3c4b35f3c4
contrib, doc, share and qa do not compile production code, skip CodeQL on PRs to save everyone time and GitHub some cpu ticks.
72 lines
1.5 KiB
YAML
72 lines
1.5 KiB
YAML
# CodeQL GH Actions file
|
|
name: CodeQL
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- '*-dev'
|
|
- '*-maint'
|
|
pull_request:
|
|
# The branches below must be a subset of the branches above
|
|
branches:
|
|
- '*-dev'
|
|
paths-ignore:
|
|
- '**/*.md'
|
|
- '**/*.txt'
|
|
- 'contrib'
|
|
- 'doc'
|
|
- 'share'
|
|
- 'qa'
|
|
|
|
jobs:
|
|
analyze:
|
|
name: Analyze
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
actions: read
|
|
contents: read
|
|
security-events: write
|
|
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
language: [ 'cpp' ]
|
|
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Update system
|
|
run: |
|
|
sudo apt-get update --yes
|
|
sudo apt-get install build-essential libtool autotools-dev automake pkg-config bsdmainutils --yes
|
|
|
|
- name: Dependency cache
|
|
uses: actions/cache@v2
|
|
env:
|
|
cache-name: depends
|
|
with:
|
|
path: ./depends/built
|
|
key: codeql-${{ env.cache-name }}-${{ hashFiles('depends/packages/*') }}
|
|
|
|
- name: Build depends
|
|
run: |
|
|
pushd depends
|
|
make -j4 HOST=x86_64-pc-linux-gnu
|
|
popd
|
|
|
|
- name: Initialize CodeQL
|
|
uses: github/codeql-action/init@v1
|
|
with:
|
|
languages: ${{ matrix.language }}
|
|
|
|
- name: Build Dogecoin
|
|
run: |
|
|
./autogen.sh
|
|
./configure --prefix=`pwd`/depends/x86_64-pc-linux-gnu
|
|
make -j4
|
|
|
|
- name: Perform CodeQL Analysis
|
|
uses: github/codeql-action/analyze@v1
|