From 0ec80286eb747871be3b438166ae3a6830bd4364 Mon Sep 17 00:00:00 2001 From: Stephen Griffin Date: Mon, 3 Jul 2023 18:31:43 -0400 Subject: [PATCH 1/2] move codeql into ci --- .github/workflows/github-ci.yml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/.github/workflows/github-ci.yml b/.github/workflows/github-ci.yml index 74388d875..8c4c58f9b 100644 --- a/.github/workflows/github-ci.yml +++ b/.github/workflows/github-ci.yml @@ -33,6 +33,11 @@ jobs: working-directory: ${{ github.workspace }} run: nuget restore mfcmapi.sln + - name: Initialize CodeQL + uses: github/codeql-action/init@004c5de30b6423267685b897a3d595e944f7fed5 # v2.20.2 + with: + languages: "cpp" + - name: "Build" shell: pwsh run: | @@ -45,4 +50,9 @@ jobs: testAssembly: '**\\UnitTest.dll' searchFolder: "${{ github.workspace }}\\bin\\${{matrix.platform}}\\UnitTest\\${{matrix.configuration}}" runInParallel: true - # codeCoverageEnabled: true \ No newline at end of file + # codeCoverageEnabled: true + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@004c5de30b6423267685b897a3d595e944f7fed5 # v2.20.2 + with: + category: "/language:cpp" \ No newline at end of file From b6c69c8846a598cfc8fa839bf5d1967dd593a5ea Mon Sep 17 00:00:00 2001 From: Stephen Griffin Date: Mon, 3 Jul 2023 18:39:46 -0400 Subject: [PATCH 2/2] move codeql task to dispatch only --- .github/workflows/codeql.yml | 36 ++---------------------------------- 1 file changed, 2 insertions(+), 34 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c553965e5..7ff6a3a7c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,22 +1,7 @@ -# For most projects, this workflow file will not need changing; you simply need -# to commit it to your repository. -# -# You may wish to alter this file to override the set of languages analyzed, -# or to provide custom queries or build logic. -# -# ******** NOTE ******** -# We have attempted to detect the languages in your repository. Please check -# the `language` matrix defined below to confirm you have the correct set of -# supported CodeQL languages. -# name: "CodeQL" on: - push: - branches: ["main"] - pull_request: - # The branches below must be a subset of the branches above - branches: ["main"] + workflow_dispatch: schedule: - cron: "0 0 * * 1" @@ -36,8 +21,6 @@ jobs: fail-fast: false matrix: language: ["cpp"] - # CodeQL supports [ $supported-codeql-languages ] - # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support steps: - name: Harden Runner @@ -55,26 +38,11 @@ jobs: uses: github/codeql-action/init@004c5de30b6423267685b897a3d595e944f7fed5 # v2.20.2 with: languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild uses: github/codeql-action/autobuild@004c5de30b6423267685b897a3d595e944f7fed5 # v2.20.2 - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - - # If the Autobuild fails above, remove it and uncomment the following three lines. - # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. - - # - run: | - # echo "Run, Build Application using script" - # ./location_of_script_within_repo/buildscript.sh - - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@004c5de30b6423267685b897a3d595e944f7fed5 # v2.20.2 with: - category: "/language:${{matrix.language}}" + category: "/language:${{matrix.language}}" \ No newline at end of file