mrva/gh-mrva
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

** Run MRVA from command line

Browse Source
This commit is contained in:
Michael Hohn
2024-01-24 12:17:28 -08:00
committed by =Michael Hohn
parent edb9714b37
commit 8b076cfd53
1 changed files with 115 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

190
README.org
View File

@@ -31,38 +31,38 @@
#+END_SRC #+END_SRC
** Use the codeql extension to run MRVA ** Use the codeql extension to run MRVA
Following the [[https://codeql.github.com/docs/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva/#controller-repository][instructions]] and running =./FlatBuffersFunc.ql=, the entry Following the [[https://codeql.github.com/docs/codeql-for-visual-studio-code/running-codeql-queries-at-scale-with-mrva/#controller-repository][instructions]] and running =./FlatBuffersFunc.ql=, the entry
=google/flatbuffers= has one [[https://github.com/google/flatbuffers/blob/dbce69c63b0f3cee8f6d9521479fd3b087338314/src/binary_annotator.cpp#L25C21-L25C37][result]]. Others have none. =google/flatbuffers= has one [[https://github.com/google/flatbuffers/blob/dbce69c63b0f3cee8f6d9521479fd3b087338314/src/binary_annotator.cpp#L25C21-L25C37][result]]. Others have none.
** Action logs on Controller Repository ** Action logs on Controller Repository
The action logs are on the controller repository at The action logs are on the controller repository at
https://github.com/hohn/mirva-controller/actions. https://github.com/hohn/mirva-controller/actions.
The =action>google flatbuffers= log references The =action>google flatbuffers= log references
: github/codeql-variant-analysis-action : github/codeql-variant-analysis-action
#+BEGIN_SRC yaml #+BEGIN_SRC yaml
Run actions/checkout@v4 Run actions/checkout@v4
with: with:
repository: github/codeql-variant-analysis-action repository: github/codeql-variant-analysis-action
ref: main ref: main
token: *** token: ***
ssh-strict: true ssh-strict: true
persist-credentials: true persist-credentials: true
clean: true clean: true
sparse-checkout-cone-mode: true sparse-checkout-cone-mode: true
fetch-depth: 1 fetch-depth: 1
fetch-tags: false fetch-tags: false
show-progress: true show-progress: true
lfs: false lfs: false
submodules: false submodules: false
set-safe-directory: true set-safe-directory: true
env: env:
CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: true CODEQL_ENABLE_EXPERIMENTAL_FEATURES_SWIFT: true
#+END_SRC #+END_SRC
This is https://github.com/github/codeql-variant-analysis-action This is https://github.com/github/codeql-variant-analysis-action
The workflow producing the logs: The workflow producing the logs:
https://github.com/github/codeql-variant-analysis-action/blob/main/variant-analysis-workflow.yml https://github.com/github/codeql-variant-analysis-action/blob/main/variant-analysis-workflow.yml
@@ -76,52 +76,92 @@
It's saved in the workspace, but not in the current git repository. It's saved in the workspace, but not in the current git repository.
Here are two snapshots for reference: Here are two snapshots for reference:
#+begin_src javascript #+begin_src javascript
{ {
"version": 1, "version": 1,
"databases": { "databases": {
"variantAnalysis": { "variantAnalysis": {
"repositoryLists": [ "repositoryLists": [
{ {
"name": "mirva-list", "name": "mirva-list",
"repositories": [ "repositories": [
"google/flatbuffers" "google/flatbuffers"
] ]
} }
], ],
"owners": [], "owners": [],
"repositories": [] "repositories": []
} }
}, },
"selected": { "selected": {
"kind": "variantAnalysisSystemDefinedList", "kind": "variantAnalysisSystemDefinedList",
"listName": "top_10" "listName": "top_10"
} }
} }
#+end_src #+end_src
or or
#+begin_src javascript #+begin_src javascript
{ {
"version": 1, "version": 1,
"databases": { "databases": {
"variantAnalysis": { "variantAnalysis": {
"repositoryLists": [ "repositoryLists": [
{ {
"name": "mirva-list", "name": "mirva-list",
"repositories": [ "repositories": [
"google/flatbuffers" "google/flatbuffers"
] ]
} }
], ],
"owners": [], "owners": [],
"repositories": [] "repositories": []
} }
}, },
"selected": { "selected": {
"kind": "variantAnalysisUserDefinedList", "kind": "variantAnalysisUserDefinedList",
"listName": "mirva-list" "listName": "mirva-list"
} }
} }
#+end_src #+end_src
** Run MRVA from command line
1. Set up the configuration
#+BEGIN_SRC sh
cd ~/local/gh-mrva
cat > ~/.config/gh-mrva/config.yml <<eof
# The following options are supported
# codeql_path: Path to CodeQL distribution (checkout of codeql repo)
# controller: NWO of the MRVA controller to use
# list_file: Path to the JSON file containing the target repos
# git checkout codeql-cli/v2.15.5
codeql_path: /Users/hohn/local/codeql-lib
controller: hohn/mirva-controller
list_file: /Users/hohn/local/gh-mrva/databases.json
eof
#+END_SRC
2. Submit the mrva job
#+BEGIN_SRC sh
gh mrva submit --help
gh mrva submit --language cpp --session mirva-session-1 \
--list mirva-list \
--query /Users/hohn/local/gh-mrva/FlatBuffersFunc.ql
#+END_SRC
3. Check the status and download the sarif files
#+BEGIN_SRC sh
cd ~/local/gh-mrva
# Check the status
gh mrva status --session mirva-session-1
# Download the sarif files when finished
gh mrva download --session mirva-session-1 \
--output-dir mirva-session-1-sarif
#+END_SRC