Fix codeql issues (Main.cpp and Utility.cpp) #26
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CodeQL Analysis | |
on: | |
push: | |
branches: ["main", "releases/**"] | |
paths-ignore: | |
- "*.md" | |
- "**/docs" | |
pull_request: | |
branches: ["main", "releases/**"] | |
paths-ignore: | |
- "*.md" | |
- "**/docs" | |
jobs: | |
sdl_compliance: | |
name: Running SDL Compliance Policy checks (CodeQL) | |
runs-on: windows-latest | |
permissions: | |
actions: read | |
contents: read | |
security-events: write | |
strategy: | |
matrix: | |
include: | |
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] | |
# Learn more about CodeQL language support at https://git.io/codeql-language-support | |
# Analyzes C and C++ code using the commands in `Build C and C++ code` | |
- language: "cpp" | |
build-mode: manual # Or autobuild | |
build-config: Release | |
build-platform: x64 | |
env: | |
BuildConfiguration: Release | |
SolutionPath: 'LogMonitor\LogMonitor.sln' | |
CodeQLResultsDir: "../codeql-results" | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
# We must fetch at least the immediate parents so that if this is | |
# a pull request then we can checkout the head. | |
fetch-depth: 2 | |
- run: git checkout HEAD^2 | |
if: ${{ github.event_name == 'pull_request' }} | |
# https://github.com/marketplace/actions/setup-msbuild#specifying-msbuild-architecture-optional | |
- name: Add msbuild to PATH | |
uses: microsoft/setup-msbuild@v2 | |
with: | |
msbuild-architecture: ${{ matrix.build-platform }} # Default is x86. Options are x86, x64, and arm64 | |
- name: Check solution path | |
run: | | |
if (-not (Test-Path -Path "${{ env.SolutionPath }}" -ErrorAction Continue)) { | |
Throw "Invalid solution path: ${{ env.SolutionPath }}" | |
} | |
Write-Host "Current dir: $PWD" | |
Write-Host "Solution path: ${{ env.SolutionPath }}" | |
Get-ChildItem "${{ env.SolutionPath }}" -ErrorAction Continue | |
# https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/ | |
# https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning | |
# https://github.com/github/codeql-action/blob/main/init/action.yml | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v3 | |
with: | |
languages: ${{ matrix.language }} | |
queries: security-and-quality # Default is "security-extended" | |
build-mode: ${{ matrix.build-mode }} | |
# https://learn.microsoft.com/en-us/visualstudio/msbuild/msbuild-command-line-reference?view=vs-2022#arguments | |
- name: Build LogMonitor | |
run: | | |
msbuild.exe "${{ env.SolutionPath }}" /t:clean | |
msbuild.exe "${{ env.SolutionPath }}" /p:platform="${{ matrix.build-platform }}" /p:configuration="${{ env.BuildConfiguration }}" | |
# https://github.com/github/codeql-action/blob/main/analyze/action.yml | |
# Performs code analysis and uploads results to provided output path. | |
# We therefore do not need to use github/codeql-action/upload-sarif@v3 | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v3 | |
with: | |
# The path of the directory in which to save the SARIF results (../results/cpp.sarif) | |
output: ${{ env.CodeQLResultsDir }} | |
upload: "always" # Options: 'always', 'failure-only', 'never' |