Skip to content

Commit

Permalink
Enable CodeQL test on CI. (#284)
Browse files Browse the repository at this point in the history
Signed-off-by: Tao He <linzhu.ht@alibaba-inc.com>
  • Loading branch information
sighingnow authored May 28, 2021
1 parent 5be0d27 commit 3c9133a
Showing 1 changed file with 161 additions and 0 deletions.
161 changes: 161 additions & 0 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,161 @@
# Copyright 2020 Alibaba Group Holding Limited.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

name: CodeQL

on:
push:
branches:
- "!dependabot/**"
pull_request:
branches:
- "!dependabot/**"

jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write

strategy:
fail-fast: false
matrix:
language: [ 'cpp', 'python' ]
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
# Learn more:
# https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed

steps:
- uses: actions/checkout@v2
with:
submodules: true

- name: Generate Summary for Submodules
run: |
git submodule > git-modules.txt
cat git-modules.txt
- name: Cache for cccahe
uses: actions/cache@v2
with:
path: ~/.ccache
key: codeql-build-ccache-${{ matrix.language }}-${{ hashFiles('**/git-modules.txt') }}
restore-keys: |
codeql-build-ccache-${{ matrix.language }}-
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main

- name: Install Dependencies for Linux
if: ${{ matrix.language == 'cpp' }}
run: |
# leverage ccache
export PATH=/usr/lib/ccache:$PATH
# Note:
#
# install libgandiva-dev for workaround for https://issues.apache.org/jira/browse/ARROW-10495
#
# that affects arrow-2.0.0
sudo apt update -y
sudo apt install -y ca-certificates \
ccache \
cmake \
libboost-all-dev \
libbrotli-dev \
libbz2-dev \
libcurl4-openssl-dev \
libgflags-dev \
libgoogle-glog-dev \
libgrpc-dev \
libgrpc++-dev \
libgtest-dev \
liblz4-dev \
libmpich-dev \
libprotobuf-dev \
librdkafka-dev \
libre2-dev \
libsnappy-dev \
libssl-dev \
libunwind-dev \
librdkafka-dev \
libutf8proc-dev \
libz-dev \
libzstd-dev \
lsb-release \
protobuf-compiler-grpc \
python3-pip \
wget
# install apache-arrow
wget https://apache.bintray.com/arrow/$(lsb_release --id --short | tr 'A-Z' 'a-z')/apache-arrow-archive-keyring-latest-$(lsb_release --codename --short).deb
sudo apt install -y -V ./apache-arrow-archive-keyring-latest-$(lsb_release --codename --short).deb
sudo apt update
sudo apt install -y libarrow-dev=3.0.0-1
# install python packages for codegen
sudo pip3 install -U pip
sudo pip3 install libclang parsec setuptools wheel twine
- name: Install libgrape-lite
if: ${{ matrix.language == 'cpp' }}
run: |
# leverage ccache
export PATH=/usr/lib/ccache:$PATH
git clone https://github.com/alibaba/libgrape-lite.git
cd libgrape-lite
mkdir build
cd build
cmake ..
make -j`nproc`
sudo make install
- name: Build for Cpp
if: ${{ matrix.language == 'cpp' }}
run: |
# leverage ccache
export PATH=/usr/lib/ccache:$PATH
mkdir build
cd build
cmake .. -DCMAKE_BUILD_TYPE=Debug \
-DBUILD_SHARED_LIBS=ON \
-DBUILD_VINEYARD_COVERAGE=ON \
-DBUILD_VINEYARD_PYTHON_BINDINGS=ON \
-DBUILD_VINEYARD_BASIC=ON \
-DBUILD_VINEYARD_IO=ON \
-DBUILD_VINEYARD_IO_KAFKA=ON \
-DBUILD_VINEYARD_MIGRATION=ON \
-DBUILD_VINEYARD_TESTS=ON
make -j`nproc`
make vineyard_tests -j`nproc`
make vineyard_client_python -j`nproc`
make ccache-stats
sudo make install
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1

0 comments on commit 3c9133a

Please sign in to comment.