From 1f84142915809713c920c8c01ccaca6835bca179 Mon Sep 17 00:00:00 2001 From: Iker Pedrosa Date: Mon, 9 May 2022 16:06:38 +0200 Subject: [PATCH] CI: enable CodeQL analyzer Signed-off-by: Iker Pedrosa --- .github/workflows/static-code-analysis.yml | 38 ++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 .github/workflows/static-code-analysis.yml diff --git a/.github/workflows/static-code-analysis.yml b/.github/workflows/static-code-analysis.yml new file mode 100644 index 00000000..02f296b8 --- /dev/null +++ b/.github/workflows/static-code-analysis.yml @@ -0,0 +1,38 @@ +name: "Static code analysis" +on: + push: + branches: [master] + pull_request: + branches: [master] + schedule: + # Everyday at midnight + - cron: '0 0 * * *' +jobs: + codeql: + runs-on: ubuntu-latest + permissions: + security-events: write + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Install dependencies + id: dependencies + uses: ./.github/actions/install-dependencies + + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: cpp + queries: +security-and-quality + + - name: Configure shadow-utils + run: ./autogen.sh --without-selinux --disable-man + + - name: Build shadow-utils + run: | + PROCESSORS=$(/usr/bin/getconf _NPROCESSORS_ONLN) + make -j$PROCESSORS + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1