Skip to content

CodeQL

CodeQL #353

name: "CodeQL"
on:
workflow_dispatch: # Allows you to run this workflow manually from the Actions tab
push:
branches: [ master ]
paths-ignore:
- '.github/workflows/deploy-site.yml'
- 'Docs/**'
- 'Site/**'
pull_request:
# The branches below must be a subset of the branches above.
branches: [ master ]
paths-ignore:
- '.github/workflows/deploy-site.yml'
- 'Docs/**'
- 'Site/**'
schedule:
- cron: '41 18 * * 1'
jobs:
analyze:
name: Analyze
permissions:
actions: read
contents: read
security-events: write
# GUI samples can only be built on Windows.
runs-on: windows-latest
# Parallelize CodeQL building and analysis for performance reasons.
strategy:
fail-fast: false
matrix:
solution: [Src/ILGPU.sln, Samples/ILGPU.Samples.sln]
framework: [net6.0, net7.0, net8.0]
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup the latest .NET 8 SDK
uses: actions/[email protected]
with:
dotnet-version: 8.0.x
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: csharp
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
# Build solution 'manually' in order to parallelize.
# Shared compilation has to be disabled for CodeQL to properly trace the build.
# We use project-level properties to trick the build into building for a given TFM.
- name: Build solution
shell: pwsh
run: |
$LibraryTargetFrameworks=$LibraryUnitTestTargetFrameworks=$LibrarySamplesTargetFrameworks=$LibrarySamplesTargetFrameworksWindows="${{ matrix.framework }}"
Switch($LibrarySamplesTargetFrameworks)
{
"net6.0" { $LibrarySamplesTargetFrameworksWindows="net6.0-windows" }
"net7.0" { $LibrarySamplesTargetFrameworksWindows="net7.0-windows" }
"net8.0" { $LibrarySamplesTargetFrameworksWindows="net8.0-windows" }
}
dotnet build -p:UseSharedCompilation=false `
-p:LibraryTargetFrameworks=$LibraryTargetFrameworks `
-p:LibraryUnitTestTargetFrameworks=$LibraryUnitTestTargetFrameworks `
-p:LibrarySamplesTargetFrameworks=$LibrarySamplesTargetFrameworks `
-p:LibrarySamplesTargetFrameworksWindows=$LibrarySamplesTargetFrameworksWindows `
${{ matrix.solution }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3