Testing - Limit for MacOS on GH #149 #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow performs code analysis using both CodeQL and Microsoft C++ Code Analysis. | |
# It is triggered on pushes to the 'master' branch and publishes warnings into the security GitHub tab. | |
# The workflow includes two jobs: one for CodeQL analysis on Ubuntu and another for MSVC Code Analysis on Windows. | |
name: Code Analysis | |
on: | |
push: | |
branches: | |
- 'master' | |
permissions: | |
contents: read | |
security-events: write | |
packages: read | |
env: | |
# Path to the CMake build directory. | |
build: '${{ github.workspace }}/build' | |
config: 'Debug' | |
jobs: | |
codeql-analyze: | |
name: CodeQL Analyze (C/C++) | |
runs-on: ubuntu-latest | |
steps: | |
# Step: Checkout the repository | |
- name: Checkout repository | |
uses: actions/[email protected] | |
# Step: Install necessary dependencies for building the project | |
- name: Install dependencies | |
run: sudo apt-get update && sudo apt-get install -y tcl-dev tk-dev cmake gcc g++ make libbtbb-dev libx11-dev libglu1-mesa-dev | |
# Step: Initialize CodeQL for scanning | |
- name: Initialize CodeQL | |
uses: github/codeql-action/[email protected] | |
with: | |
languages: c-cpp | |
build-mode: manual | |
# Step: Build the project using CMake and Make | |
- name: Build project | |
shell: bash | |
run: | | |
mkdir -p build | |
cd build | |
cmake -G "Unix Makefiles" \ | |
-D CMAKE_C_COMPILER=gcc \ | |
-D CMAKE_CXX_COMPILER=g++ \ | |
-D USE_FREETYPE=OFF \ | |
-D CMAKE_BUILD_TYPE=Release .. | |
make -j$(nproc) | |
# Step: Perform CodeQL Analysis | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/[email protected] | |
with: | |
category: "/language:c-cpp" | |
msvc-analyze: | |
name: Microsoft C++ Code Analysis | |
runs-on: windows-latest | |
steps: | |
# Step: Checkout the repository | |
- name: Checkout repository | |
uses: actions/[email protected] | |
# Step: Install necessary dependencies using Chocolatey | |
- name: Install dependencies | |
run: | | |
choco install cmake --installargs 'ADD_CMAKE_TO_PATH=System' -y | |
choco install magicsplat-tcl-tk -y | |
# Step: Configure the project using CMake | |
- name: Configure CMake | |
run: | | |
mkdir build | |
cd build | |
cmake -D USE_FREETYPE=OFF -DCMAKE_BUILD_TYPE=${{ env.config }} .. | |
# Step: Run MSVC Code Analysis | |
- name: Run MSVC Code Analysis | |
uses: microsoft/[email protected] | |
id: run-analysis | |
with: | |
cmakeBuildDirectory: ${{ env.build }} | |
buildConfiguration: ${{ env.config }} | |
ruleset: NativeRecommendedRules.ruleset | |
# Step: Upload SARIF file to GitHub Code Scanning Alerts | |
- name: Upload SARIF to GitHub | |
uses: github/codeql-action/[email protected] | |
with: | |
sarif_file: ${{ steps.run-analysis.outputs.sarif }} |