subsurface/.github/workflows/codeql-analysis.yml

73 lines
2.5 KiB
YAML
Raw Normal View History

# Modified from the sample workflow suggested by GitHub/Semmle
#
name: "CodeQL"
on:
push:
# once this works, this should be
# branches: [master]
branches: [master, codeQL]
pull_request:
# The branches below must be a subset of the branches above
branches: [master]
schedule:
- cron: '0 2 * * 6'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
# Override automatic language detection by changing the below list
# Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
language: ['cpp', 'javascript']
steps:
- name: Checkout repository
2023-12-11 11:13:53 +00:00
uses: actions/checkout@v4
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2
- name: get container ready for build
run: |
sudo apt-get update
sudo apt-get install -y -q --force-yes \
autoconf automake cmake g++ git libcrypto++-dev libcurl4-gnutls-dev \
libgit2-dev libqt5qml5 libqt5quick5 libqt5svg5-dev \
libqt5webkit5-dev libsqlite3-dev libssh2-1-dev libssl-dev libssl-dev \
libtool libusb-1.0-0-dev libxml2-dev libxslt1-dev libzip-dev make \
pkg-config qml-module-qtlocation qml-module-qtpositioning \
qml-module-qtquick2 qt5-qmake qtchooser qtconnectivity5-dev \
qtdeclarative5-dev qtdeclarative5-private-dev qtlocation5-dev \
qtpositioning5-dev qtscript5-dev qttools5-dev qttools5-dev-tools \
qtquickcontrols2-5-dev xvfb libbluetooth-dev libmtp-dev
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
2023-12-11 11:13:53 +00:00
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
- name: Build
env:
SUBSURFACE_REPO_PATH: ${{ github.workspace }}
run: |
cd ..
git config --global --add safe.directory ${SUBSURFACE_REPO_PATH}
git config --global --add safe.directory ${SUBSURFACE_REPO_PATH}/libdivecomputer
bash -e -x subsurface/scripts/build.sh -desktop -build-with-webkit
- name: Perform CodeQL Analysis
2023-12-11 11:13:53 +00:00
uses: github/codeql-action/analyze@v2