Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable GitHub CodeQL static analysis in CI #693

Closed
wants to merge 26 commits into from
Closed

Enable GitHub CodeQL static analysis in CI #693

wants to merge 26 commits into from

Conversation

yadij
Copy link
Contributor

@yadij yadij commented Jul 22, 2020
edited by rousskov
Loading

No description provided.

@kinkie
Copy link
Contributor

kinkie commented Jul 22, 2020

i like this. It would be even better if the commit comment contained links or other explanations about what checks are done.
It would be also nice to know what features are analyzed and what are the libraries included in the ubuntu-latest image on GitHub, so to be more clear about what code paths are tickled.

These are asks, not mandatory. In any case, the more checks the better

kinkie
kinkie previously approved these changes Jul 22, 2020
View reviewed changes
Copy link
Contributor

@kinkie kinkie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's try this

@yadij
Copy link
Contributor Author

yadij commented Jul 22, 2020

I'm not exactly sure about any of the details for this. Approval to use the scanner on Squid sources came through today and what you can see from the "Checks" tab are the logs and artifacts from the scan.

From the build log (Checks -> Analyse -> "..." menu -> Raw Logs) it appears that none of the optional libraries are present. This is just a basic Ubuntu with build chain installed.

@kinkie
Copy link
Contributor

kinkie commented Jul 22, 2020 via email

@rousskov rousskov self-requested a review July 22, 2020 18:49
@yadij yadij changed the title Create codeql-analysis.yml WIP: Create codeql-analysis.yml Jul 23, 2020
@squid-anubis squid-anubis added M-failed-other https://github.com/measurement-factory/anubis#pull-request-labels and removed M-failed-other https://github.com/measurement-factory/anubis#pull-request-labels labels Aug 8, 2020
@squid-anubis squid-anubis added M-failed-other https://github.com/measurement-factory/anubis#pull-request-labels and removed M-failed-other https://github.com/measurement-factory/anubis#pull-request-labels labels Nov 17, 2020
@rousskov rousskov added the S-waiting-for-author author action is expected (and usually required) label Dec 11, 2020
@squid-anubis squid-anubis added M-failed-other https://github.com/measurement-factory/anubis#pull-request-labels and removed M-failed-other https://github.com/measurement-factory/anubis#pull-request-labels labels Jan 14, 2021
@squid-anubis squid-anubis added M-failed-other https://github.com/measurement-factory/anubis#pull-request-labels and removed M-failed-other https://github.com/measurement-factory/anubis#pull-request-labels labels Jan 24, 2021
@squid-anubis squid-anubis added M-failed-other https://github.com/measurement-factory/anubis#pull-request-labels and removed M-failed-other https://github.com/measurement-factory/anubis#pull-request-labels labels May 20, 2023
yadij and others added 4 commits May 23, 2023 03:11
@yadij
Merge branch 'master' into yadij-patch-1
3905849
@yadij @rousskov
Update .github/workflows/default.yaml
e54a713 
had to go with this because the other names have conflicts

Co-authored-by: Alex Rousskov <rousskov@measurement-factory.com>
@yadij @rousskov
Update .github/workflows/default.yaml
a07d6c1 
Co-authored-by: Alex Rousskov <rousskov@measurement-factory.com>
@yadij
Merge branch 'master' into yadij-patch-1
4a74f37
@yadij yadij removed S-waiting-for-author author action is expected (and usually required) M-failed-staging-checks https://github.com/measurement-factory/anubis#pull-request-labels S-waiting-for-PR Closure of other PR(s), current or future, is expected (and usually required) labels Aug 22, 2023
@yadij yadij requested review from rousskov and kinkie August 22, 2023 16:39
@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

rousskov
rousskov reviewed Aug 29, 2023
View reviewed changes
Copy link
Contributor

@rousskov rousskov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left a few suggestions, but I do not insist on further changes.

.github/workflows/default.yaml Show resolved Hide resolved
.github/workflows/default.yaml Show resolved Hide resolved
.github/workflows/default.yaml Outdated Show resolved Hide resolved
@rousskov rousskov added S-waiting-for-author author action is expected (and usually required) S-waiting-for-reviewer ready for review: Set this when requesting a (re)review using GitHub PR Reviewers box labels Aug 29, 2023
yadij and others added 2 commits August 30, 2023 08:19
@yadij @rousskov
Apply suggestions from code review
83a007d 
Co-authored-by: Alex Rousskov <rousskov@measurement-factory.com>
@yadij
Update default.yaml
83c994e
@yadij yadij removed the S-waiting-for-author author action is expected (and usually required) label Aug 29, 2023
kinkie
kinkie approved these changes Aug 29, 2023
View reviewed changes
Copy link
Contributor

@kinkie kinkie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@rousskov rousskov added M-cleared-for-merge https://github.com/measurement-factory/anubis#pull-request-labels and removed S-waiting-for-reviewer ready for review: Set this when requesting a (re)review using GitHub PR Reviewers box labels Aug 29, 2023
squid-anubis pushed a commit that referenced this pull request Aug 30, 2023
@yadij @squid-anubis
Enable GitHub CodeQL static analysis in CI (#693)
4cf4730
@squid-anubis squid-anubis added the M-waiting-staging-checks https://github.com/measurement-factory/anubis#pull-request-labels label Aug 30, 2023
@squid-anubis squid-anubis added M-merged https://github.com/measurement-factory/anubis#pull-request-labels and removed M-waiting-staging-checks https://github.com/measurement-factory/anubis#pull-request-labels M-cleared-for-merge https://github.com/measurement-factory/anubis#pull-request-labels labels Aug 30, 2023
@rousskov rousskov mentioned this pull request Aug 31, 2023
Open
@yadij yadij deleted the yadij-patch-1 branch October 13, 2023 02:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rousskov rousskov rousskov left review comments

@kinkie kinkie kinkie approved these changes

Assignees
No one assigned
Labels
M-merged https://github.com/measurement-factory/anubis#pull-request-labels
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@yadij @kinkie @rousskov @squid-anubis