ci(codeql): detect cpp and charp (#1526)

This commit is contained in:
ReenigneArcher 2023-08-12 15:53:45 -04:00 committed by GitHub
parent 9f4f2aa583
commit 3017a405af
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 69 additions and 2 deletions

54
.codeql-prebuild-cpp.sh Normal file
View File

@ -0,0 +1,54 @@
# install dependencies for C++ analysis
sudo apt-get update -y
sudo apt-get install -y \
build-essential \
gcc-10 \
g++-10 \
libappindicator3-dev \
libavdevice-dev \
libboost-filesystem-dev \
libboost-locale-dev \
libboost-log-dev \
libboost-program-options-dev \
libcap-dev \
libcurl4-openssl-dev \
libdrm-dev \
libevdev-dev \
libmfx-dev \
libnuma-dev \
libopus-dev \
libpulse-dev \
libssl-dev \
libva-dev \
libvdpau-dev \
libwayland-dev \
libx11-dev \
libxcb-shm0-dev \
libxcb-xfixes0-dev \
libxcb1-dev \
libxfixes-dev \
libxrandr-dev \
libxtst-dev \
wget
# clean apt cache
sudo apt-get clean
sudo rm -rf /var/lib/apt/lists/*
# Update gcc alias
# https://stackoverflow.com/a/70653945/11214013
sudo update-alternatives --install \
/usr/bin/gcc gcc /usr/bin/gcc-10 100 \
--slave /usr/bin/g++ g++ /usr/bin/g++-10 \
--slave /usr/bin/gcov gcov /usr/bin/gcov-10 \
--slave /usr/bin/gcc-ar gcc-ar /usr/bin/gcc-ar-10 \
--slave /usr/bin/gcc-ranlib gcc-ranlib /usr/bin/gcc-ranlib-10
# Install CUDA
sudo wget \
https://developer.download.nvidia.com/compute/cuda/11.8.0/local_installers/cuda_11.8.0_520.61.05_linux.run \
--progress=bar:force:noscroll -q --show-progress -O /root/cuda.run
sudo chmod a+x /root/cuda.run
sudo /root/cuda.run --silent --toolkit --toolkitpath=/usr --no-opengl-libs --no-man-page --no-drm
sudo rm /root/cuda.run

View File

@ -35,6 +35,8 @@ jobs:
const supported_languages = ['cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift']
const remap_languages = {
'c++': 'cpp',
'c#': 'csharp',
'kotlin': 'java',
'typescript': 'javascript',
}
@ -45,7 +47,7 @@ jobs:
"include": []
}
for (const [key, value] of Object.entries(response.data)) {
for (let [key, value] of Object.entries(response.data)) {
// remap language
if (remap_languages[key.toLowerCase()]) {
console.log(`Remapping language: ${key} to ${remap_languages[key.toLowerCase()]}`)
@ -95,6 +97,8 @@ jobs:
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
submodules: recursive
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
@ -109,8 +113,17 @@ jobs:
# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
# queries: security-extended,security-and-quality
# Pre autobuild
# create a file named .codeql-prebuild-${{ matrix.language }}.sh in the root of your repository
- name: Prebuild
run: |
# check if .qodeql-prebuild-${{ matrix.language }}.sh exists
if [ -f "./.codeql-prebuild-${{ matrix.language }}.sh" ]; then
echo "Running .codeql-prebuild-${{ matrix.language }}.sh"
./.codeql-prebuild-${{ matrix.language }}.sh
fi
# Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
# TODO: If this step fails, then we need to create a method to build the project using an automated method.
- name: Autobuild
uses: github/codeql-action/autobuild@v2