hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-08 03:01:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
d23de3dcd8e059f1dadefd5f681e7ca0f90aa10e
codeql/.github/workflows/published-codeql-analysis.yml
Esben Sparre Andreasen d23de3dcd8 make another codeql-action workflow that uses a published pack
2021-10-14 15:29:06 +02:00

50 lines
1.3 KiB
YAML
Raw Blame History

name: "CodeQL with published queries and extractor"
on:
workflow_dispatch:
push:
branches: [ main ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ main ]
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Download pack
run: |
gh release download latest --pattern ql-qlpack.zip
unzip ql-qlpack.zip -d "${PACK}"
env:
PACK: ${{ runner.temp }}/ql-qlpack
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Hack codeql-action options
run: |
JSON=$(jq -nc --arg pack "${PACK}" '.resolve.queries=["--search-path", $pack] | .resolve.extractor=["--search-path", $pack] | .database.init=["--search-path", $pack]')
echo "CODEQL_ACTION_EXTRA_OPTIONS=${JSON}" >> ${GITHUB_ENV}
env:
PACK: ${{ runner.temp }}/ql-qlpack
- name: Initialize CodeQL
uses: github/codeql-action/init@esbena/ql
with:
languages: ql
db-location: ${{ runner.temp }}/db
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@esbena/ql
Reference in New Issue View Git Blame Copy Permalink