|
1 | | -name: PR Checks (Basic Checks and Runner) |
| 1 | +name: PR Checks |
2 | 2 |
|
3 | 3 | on: |
4 | 4 | push: |
@@ -97,388 +97,3 @@ jobs: |
97 | 97 | # we won't be able to find them on Windows. |
98 | 98 | npm config set script-shell bash |
99 | 99 | npm test |
100 | | -
|
101 | | - runner-analyze-javascript-ubuntu: |
102 | | - name: Runner ubuntu JS analyze |
103 | | - needs: [check-js, check-node-modules] |
104 | | - timeout-minutes: 45 |
105 | | - runs-on: ubuntu-latest |
106 | | - |
107 | | - steps: |
108 | | - - uses: actions/checkout@v3 |
109 | | - |
110 | | - - name: Build runner |
111 | | - run: | |
112 | | - cd runner |
113 | | - npm install |
114 | | - npm run build-runner |
115 | | -
|
116 | | - - name: Run init |
117 | | - run: | |
118 | | - # Pass --config-file here, but not for other jobs in this workflow. |
119 | | - # This means we're testing the config file parsing in the runner |
120 | | - # but not slowing down all jobs unnecessarily as it doesn't add much |
121 | | - # testing the parsing on different operating systems and languages. |
122 | | - runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} |
123 | | -
|
124 | | - - name: Run analyze |
125 | | - run: | |
126 | | - runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} |
127 | | - env: |
128 | | - TEST_MODE: true |
129 | | - |
130 | | - runner-analyze-javascript-windows: |
131 | | - name: Runner windows JS analyze |
132 | | - needs: [check-js, check-node-modules] |
133 | | - timeout-minutes: 45 |
134 | | - runs-on: windows-latest |
135 | | - |
136 | | - steps: |
137 | | - - uses: actions/checkout@v3 |
138 | | - |
139 | | - - name: Build runner |
140 | | - run: | |
141 | | - cd runner |
142 | | - npm install |
143 | | - npm run build-runner |
144 | | -
|
145 | | - - name: Run init |
146 | | - run: | |
147 | | - runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages javascript --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} |
148 | | -
|
149 | | - - name: Run analyze |
150 | | - run: | |
151 | | - runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} |
152 | | - env: |
153 | | - TEST_MODE: true |
154 | | - |
155 | | - runner-analyze-javascript-macos: |
156 | | - name: Runner macos JS analyze |
157 | | - needs: [check-js, check-node-modules] |
158 | | - timeout-minutes: 45 |
159 | | - runs-on: macos-latest |
160 | | - |
161 | | - steps: |
162 | | - - uses: actions/checkout@v3 |
163 | | - |
164 | | - - name: Build runner |
165 | | - run: | |
166 | | - cd runner |
167 | | - npm install |
168 | | - npm run build-runner |
169 | | -
|
170 | | - - name: Run init |
171 | | - run: | |
172 | | - runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages javascript --config-file ./.github/codeql/codeql-config.yml --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} |
173 | | -
|
174 | | - - name: Run analyze |
175 | | - run: | |
176 | | - runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} |
177 | | - env: |
178 | | - TEST_MODE: true |
179 | | - |
180 | | - runner-analyze-csharp-ubuntu: |
181 | | - name: Runner ubuntu C# analyze |
182 | | - needs: [check-js, check-node-modules] |
183 | | - timeout-minutes: 45 |
184 | | - runs-on: ubuntu-latest |
185 | | - |
186 | | - steps: |
187 | | - - uses: actions/checkout@v3 |
188 | | - |
189 | | - - name: Move codeql-action |
190 | | - shell: bash |
191 | | - run: | |
192 | | - mkdir ../action |
193 | | - mv * .github ../action/ |
194 | | - mv ../action/tests/multi-language-repo/{*,.github} . |
