|
| 1 | +name: "CodeQL" |
| 2 | + |
| 3 | +on: |
| 4 | + push: |
| 5 | + branches: [ "master" ] |
| 6 | + pull_request: |
| 7 | + branches: [ "master" ] |
| 8 | + schedule: |
| 9 | + - cron: '22 16 * * 5' |
| 10 | + |
| 11 | +jobs: |
| 12 | + analyze-jsts: |
| 13 | + name: Analyze JavaScript-TypeScript |
| 14 | + runs-on: ubuntu-22.04 |
| 15 | + timeout-minutes: 360 |
| 16 | + permissions: |
| 17 | + # required for all workflows |
| 18 | + security-events: write |
| 19 | + # only required for workflows in private repositories |
| 20 | + actions: read |
| 21 | + contents: read |
| 22 | + |
| 23 | + steps: |
| 24 | + - name: Checkout repository |
| 25 | + uses: actions/checkout@v4 |
| 26 | + |
| 27 | + # Initializes the CodeQL tools for scanning |
| 28 | + - name: Initialize CodeQL |
| 29 | + uses: github/codeql-action/init@v3 |
| 30 | + with: |
| 31 | + languages: javascript-typescript |
| 32 | + |
| 33 | + # Perform CodeQL analysis |
| 34 | + - name: Perform CodeQL Analysis |
| 35 | + uses: github/codeql-action/analyze@v3 |
| 36 | + with: |
| 37 | + category: "/language:javascript-typescript" |
| 38 | + |
| 39 | + |
| 40 | + analyze-cpp: |
| 41 | + name: Analyze C-C++ |
| 42 | + env: |
| 43 | + BUILD_TYPE: Debug |
| 44 | + INSTALL_PATH: ${{github.workspace}}/dependencies/install |
| 45 | + DOWNLOAD_PATH: ${{github.workspace}}/dependencies/download |
| 46 | + runs-on: ubuntu-22.04 |
| 47 | + timeout-minutes: 360 |
| 48 | + permissions: |
| 49 | + # required for all workflows |
| 50 | + security-events: write |
| 51 | + # only required for workflows in private repositories |
| 52 | + actions: read |
| 53 | + contents: read |
| 54 | + |
| 55 | + steps: |
| 56 | + - name: Checkout repository |
| 57 | + uses: actions/checkout@v4 |
| 58 | + |
| 59 | + # Initializes the CodeQL tools for scanning |
| 60 | + - name: Initialize CodeQL |
| 61 | + uses: github/codeql-action/init@v3 |
| 62 | + with: |
| 63 | + languages: c-cpp |
| 64 | + |
| 65 | + # Build project |
| 66 | + - name: Update apt-get |
| 67 | + run: sudo apt-get update |
| 68 | + |
| 69 | + - name: Install required packages for build |
| 70 | + run: ./.github/scripts/ubuntu-22.04/setup_build.sh |
| 71 | + |
| 72 | + - name: Install database packages |
| 73 | + run: ./.github/scripts/ubuntu-22.04/setup_postgresql.sh |
| 74 | + |
| 75 | + - name: Set has-compiled-dependencies flag |
| 76 | + id: compilation-flag |
| 77 | + run: | |
| 78 | + if [ -f ./.github/scripts/ubuntu-22.04/compile_build.sh ]; then |
| 79 | + echo "HAS_COMPILED_DEPENDENCIES=true" >> "$GITHUB_ENV" |
| 80 | + else |
| 81 | + echo "HAS_COMPILED_DEPENDENCIES=false" >> "$GITHUB_ENV" |
| 82 | + fi |
| 83 | +
|
| 84 | + - name: Download installers for compiled dependencies |
| 85 | + if: ${{ env.HAS_COMPILED_DEPENDENCIES == 'true' }} |
| 86 | + id: download-compile-dependencies |
| 87 | + run: | |
| 88 | + chmod +x ./.github/scripts/ubuntu-22.04/download_build.sh |
| 89 | + ./.github/scripts/ubuntu-22.04/download_build.sh |
| 90 | +
|
| 91 | + - name: Restore compiled dependencies |
| 92 | + id: restore-compiled-dependencies |
| 93 | + uses: actions/cache/restore@v3 |
| 94 | + with: |
| 95 | + path: ${{ env.INSTALL_PATH }} |
| 96 | + key: ubuntu-22.04-compile-install-${{ env.CACHE_KEY }} |
| 97 | + |
| 98 | + - name: Compile dependencies |
| 99 | + if: ${{ env.HAS_COMPILED_DEPENDENCIES == 'true' && steps.restore-compiled-dependencies.outputs.cache-hit != 'true' }} |
| 100 | + run: | |
| 101 | + chmod +x ./.github/scripts/ubuntu-22.04/compile_build.sh |
| 102 | + ./.github/scripts/ubuntu-22.04/compile_build.sh |
| 103 | +
|
| 104 | + - name: Post compilation configuration (build) |
| 105 | + if: ${{ env.HAS_COMPILED_DEPENDENCIES == 'true' }} |
| 106 | + run: | |
| 107 | + if [ -f ./.github/scripts/ubuntu-22.04/postcompile_build.sh ]; then |
| 108 | + chmod +x ./.github/scripts/ubuntu-22.04/postcompile_build.sh |
| 109 | + ./.github/scripts/ubuntu-22.04/postcompile_build.sh |
| 110 | + fi |
| 111 | +
|
| 112 | + - name: Install database packages |
| 113 | + run: ./.github/scripts/ubuntu-22.04/setup_postgresql.sh |
| 114 | + |
| 115 | + - name: Configure CMake |
| 116 | + working-directory: ${{github.workspace}} |
| 117 | + run: cmake -E make_directory $HOME/cc-build |
| 118 | + |
| 119 | + - name: Run CMake |
| 120 | + run: > |
| 121 | + cd $HOME/cc-build && |
| 122 | + cmake ${{github.workspace}} -DCMAKE_EXPORT_COMPILE_COMMANDS=1 |
| 123 | + -DCMAKE_INSTALL_PREFIX=$HOME/ubuntu-22.04/postgresql/cc-install |
| 124 | + -DDATABASE=pgsql |
| 125 | + -DCMAKE_BUILD_TYPE=$BUILD_TYPE |
| 126 | + -DLLVM_DIR=/usr/lib/llvm-11/cmake |
| 127 | + -DClang_DIR=/usr/lib/cmake/clang-11 |
| 128 | +
|
| 129 | + - name: Build |
| 130 | + run: | |
| 131 | + cd $HOME/cc-build |
| 132 | + make -j $(nproc) |
| 133 | +
|
| 134 | + - name: Install |
| 135 | + run: | |
| 136 | + cd $HOME/cc-build |
| 137 | + make install |
| 138 | +
|
| 139 | + # Perform CodeQL analysis |
| 140 | + - name: Perform CodeQL Analysis |
| 141 | + uses: github/codeql-action/analyze@v3 |
| 142 | + with: |
| 143 | + category: "/language:c-cpp" |
| 144 | + |
0 commit comments