diff options
author | Davide Beatrici <git@davidebeatrici.dev> | 2020-08-14 04:06:46 +0300 |
---|---|---|
committer | Davide Beatrici <git@davidebeatrici.dev> | 2020-08-15 00:02:56 +0300 |
commit | 501b95f6e43291e825a33e99e6c2860dd344ed7d (patch) | |
tree | 1cc49a9607870b2c8e4e4067794b70b5a9cd9473 | |
parent | b7e8db2ad12e52af2f0993b8f2438fb9da5e17a6 (diff) |
MAINT(github-actions): add CodeQL workflowcodeql-analysis
From LGTM's author:
"The CodeQL technology under the hood is exactly the same, and the results are more integrated. What will be interesting to you: the analysis runs on GitHub Actions. It's therefore much easier to customise the build environment!"
-rw-r--r-- | .github/workflows/codeql-analysis.yml | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 000000000..df1d64990 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,47 @@ +name: "CodeQL" + +on: + push: + branches: [master] + pull_request: + branches: [master] + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + with: + # We must fetch at least the immediate parents so that if this is + # a pull request then we can checkout the head. + fetch-depth: 2 + + # If this run was triggered by a pull request event, then checkout + # the head of the pull request instead of the merge commit. + - run: git checkout HEAD^2 + if: ${{ github.event_name == 'pull_request' }} + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: cpp, python + + - run: | + sudo apt install build-essential g++-multilib ninja-build pkg-config \ + qt5-default qttools5-dev qttools5-dev-tools libqt5svg5-dev \ + libboost-dev libssl-dev libprotobuf-dev protobuf-compiler \ + libcap-dev libxi-dev \ + libasound2-dev libpulse-dev \ + libogg-dev libsndfile1-dev libspeechd-dev \ + libavahi-compat-libdnssd-dev libzeroc-ice-dev + git submodule update --init --recursive + mkdir build && cd build + cmake -G Ninja -DCMAKE_BUILD_TYPE=Release -DBUILD_TESTING=ON .. + cmake --build . + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 |