195 | | - mv ../action/.github/workflows .github |
196 | | -
|
197 | | - - name: Build runner |
198 | | - run: | |
199 | | - cd ../action/runner |
200 | | - npm install |
201 | | - npm run build-runner |
202 | | -
|
203 | | - - name: Run init |
204 | | - run: | |
205 | | - ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} |
206 | | -
|
207 | | - - name: Build code |
208 | | - run: | |
209 | | - . ./codeql-runner/codeql-env.sh |
210 | | - $CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false |
211 | | -
|
212 | | - - name: Run analyze |
213 | | - run: | |
214 | | - ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} |
215 | | - env: |
216 | | - TEST_MODE: true |
217 | | - |
218 | | - runner-analyze-csharp-windows: |
219 | | - name: Runner windows C# analyze |
220 | | - needs: [check-js, check-node-modules] |
221 | | - # Build tracing currently does not support Windows 2022, so use `windows-2019` instead of |
222 | | - # `windows-latest`. |
223 | | - timeout-minutes: 45 |
224 | | - runs-on: windows-2019 |
225 | | - |
226 | | - steps: |
227 | | - - uses: actions/checkout@v3 |
228 | | - |
229 | | - - name: Move codeql-action |
230 | | - shell: bash |
231 | | - run: | |
232 | | - mkdir ../action |
233 | | - mv * .github ../action/ |
234 | | - mv ../action/tests/multi-language-repo/{*,.github} . |
235 | | - mv ../action/.github/workflows .github |
236 | | -
|
237 | | - - name: Build runner |
238 | | - run: | |
239 | | - cd ../action/runner |
240 | | - npm install |
241 | | - npm run build-runner |
242 | | -
|
243 | | - - name: Run init |
244 | | - run: | |
245 | | - ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} |
246 | | -
|
247 | | - - name: Build code |
248 | | - shell: powershell |
249 | | - run: | |
250 | | - cat ./codeql-runner/codeql-env.sh | Invoke-Expression |
251 | | - $Env:CODEQL_EXTRACTOR_CSHARP_ROOT = "" # Unset an environment variable to make sure the tracer resists this |
252 | | - & $Env:CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false |
253 | | -
|
254 | | - - name: Upload tracer logs |
255 | | - uses: actions/upload-artifact@v3 |
256 | | - with: |
257 | | - name: tracer-logs |
258 | | - path: ./codeql-runner/compound-build-tracer.log |
259 | | - |
260 | | - - name: Run analyze |
261 | | - run: | |
262 | | - ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} |
263 | | - env: |
264 | | - TEST_MODE: true |
265 | | - |
266 | | - runner-analyze-csharp-macos: |
267 | | - name: Runner macos C# analyze |
268 | | - timeout-minutes: 45 |
269 | | - needs: [check-js, check-node-modules] |
270 | | - runs-on: macos-latest |
271 | | - |
272 | | - steps: |
273 | | - - uses: actions/checkout@v3 |
274 | | - |
275 | | - - name: Move codeql-action |
276 | | - shell: bash |
277 | | - run: | |
278 | | - mkdir ../action |
279 | | - mv * .github ../action/ |
280 | | - mv ../action/tests/multi-language-repo/{*,.github} . |
281 | | - mv ../action/.github/workflows .github |
282 | | -
|
283 | | - - name: Build runner |
284 | | - run: | |
285 | | - cd ../action/runner |
286 | | - npm install |
287 | | - npm run build-runner |
288 | | -
|
289 | | - - name: Run init |
290 | | - run: | |
291 | | - ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} |
292 | | -
|
293 | | - - name: Build code |
294 | | - shell: bash |
295 | | - run: | |
296 | | - . ./codeql-runner/codeql-env.sh |
297 | | - $CODEQL_RUNNER dotnet build /p:UseSharedCompilation=false |
298 | | -
|
299 | | - - name: Run analyze |
300 | | - run: | |
