-
Notifications
You must be signed in to change notification settings - Fork 40
141 lines (132 loc) · 4.49 KB
/
codeql-analysis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
name: "CodeQL"
on:
push:
branches: [ master ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ master ]
schedule:
- cron: '26 11 * * 5'
permissions:
actions: read
contents: read
security-events: write
env:
VCPKG_DEFAULT_BINARY_CACHE: ${{github.workspace}}/vcpkg_binary_cache
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.sha }}
cancel-in-progress: true
jobs:
analyze-cpp:
name: Analyze C++
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
submodules: recursive
- run: git -C ${{ github.workspace }}/ext_libs/vcpkg fetch --unshallow
- uses: lukka/get-cmake@latest
- run: echo "VCPKG_COMMIT=$(git rev-parse :ext_libs/vcpkg)" >> $GITHUB_ENV
shell: bash
- run: mkdir -p ${{ env.VCPKG_DEFAULT_BINARY_CACHE }}
- uses: actions/cache@v3
env:
cache-name: vcpkg-cache
with:
path: ${{ env.VCPKG_DEFAULT_BINARY_CACHE }}/*
key: ubuntu-latest-build-${{ env.cache-name }}-${{ hashFiles('vcpkg.json') }}-${{ env.VCPKG_COMMIT }}"
- uses: lukka/run-vcpkg@v10
with:
vcpkgDirectory: '${{ github.workspace }}/ext_libs/vcpkg'
vcpkgJsonGlob: "${{ github.workspace }}/vcpkg.json"
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: cpp
config-file: ./.github/codeql/codeql-config.yml
- name: Configure
run: >
cmake -S . -B build -G Ninja
-DCMAKE_BUILD_TYPE=Debug
-DCMAKE_TOOLCHAIN_FILE="${{ github.workspace }}/ext_libs/vcpkg/scripts/buildsystems/vcpkg.cmake"
-DFMT_SYS_DEP=ON
-DSPDLOG_SYS_DEP=ON
-DBUILD_TESTING=OFF
- name: Build
run: |
cmake --build build
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
analyze-python:
name: Analyze Python bindings
container:
image: vowpalwabbit/ubuntu2004-dev:latest
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
submodules: recursive
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: python
config-file: ./.github/codeql/codeql-config.yml
- name: Install python pip
shell: bash
run: |
apt update
apt install -y python3-pip
- name: Autobuild Python
uses: github/codeql-action/autobuild@v2
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
analyze-csharp:
name: Analyze CSharp bindings
runs-on: windows-latest
env:
VCPKG_ROOT: ${{ github.workspace }}/ext_libs/vcpkg
VCPKG_DEFAULT_BINARY_CACHE: ${{github.workspace}}/vcpkg_binary_cache
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
submodules: recursive
- run: git -C ${{ github.workspace }}/ext_libs/vcpkg fetch --unshallow
- name: Setup MSVC Developer Command Prompt
uses: ilammy/msvc-dev-cmd@v1
- uses: lukka/get-cmake@latest
- name: Install dotnet t4
run: dotnet tool install --global dotnet-t4
- run: echo "VCPKG_COMMIT=$(git rev-parse :ext_libs/vcpkg)" >> $GITHUB_ENV
shell: bash
- run: mkdir -p ${{ env.VCPKG_DEFAULT_BINARY_CACHE }}
- uses: actions/cache@v3
env:
cache-name: vcpkg-cache
with:
path: ${{ env.VCPKG_DEFAULT_BINARY_CACHE }}/*
key: ubuntu-latest-build-${{ env.cache-name }}-${{ hashFiles('vcpkg.json') }}-${{ env.VCPKG_COMMIT }}"
- uses: lukka/run-vcpkg@v10
with:
vcpkgDirectory: '${{ github.workspace }}/ext_libs/vcpkg'
vcpkgJsonGlob: "${{ github.workspace }}/vcpkg.json"
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: csharp
config-file: ./.github/codeql/codeql-config.yml
- name: Configure
run: >
cmake -S . -B build -G Ninja
-DCMAKE_BUILD_TYPE=Debug
-DCMAKE_TOOLCHAIN_FILE="${{ github.workspace }}/ext_libs/vcpkg/scripts/buildsystems/vcpkg.cmake"
-DFMT_SYS_DEP=ON
-DSPDLOG_SYS_DEP=ON
-Drlclientlib_BUILD_DOTNET=ON
- name: Build
run: |
cmake --build build
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2