CodeQL #256
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# @file | |
# GitHub Workflow for CodeQL Analysis | |
# | |
# Copyright (c) Microsoft Corporation. | |
# | |
# SPDX-License-Identifier: BSD-2-Clause-Patent | |
## | |
name: "CodeQL" | |
on: | |
push: | |
branches: | |
- master | |
pull_request: | |
branches: | |
- master | |
paths-ignore: | |
- '**/*.bat' | |
- '**/*.md' | |
- '**/*.py' | |
- '**/*.rst' | |
- '**/*.sh' | |
- '**/*.txt' | |
schedule: | |
# https://crontab.guru/#20_23_*_*_4 | |
- cron: '20 23 * * 4' | |
jobs: | |
analyze: | |
name: Analyze | |
runs-on: windows-2019 | |
permissions: | |
actions: read | |
contents: read | |
security-events: write | |
strategy: | |
fail-fast: false | |
matrix: | |
package: [ | |
"ArmPkg", | |
"CryptoPkg", | |
"DynamicTablesPkg", | |
"FatPkg", | |
"FmpDevicePkg", | |
"IntelFsp2Pkg", | |
"IntelFsp2WrapperPkg", | |
"MdeModulePkg", | |
"MdePkg", | |
"PcAtChipsetPkg", | |
"PrmPkg", | |
"SecurityPkg", | |
"ShellPkg", | |
"SourceLevelDebugPkg", | |
"StandaloneMmPkg", | |
"UefiCpuPkg", | |
"UnitTestFrameworkPkg"] | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Install Python | |
uses: actions/setup-python@v4 | |
with: | |
python-version: '3.10.6' | |
# Initializes the CodeQL tools for scanning. | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v2 | |
with: | |
languages: 'cpp' | |
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] | |
# Learn more about CodeQL language support at https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/ | |
config-file: ./.github/codeql/codeql-config.yml | |
# Note: Add new queries to codeql-config.yml file as they are enabled. | |
- name: Install/Upgrade pip Modules | |
run: pip install -r pip-requirements.txt --upgrade | |
- name: Setup | |
run: stuart_setup -c .pytool/CISettings.py -t DEBUG -a IA32,X64 TOOL_CHAIN_TAG=VS2019 | |
- name: Update | |
run: stuart_update -c .pytool/CISettings.py -t DEBUG -a IA32,X64 TOOL_CHAIN_TAG=VS2019 | |
- name: Build Tools From Source | |
run: python BaseTools/Edk2ToolsBuild.py -t VS2019 | |
- name: CI Build | |
run: stuart_ci_build -c .pytool/CISettings.py -p ${{ matrix.package }} -t DEBUG -a IA32,X64 TOOL_CHAIN_TAG=VS2019 | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v2 |