diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml deleted file mode 100644 index 31ed0a0e..00000000 --- a/.github/workflows/codeql.yml +++ /dev/null @@ -1,107 +0,0 @@ -name: "CodeQL" - -on: - push: - branches: [ "master", "devel" ] - pull_request: - branches: [ "devel" ] - -env: - DEFAULT_PACKAGES: libcmocka-dev zlib1g-dev libssh-dev libssl-dev libpam0g-dev libcurl4-openssl-dev - -jobs: - git-branch: - name: Get git branch - runs-on: ubuntu-latest - outputs: - branch-name: ${{ steps.get-git-branch.outputs.branch-name }} - steps: - - id: get-git-branch - run: | - if ${{ github.event_name == 'push' }} - then export GIT_BRANCH=`echo ${{ github.ref }} | cut -d'/' -f 3` - else - export GIT_BRANCH=${{ github.base_ref }} - fi - echo "branch-name=$GIT_BRANCH" >> $GITHUB_OUTPUT - - analyze: - name: Analyze - runs-on: ubuntu-22.04 - needs: git-branch - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ cpp ] - - steps: - - name: Checkout - uses: actions/checkout@main - - - name: Deps-packages - run: | - sudo apt-get update - sudo apt-get install --yes $DEFAULT_PACKAGES - - - name: Deps-libyang - shell: bash - run: | - git clone -b ${{ needs.git-branch.outputs.branch-name }} https://github.com/CESNET/libyang.git - cd libyang - mkdir build - cd build - cmake -DCMAKE_INSTALL_PREFIX=$RUNNER_TEMP -DENABLE_TESTS=OFF .. - make -j2 - sudo make install - - - name: Deps-sysrepo - shell: bash - run: | - git clone -b ${{ needs.git-branch.outputs.branch-name }} https://github.com/sysrepo/sysrepo.git - cd sysrepo - mkdir build - cd build - cmake -DSYSREPO_SUPERUSER_UID=`id -u` -DCMAKE_INSTALL_PREFIX=$RUNNER_TEMP -DCMAKE_INCLUDE_PATH=$RUNNER_TEMP/include -DCMAKE_LIBRARY_PATH=$RUNNER_TEMP/lib -DENABLE_TESTS=OFF .. - make -j2 - sudo make install - - - name: Deps-libnetconf2 - shell: bash - run: | - git clone -b ${{ needs.git-branch.outputs.branch-name }} https://github.com/CESNET/libnetconf2.git - cd libnetconf2 - mkdir build - cd build - cmake -DCMAKE_INSTALL_PREFIX=$RUNNER_TEMP -DCMAKE_INCLUDE_PATH=$RUNNER_TEMP/include -DCMAKE_LIBRARY_PATH=$RUNNER_TEMP/lib -DENABLE_TESTS=OFF .. - make -j2 - sudo make install - - - name: Deps-update-ld-cache - shell: bash - run: sudo ldconfig - - - name: Configure - run: | - mkdir build; cd build - cmake -DCMAKE_PREFIX_PATH=$RUNNER_TEMP -DCMAKE_INCLUDE_PATH=$RUNNER_TEMP/include -DCMAKE_LIBRARY_PATH=$RUNNER_TEMP/lib -DCMAKE_PROGRAM_PATH=$RUNNER_TEMP/bin .. - - - name: Initialize CodeQL - uses: github/codeql-action/init@main - with: - languages: ${{ matrix.language }} - queries: +security-and-quality - - - name: Build cpp - run: | - cd build - make -j2 - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@main - with: - category: "/language:${{ matrix.language }}"