CodeQL #899
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CodeQL" | |
| on: | |
| push: | |
| branches: [ master ] | |
| pull_request: | |
| # The branches below must be a subset of the branches above | |
| branches: [ master ] | |
| schedule: | |
| - cron: '26 11 * * 5' | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| env: | |
| VCPKG_DEFAULT_BINARY_CACHE: ${{github.workspace}}/vcpkg_binary_cache | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.sha }} | |
| cancel-in-progress: true | |
| jobs: | |
| analyze-cpp: | |
| name: Analyze C++ | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| with: | |
| submodules: recursive | |
| - run: git -C ${{ github.workspace }}/ext_libs/vcpkg fetch --unshallow | |
| - uses: lukka/get-cmake@latest | |
| - run: echo "VCPKG_COMMIT=$(git rev-parse :ext_libs/vcpkg)" >> $GITHUB_ENV | |
| shell: bash | |
| - run: mkdir -p ${{ env.VCPKG_DEFAULT_BINARY_CACHE }} | |
| - uses: actions/cache@v3 | |
| env: | |
| cache-name: vcpkg-cache | |
| with: | |
| path: ${{ env.VCPKG_DEFAULT_BINARY_CACHE }}/* | |
| key: ubuntu-latest-build-${{ env.cache-name }}-${{ hashFiles('vcpkg.json') }}-${{ env.VCPKG_COMMIT }}" | |
| - uses: lukka/run-vcpkg@v10 | |
| with: | |
| vcpkgDirectory: '${{ github.workspace }}/ext_libs/vcpkg' | |
| vcpkgJsonGlob: "${{ github.workspace }}/vcpkg.json" | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v2 | |
| with: | |
| languages: cpp | |
| config-file: ./.github/codeql/codeql-config.yml | |
| - name: Configure | |
| run: > | |
| cmake -S . -B build -G Ninja | |
| -DCMAKE_BUILD_TYPE=Debug | |
| -DCMAKE_TOOLCHAIN_FILE="${{ github.workspace }}/ext_libs/vcpkg/scripts/buildsystems/vcpkg.cmake" | |
| -DFMT_SYS_DEP=ON | |
| -DSPDLOG_SYS_DEP=ON | |
| -DBUILD_TESTING=OFF | |
| - name: Build | |
| run: | | |
| cmake --build build | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v2 | |
| analyze-python: | |
| name: Analyze Python bindings | |
| container: | |
| image: vowpalwabbit/ubuntu2004-dev:latest | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| with: | |
| submodules: recursive | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v2 | |
| with: | |
| languages: python | |
| config-file: ./.github/codeql/codeql-config.yml | |
| - name: Install python pip | |
| shell: bash | |
| run: | | |
| apt update | |
| apt install -y python3-pip | |
| - name: Autobuild Python | |
| uses: github/codeql-action/autobuild@v2 | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v2 | |
| analyze-csharp: | |
| name: Analyze CSharp bindings | |
| runs-on: windows-latest | |
| env: | |
| VCPKG_ROOT: ${{ github.workspace }}/ext_libs/vcpkg | |
| VCPKG_DEFAULT_BINARY_CACHE: ${{github.workspace}}/vcpkg_binary_cache | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| with: | |
| submodules: recursive | |
| - run: git -C ${{ github.workspace }}/ext_libs/vcpkg fetch --unshallow | |
| - name: Setup MSVC Developer Command Prompt | |
| uses: ilammy/msvc-dev-cmd@v1 | |
| - uses: lukka/get-cmake@latest | |
| - name: Install dotnet t4 | |
| run: dotnet tool install --global dotnet-t4 | |
| - run: echo "VCPKG_COMMIT=$(git rev-parse :ext_libs/vcpkg)" >> $GITHUB_ENV | |
| shell: bash | |
| - run: mkdir -p ${{ env.VCPKG_DEFAULT_BINARY_CACHE }} | |
| - uses: actions/cache@v3 | |
| env: | |
| cache-name: vcpkg-cache | |
| with: | |
| path: ${{ env.VCPKG_DEFAULT_BINARY_CACHE }}/* | |
| key: ubuntu-latest-build-${{ env.cache-name }}-${{ hashFiles('vcpkg.json') }}-${{ env.VCPKG_COMMIT }}" | |
| - uses: lukka/run-vcpkg@v10 | |
| with: | |
| vcpkgDirectory: '${{ github.workspace }}/ext_libs/vcpkg' | |
| vcpkgJsonGlob: "${{ github.workspace }}/vcpkg.json" | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v2 | |
| with: | |
| languages: csharp | |
| config-file: ./.github/codeql/codeql-config.yml | |
| - name: Configure | |
| run: > | |
| cmake -S . -B build -G Ninja | |
| -DCMAKE_BUILD_TYPE=Debug | |
| -DCMAKE_TOOLCHAIN_FILE="${{ github.workspace }}/ext_libs/vcpkg/scripts/buildsystems/vcpkg.cmake" | |
| -DFMT_SYS_DEP=ON | |
| -DSPDLOG_SYS_DEP=ON | |
| -Drlclientlib_BUILD_DOTNET=ON | |
| - name: Build | |
| run: | | |
| cmake --build build | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v2 |