From a658a5be92bc3491706a1077ce709b04d6b94c61 Mon Sep 17 00:00:00 2001 From: blanky Date: Thu, 31 Oct 2024 19:48:33 +0530 Subject: [PATCH 1/5] feat(codeql): adds codeql to build and check the code --- .github/workflows/codeql.yml | 61 ++++++++++++++++++++++++++++++++++++ tests/codeql/build.sh | 14 +++++++++ 2 files changed, 75 insertions(+) create mode 100644 .github/workflows/codeql.yml create mode 100644 tests/codeql/build.sh diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 000000000000..baddf2e9aec8 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,61 @@ +name: "CodeQL" + +on: + push: + branches: ["main"] + pull_request: + branches: ["main"] + schedule: + - cron: "0 0 * * 1" + +permissions: + contents: read + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: ["cpp","python"] + + + steps: + + + - name: Checkout repository + uses: actions/checkout@v4 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + + - name: Autobuild python + if: ${{matrix.language == 'python'}} + uses: github/codeql-action/autobuild@v3 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + + - name: Autobuild cpp + if: ${{matrix.language == 'cpp'}} + run: | + echo "Run, Build Application using script" + chmod +x /tests/codeql/build.sh + ./tests/codeql/build.sh + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" diff --git a/tests/codeql/build.sh b/tests/codeql/build.sh new file mode 100644 index 000000000000..b675f311f962 --- /dev/null +++ b/tests/codeql/build.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +# Install dependencies +sudo apt install -y ninja-build libunwind-dev libboost-fiber-dev libssl-dev \ + autoconf-archive libtool cmake g++ libzstd-dev bison libxml2-dev + +# Clone the Dragonfly repository +git clone --recursive https://github.com/dragonflydb/dragonfly && cd dragonfly + +# Configure the build +./helio/blaze.sh -release + +# Build +cd build-opt && ninja dragonfly From 0b5fa013bd5aa73983c346f28cc575826a120872 Mon Sep 17 00:00:00 2001 From: blanky Date: Thu, 31 Oct 2024 19:59:49 +0530 Subject: [PATCH 2/5] feat(codeql): adds codeql to build and check the code --- .github/workflows/codeql.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index baddf2e9aec8..f856cea76bc2 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -52,8 +52,8 @@ jobs: if: ${{matrix.language == 'cpp'}} run: | echo "Run, Build Application using script" - chmod +x /tests/codeql/build.sh - ./tests/codeql/build.sh + chmod +x tests/codeql/build.sh + tests/codeql/build.sh - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 From 2a94778006842e0716ed028d111ba753c335918d Mon Sep 17 00:00:00 2001 From: Blanky <131886247+BLANKatGITHUB@users.noreply.github.com> Date: Wed, 20 Nov 2024 22:07:09 +0530 Subject: [PATCH 3/5] Update codeql.yml Signed-off-by: Blanky <131886247+BLANKatGITHUB@users.noreply.github.com> --- .github/workflows/codeql.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f856cea76bc2..ee4432d44b21 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -51,9 +51,11 @@ jobs: - name: Autobuild cpp if: ${{matrix.language == 'cpp'}} run: | - echo "Run, Build Application using script" - chmod +x tests/codeql/build.sh - tests/codeql/build.sh + sudo apt install ninja-build libunwind-dev libboost-fiber-dev libssl-dev \ + autoconf-archive libtool cmake g++ libzstd-dev bison libxml2-dev zlib1g-dev + ./helio/blaze.sh -release + cd build-opt && ninja dragonfly + - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 From 7815c073764493971e910556bbf8e465c4343722 Mon Sep 17 00:00:00 2001 From: Blanky <131886247+BLANKatGITHUB@users.noreply.github.com> Date: Wed, 20 Nov 2024 22:21:16 +0530 Subject: [PATCH 4/5] Update codeql.yml Signed-off-by: Blanky <131886247+BLANKatGITHUB@users.noreply.github.com> --- .github/workflows/codeql.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ee4432d44b21..245ac8b206e2 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -31,6 +31,8 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 + with: + submodules: true # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL From f59281c19fe0350ca960b362c0c1a1b9741e1ca6 Mon Sep 17 00:00:00 2001 From: Blanky <131886247+BLANKatGITHUB@users.noreply.github.com> Date: Thu, 21 Nov 2024 21:45:05 +0530 Subject: [PATCH 5/5] feat(codeql): Adds codeql action Signed-off-by: Blanky <131886247+BLANKatGITHUB@users.noreply.github.com> --- tests/codeql/build.sh | 14 -------------- 1 file changed, 14 deletions(-) delete mode 100644 tests/codeql/build.sh diff --git a/tests/codeql/build.sh b/tests/codeql/build.sh deleted file mode 100644 index b675f311f962..000000000000 --- a/tests/codeql/build.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash - -# Install dependencies -sudo apt install -y ninja-build libunwind-dev libboost-fiber-dev libssl-dev \ - autoconf-archive libtool cmake g++ libzstd-dev bison libxml2-dev - -# Clone the Dragonfly repository -git clone --recursive https://github.com/dragonflydb/dragonfly && cd dragonfly - -# Configure the build -./helio/blaze.sh -release - -# Build -cd build-opt && ninja dragonfly