301 | | - ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} |
302 | | - env: |
303 | | - TEST_MODE: true |
304 | | - |
305 | | - runner-analyze-csharp-autobuild-ubuntu: |
306 | | - name: Runner ubuntu autobuild C# analyze |
307 | | - timeout-minutes: 45 |
308 | | - needs: [check-js, check-node-modules] |
309 | | - runs-on: ubuntu-latest |
310 | | - |
311 | | - steps: |
312 | | - - uses: actions/checkout@v3 |
313 | | - |
314 | | - - name: Move codeql-action |
315 | | - shell: bash |
316 | | - run: | |
317 | | - mkdir ../action |
318 | | - mv * .github ../action/ |
319 | | - mv ../action/tests/multi-language-repo/{*,.github} . |
320 | | - mv ../action/.github/workflows .github |
321 | | -
|
322 | | - - name: Build runner |
323 | | - run: | |
324 | | - cd ../action/runner |
325 | | - npm install |
326 | | - npm run build-runner |
327 | | -
|
328 | | - - name: Run init |
329 | | - run: | |
330 | | - ../action/runner/dist/codeql-runner-linux init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} |
331 | | -
|
332 | | - - name: Build code |
333 | | - run: | |
334 | | - ../action/runner/dist/codeql-runner-linux autobuild |
335 | | -
|
336 | | - - name: Run analyze |
337 | | - run: | |
338 | | - ../action/runner/dist/codeql-runner-linux analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} |
339 | | - env: |
340 | | - TEST_MODE: true |
341 | | - |
342 | | - runner-analyze-csharp-autobuild-windows: |
343 | | - timeout-minutes: 45 |
344 | | - name: Runner windows autobuild C# analyze |
345 | | - needs: [check-js, check-node-modules] |
346 | | - # Build tracing currently does not support Windows 2022, so use `windows-2019` instead of |
347 | | - # `windows-latest`. |
348 | | - runs-on: windows-2019 |
349 | | - |
350 | | - steps: |
351 | | - - uses: actions/checkout@v3 |
352 | | - |
353 | | - - name: Move codeql-action |
354 | | - shell: bash |
355 | | - run: | |
356 | | - mkdir ../action |
357 | | - mv * .github ../action/ |
358 | | - mv ../action/tests/multi-language-repo/{*,.github} . |
359 | | - mv ../action/.github/workflows .github |
360 | | -
|
361 | | - - name: Build runner |
362 | | - run: | |
363 | | - cd ../action/runner |
364 | | - npm install |
365 | | - npm run build-runner |
366 | | -
|
367 | | - - name: Run init |
368 | | - run: | |
369 | | - ../action/runner/dist/codeql-runner-win.exe init --repository $Env:GITHUB_REPOSITORY --languages csharp --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} |
370 | | -
|
371 | | - - name: Build code |
372 | | - shell: powershell |
373 | | - run: | |
374 | | - ../action/runner/dist/codeql-runner-win.exe autobuild |
375 | | -
|
376 | | - - name: Run analyze |
377 | | - run: | |
378 | | - ../action/runner/dist/codeql-runner-win.exe analyze --repository $Env:GITHUB_REPOSITORY --commit $Env:GITHUB_SHA --ref $Env:GITHUB_REF --github-url $Env:GITHUB_SERVER_URL --github-auth ${{ github.token }} |
379 | | - env: |
380 | | - TEST_MODE: true |
381 | | - |
382 | | - runner-analyze-csharp-autobuild-macos: |
383 | | - name: Runner macos autobuild C# analyze |
384 | | - needs: [check-js, check-node-modules] |
385 | | - runs-on: macos-latest |
386 | | - timeout-minutes: 45 |
387 | | - |
388 | | - steps: |
389 | | - - uses: actions/checkout@v3 |
390 | | - |
391 | | - - name: Move codeql-action |
392 | | - shell: bash |
393 | | - run: | |
394 | | - mkdir ../action |
395 | | - mv * .github ../action/ |
396 | | - mv ../action/tests/multi-language-repo/{*,.github} . |
397 | | - mv ../action/.github/workflows .github |
