
CodeQL Scan

CodeQL Scan #73

Sign in to view logs

CodeQL Scan

CodeQL Scan #73

Workflow file for this run

.github/workflows/codeql.yml at 5e9fdc3
name: CodeQL Scan
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
schedule:
- cron: '20 23 * * 1'
workflow_dispatch:
jobs:
generate-scan-list:
name: Generate scan list
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
outputs:
matrix: ${{steps.set-matrix.outputs.matrix}}
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Find all apps
id: find-all
run: |
chmod +x ./.github/scripts/list-all
echo "::set-output name=all::$(./.github/scripts/list-all)"
- name: Setup scanning matrix
id: set-matrix
env:
ALL: ${{ steps.find-all.outputs.all }}
run: |
echo "::set-output name=matrix::$ALL"
echo "::notice::Scan list: $ALL"
codeql-scan:
name: "CodeQL(${{ matrix.languages }}): ${{matrix.target-dir}}"
needs: generate-scan-list
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.generate-scan-list.outputs.matrix) }}
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Build CodeQL config file
env:
TARGET_DIR: ${{ matrix.target-dir }}
run: |
cp .github/codeql/codeql-config-template.yml codeql-config.yml
sed -i 's@__TARGET_DIR__@'"$TARGET_DIR"'@' codeql-config.yml
- name: Initialize CodeQL
continue-on-error: true
uses: github/codeql-action/init@v2
with:
config-file: codeql-config.yml
languages: ${{ matrix.languages }}
- name: Attempting build
continue-on-error: true
if: ${{ (matrix.languages == 'cpp' || matrix.languages == 'csharp' || matrix.languages == 'java') }}
uses: github/codeql-action/autobuild@v2
- name: Perform CodeQL analysis
continue-on-error: true
uses: github/codeql-action/analyze@v2
with:
category: ${{ matrix.target-dir }}-${{ matrix.languages }}