.github/workflows/codeql-x86.yml | 54 ++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 .github/workflows/codeql-x86.yml
Introduce CodeQL support for Xen and analyze the C, Python and Go
files.
Note than when analyzing Python or Go we avoid building the hypervisor
and only build the tools.
Requested-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
---
Changes since v2:
- Remove explicit 'staging' branch checkout.
- Remove explicit query.
- Remove ignored paths.
- Remove 'on schedule' trigger, or else it would be run against the
master branch instead of staging.
Changes since v1:
- Rename to note it's x86 specific right now.
- Merge the ignored path patch.
---
.github/workflows/codeql-x86.yml | 54 ++++++++++++++++++++++++++++++++
1 file changed, 54 insertions(+)
create mode 100644 .github/workflows/codeql-x86.yml
diff --git a/.github/workflows/codeql-x86.yml b/.github/workflows/codeql-x86.yml
new file mode 100644
index 0000000000..6ddd445c79
--- /dev/null
+++ b/.github/workflows/codeql-x86.yml
@@ -0,0 +1,54 @@
+name: CodeQL x86
+
+on:
+ workflow_dispatch:
+ push:
+ branches: [staging]
+
+jobs:
+ analyse:
+
+ strategy:
+ matrix:
+ language: [ 'cpp', 'python', 'go' ]
+
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Install build dependencies
+ run: |
+ sudo apt-get install -y wget git \
+ libbz2-dev build-essential \
+ zlib1g-dev libncurses5-dev iasl \
+ libbz2-dev e2fslibs-dev uuid-dev libyajl-dev \
+ autoconf libtool liblzma-dev \
+ python3-dev golang python-dev libsystemd-dev
+
+ - uses: actions/checkout@v2
+
+ - name: Configure Xen
+ run: |
+ ./configure --with-system-qemu=/bin/true \
+ --with-system-seabios=/bin/true \
+ --with-system-ovmf=/bin/true
+
+ - name: Pre build stuff
+ run: |
+ make -j`nproc` mini-os-dir
+
+ - uses: github/codeql-action/init@v1
+ with:
+ languages: ${{matrix.language}}
+
+ - if: matrix.language == 'cpp'
+ name: Full Build
+ run: |
+ make -j`nproc` build-xen build-tools
+ make -j`nproc` -C extras/mini-os/
+
+ - if: matrix.language == 'python' || matrix.language == 'go'
+ name: Tools Build
+ run: |
+ make -j`nproc` build-tools
+
+ - uses: github/codeql-action/analyze@v1
--
2.35.1
Ping? On Wed, Mar 23, 2022 at 11:18:56AM +0100, Roger Pau Monne wrote: > Introduce CodeQL support for Xen and analyze the C, Python and Go > files. > > Note than when analyzing Python or Go we avoid building the hypervisor > and only build the tools. > > Requested-by: Andrew Cooper <andrew.cooper3@citrix.com> > Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> > --- > Changes since v2: > - Remove explicit 'staging' branch checkout. > - Remove explicit query. > - Remove ignored paths. > - Remove 'on schedule' trigger, or else it would be run against the > master branch instead of staging. > > Changes since v1: > - Rename to note it's x86 specific right now. > - Merge the ignored path patch. > --- > .github/workflows/codeql-x86.yml | 54 ++++++++++++++++++++++++++++++++ > 1 file changed, 54 insertions(+) > create mode 100644 .github/workflows/codeql-x86.yml > > diff --git a/.github/workflows/codeql-x86.yml b/.github/workflows/codeql-x86.yml > new file mode 100644 > index 0000000000..6ddd445c79 > --- /dev/null > +++ b/.github/workflows/codeql-x86.yml > @@ -0,0 +1,54 @@ > +name: CodeQL x86 > + > +on: > + workflow_dispatch: > + push: > + branches: [staging] > + > +jobs: > + analyse: > + > + strategy: > + matrix: > + language: [ 'cpp', 'python', 'go' ] > + > + runs-on: ubuntu-latest > + > + steps: > + - name: Install build dependencies > + run: | > + sudo apt-get install -y wget git \ > + libbz2-dev build-essential \ > + zlib1g-dev libncurses5-dev iasl \ > + libbz2-dev e2fslibs-dev uuid-dev libyajl-dev \ > + autoconf libtool liblzma-dev \ > + python3-dev golang python-dev libsystemd-dev > + > + - uses: actions/checkout@v2 > + > + - name: Configure Xen > + run: | > + ./configure --with-system-qemu=/bin/true \ > + --with-system-seabios=/bin/true \ > + --with-system-ovmf=/bin/true > + > + - name: Pre build stuff > + run: | > + make -j`nproc` mini-os-dir > + > + - uses: github/codeql-action/init@v1 > + with: > + languages: ${{matrix.language}} > + > + - if: matrix.language == 'cpp' > + name: Full Build > + run: | > + make -j`nproc` build-xen build-tools > + make -j`nproc` -C extras/mini-os/ > + > + - if: matrix.language == 'python' || matrix.language == 'go' > + name: Tools Build > + run: | > + make -j`nproc` build-tools > + > + - uses: github/codeql-action/analyze@v1 > -- > 2.35.1 >
© 2016 - 2024 Red Hat, Inc.