8000 Small updates to workflow · advanced-security/gh-codeql-scan@cf7a1a5 · GitHub
[go: up one dir, main page]
Skip to content

Commit

Permalink
Small updates to workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
@GeekMasher
GeekMasher committed Mar 7, 2023
1 parent f4846fa commit cf7a1a5
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 8 deletions.
11 changes: 6 additions & 5 deletions bin/codeql-analyze
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,11 @@ info "Analyzing CodeQL Databases :: $CODEQL_DATABASE_PATHS"
for CODEQL_DATABASE in $CODEQL_DATABASE_PATHS ; do
CODEQL_DATABASE_NAME="$(basename $CODEQL_DATABASE)"
CODEQL_LANGUAGE=$(cat $CODEQL_DATABASE/codeql-database.yml | grep primaryLanguage | cut -d ":" -f 2 | tr -d ' ' | tr -d '"')
CODEQL_SARIF="${CODEQL_RESULTS}/${CODEQL_LANGUAGE}.sarif"
CODEQL_SARIF="${CODEQL_RESULTS}/${CODEQL_DATABASE_NAME}.sarif"

echo "CodeQL Database Path :: $CODEQL_DATABASE"
echo "CodeQL Database Name :: $CODEQL_DATABASE_NAME"
echo "CodeQL Language :: $CODEQL_LANGUAGE"
info "CodeQL Database Path :: $CODEQL_DATABASE"
info "CodeQL Database Name :: $CODEQL_DATABASE_NAME"
info "CodeQL Language :: $CODEQL_LANGUAGE"

# For tracing
# TODO: this might produce an error if the data is already finalized
Expand All @@ -52,6 +52,7 @@ for CODEQL_DATABASE in $CODEQL_DATABASE_PATHS ; do
--sarif-category="${DATABASE}" \
--output=$CODEQL_SARIF \
${CODEQL_DATABASE}
# ${CODEQL_LANGUAGE}-code-scanning.qls

echo "CodeQL SARIF Output :: $CODEQL_SARIF"
info "CodeQL SARIF Output :: $CODEQL_SARIF"
done
2 changes: 1 addition & 1 deletion bin/codeql-init
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,7 @@ for CODEQL_LANGUAGE in ${CODEQL_LANGUAGES//,/ } ; do
CODEQL_CREATE="$CODEQL_CREATE $CODEQL_DATABASE"
fi

info "CodeQL Create Command :: $CODEQL_CREATE"
debug "CodeQL Create Command :: $CODEQL_CREATE"
eval $CODEQL_CREATE

if [ "$CODEQL_TRACING" = "1" ] && [ -z ${BUILD_COMMAND+x} ] && [[ "$CODEQL_LANGUAGE" =~ ^(cpp|csharp|java|go)$ ]]; then
Expand Down
4 changes: 2 additions & 2 deletions gh-codeql-scan
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,9 +165,9 @@ elif [ $MODE = "scan" ]; then
debug "Disable build tracing as it can not be used in this mode"
export CODEQL_TRACING=0

$EXTENSION_LOCATION/bin/codeql-init --auto-detect
$EXTENSION_LOCATION/bin/codeql-init $@

$EXTENSION_LOCATION/bin/codeql-analyze
$EXTENSION_LOCATION/bin/codeql-analyze $@

if [ "$GITHUB_UPLOAD" = "1" ]; then
echo "Uploading results to GitHub..."
Expand Down

0 comments on commit cf7a1a5

Please sign in to comment.
0