398 | | -
|
399 | | - - name: Build runner |
400 | | - run: | |
401 | | - cd ../action/runner |
402 | | - npm install |
403 | | - npm run build-runner |
404 | | -
|
405 | | - - name: Run init |
406 | | - run: | |
407 | | - ../action/runner/dist/codeql-runner-macos init --repository $GITHUB_REPOSITORY --languages csharp --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} |
408 | | -
|
409 | | - - name: Build code |
410 | | - shell: bash |
411 | | - run: | |
412 | | - . codeql-runner/codeql-env.sh |
413 | | - CODEQL_RUNNER="$(cat codeql-runner/codeql-env.json | jq -r '.CODEQL_RUNNER')" |
414 | | - echo "$CODEQL_RUNNER" |
415 | | - $CODEQL_RUNNER ../action/runner/dist/codeql-runner-macos autobuild |
416 | | -
|
417 | | - - name: Run analyze |
418 | | - run: | |
419 | | - ../action/runner/dist/codeql-runner-macos analyze --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} |
420 | | - env: |
421 | | - TEST_MODE: true |
422 | | - |
423 | | - runner-upload-sarif: |
424 | | - name: Runner upload sarif |
425 | | - needs: [check-js, check-node-modules] |
426 | | - runs-on: ubuntu-latest |
427 | | - timeout-minutes: 45 |
428 | | - |
429 | | - if: ${{ github.event_name != 'pull_request' || github.event.pull_request.base.repo.id == github.event.pull_request.head.repo.id }} |
430 | | - |
431 | | - steps: |
432 | | - - uses: actions/checkout@v3 |
433 | | - |
434 | | - - name: Build runner |
435 | | - run: | |
436 | | - cd runner |
437 | | - npm install |
438 | | - npm run build-runner |
439 | | -
|
440 | | - - name: Upload with runner |
441 | | - run: | |
442 | | - # Deliberately don't use TEST_MODE here. This is specifically testing |
443 | | - # the compatibility with the API. |
444 | | - runner/dist/codeql-runner-linux upload --sarif-file src/testdata/empty-sarif.sarif --repository $GITHUB_REPOSITORY --commit $GITHUB_SHA --ref $GITHUB_REF --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} |
445 | | -
|
446 | | - runner-extractor-ram-threads-options: |
447 | | - name: Runner ubuntu extractor RAM and threads options |
448 | | - needs: [check-js, check-node-modules] |
449 | | - runs-on: ubuntu-latest |
450 | | - timeout-minutes: 45 |
451 | | - |
452 | | - steps: |
453 | | - - uses: actions/checkout@v3 |
454 | | - |
455 | | - - name: Build runner |
456 | | - run: | |
457 | | - cd runner |
458 | | - npm install |
459 | | - npm run build-runner |
460 | | -
|
461 | | - - name: Run init |
462 | | - run: | |
463 | | - runner/dist/codeql-runner-linux init --ram=230 --threads=1 --repository $GITHUB_REPOSITORY --languages java --github-url $GITHUB_SERVER_URL --github-auth ${{ github.token }} |
464 | | -
|
465 | | - - name: Assert Results |
466 | | - shell: bash |
467 | | - run: | |
468 | | - . ./codeql-runner/codeql-env.sh |
469 | | - if [ "${CODEQL_RAM}" != "230" ]; then |
470 | | - echo "CODEQL_RAM is '${CODEQL_RAM}' instead of 230" |
471 | | - exit 1 |
472 | | - fi |
473 | | - if [ "${CODEQL_EXTRACTOR_JAVA_RAM}" != "230" ]; then |
474 | | - echo "CODEQL_EXTRACTOR_JAVA_RAM is '${CODEQL_EXTRACTOR_JAVA_RAM}' instead of 230" |
475 | | - exit 1 |
476 | | - fi |
477 | | - if [ "${CODEQL_THREADS}" != "1" ]; then |
478 | | - echo "CODEQL_THREADS is '${CODEQL_THREADS}' instead of 1" |
479 | | - exit 1 |
480 | | - fi |
481 | | - if [ "${CODEQL_EXTRACTOR_JAVA_THREADS}" != "1" ]; then |
482 | | - echo "CODEQL_EXTRACTOR_JAVA_THREADS is '${CODEQL_EXTRACTOR_JAVA_THREADS}' instead of 1" |
483 | | - exit 1 |
484 | | - fi |
0 commit comments