| Michal Vasko | 2f6a1a8 | 2022-12-13 10:50:45 +0100 | [diff] [blame] | 1 | name: "CodeQL" |
| 2 | |
| 3 | on: |
| 4 | push: |
| 5 | branches: [ "master", "devel" ] |
| 6 | pull_request: |
| 7 | branches: [ "devel" ] |
| Michal Vasko | 2f6a1a8 | 2022-12-13 10:50:45 +0100 | [diff] [blame] | 8 | |
| 9 | env: |
| roman | d72bc32 | 2023-10-26 15:46:01 +0200 | [diff] [blame] | 10 | DEFAULT_PACKAGES: libcmocka-dev zlib1g-dev libssh-dev libssl-dev libpam0g-dev libcurl4-openssl-dev |
| Michal Vasko | 2f6a1a8 | 2022-12-13 10:50:45 +0100 | [diff] [blame] | 11 | |
| 12 | jobs: |
| 13 | git-branch: |
| 14 | name: Get git branch |
| 15 | runs-on: ubuntu-latest |
| 16 | outputs: |
| 17 | branch-name: ${{ steps.get-git-branch.outputs.branch-name }} |
| 18 | steps: |
| 19 | - id: get-git-branch |
| 20 | run: | |
| 21 | if ${{ github.event_name == 'push' }} |
| 22 | then export GIT_BRANCH=`echo ${{ github.ref }} | cut -d'/' -f 3` |
| 23 | else |
| 24 | export GIT_BRANCH=${{ github.base_ref }} |
| 25 | fi |
| 26 | echo "branch-name=$GIT_BRANCH" >> $GITHUB_OUTPUT |
| 27 | |
| 28 | analyze: |
| 29 | name: Analyze |
| 30 | runs-on: ubuntu-22.04 |
| 31 | needs: git-branch |
| 32 | permissions: |
| 33 | actions: read |
| 34 | contents: read |
| 35 | security-events: write |
| 36 | |
| 37 | strategy: |
| 38 | fail-fast: false |
| 39 | matrix: |
| 40 | language: [ cpp ] |
| 41 | |
| 42 | steps: |
| 43 | - name: Checkout |
| 44 | uses: actions/checkout@v3 |
| 45 | |
| 46 | - name: Deps-packages |
| 47 | run: | |
| 48 | sudo apt-get update |
| 49 | sudo apt-get install --yes $DEFAULT_PACKAGES |
| 50 | |
| 51 | - name: Deps-libyang |
| 52 | shell: bash |
| 53 | run: | |
| 54 | git clone -b ${{ needs.git-branch.outputs.branch-name }} https://github.com/CESNET/libyang.git |
| 55 | cd libyang |
| 56 | mkdir build |
| 57 | cd build |
| 58 | cmake -DCMAKE_INSTALL_PREFIX=$RUNNER_TEMP -DENABLE_BUILD_TESTS=OFF .. |
| 59 | make -j2 |
| 60 | sudo make install |
| 61 | |
| 62 | - name: Configure |
| 63 | run: | |
| 64 | mkdir build |
| 65 | cd build |
| 66 | cmake -DCMAKE_INCLUDE_PATH=$RUNNER_TEMP/include -DCMAKE_LIBRARY_PATH=$RUNNER_TEMP/lib .. |
| 67 | |
| 68 | - name: Initialize CodeQL |
| 69 | uses: github/codeql-action/init@v2 |
| 70 | with: |
| 71 | languages: ${{ matrix.language }} |
| 72 | queries: +security-and-quality |
| 73 | |
| 74 | - name: Build cpp |
| 75 | run: | |
| 76 | cd build |
| 77 | make -j2 |
| 78 | |
| 79 | - name: Perform CodeQL Analysis |
| 80 | uses: github/codeql-action/analyze@v2 |
| 81 | with: |
| 82 | category: "/language:${{ matrix.language }}" |