mirror of
https://github.com/github/codeql.git
synced 2026-02-08 11:11:06 +01:00
64 lines
1.6 KiB
YAML
64 lines
1.6 KiB
YAML
name: "CodeQL action"
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
pull_request:
|
|
branches: [main]
|
|
schedule:
|
|
- cron: "15 0 * * 2"
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
prepare:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Fetch CodeQL
|
|
run: |
|
|
LATEST=$(gh release list --repo https://github.com/github/codeql-cli-binaries | cut -f 1 | sort --version-sort | tail -1)
|
|
gh release download --repo https://github.com/github/codeql-cli-binaries --pattern codeql-linux64.zip "$LATEST"
|
|
unzip -q codeql-linux64.zip
|
|
env:
|
|
GITHUB_TOKEN: ${{ github.token }}
|
|
|
|
- uses: actions/cache@v2
|
|
with:
|
|
path: |
|
|
~/.cargo/registry
|
|
~/.cargo/git
|
|
target
|
|
key: ${{ runner.os }}-qltest-cargo-${{ hashFiles('**/Cargo.lock') }}
|
|
|
|
- name: Build Extractor
|
|
run: env "PATH=$PATH:${{ github.workspace }}/codeql" ./create-extractor-pack.sh
|
|
# TODO
|
|
|
|
# analyze:
|
|
# name: Analyze
|
|
# runs-on: ubuntu-latest
|
|
# permissions:
|
|
# actions: read
|
|
# contents: read
|
|
# security-events: write
|
|
#
|
|
# strategy:
|
|
# fail-fast: false
|
|
# matrix:
|
|
# language: ["ql"]
|
|
#
|
|
# steps:
|
|
# - name: Initialize CodeQL
|
|
# uses: github/codeql-action/init@v1
|
|
# with:
|
|
# languages: ${{ matrix.language }}
|
|
# tools: extractor-pack
|
|
#
|
|
# - name: Autobuild
|
|
# uses: github/codeql-action/autobuild@v1
|
|
#
|
|
# - name: Perform CodeQL Analysis
|
|
# uses: github/codeql-action/analyze@v1
|