Mercurial > octave

view .github/workflows/codeql-analysis.yaml @ 31232:adfbd487d0f6 stable

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
GitHub-CI (CodeQL): Update to CodeQL action version v2. * .github/workflows/codeql-analysis.yaml: CodeQL action version v1 is deprecated. Update to CodeQL action version v2. See: https://github.blog/changelog/2022-04-27-code-scanning-deprecation-of-codeql-action-v1/
author Markus Mützel <markus.muetzel@gmx.de>
date Mon, 19 Sep 2022 13:13:31 +0200
parents 0ffe2f9a19f3
children 8b869c5d6ce8
line wrap: on
line source

name: "CodeQL"

on:
  schedule:
    # Run job every Monday and Thursday at 16:30 UTC
    - cron: '30 16 * * 1,4'

jobs:
  ubuntu:
    name: CodeQL analysis (Ubuntu)
    runs-on: ubuntu-latest

    strategy:
      fail-fast: false
      matrix:
        # Override automatic language detection by changing the below list
        # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
        language: ['cpp']
        # Learn more...
        # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection

    steps:
      - name: checkout repository
        uses: actions/checkout@v3

      - name: install dependencies
        run: |
          sudo apt -qq update
          sudo apt install -y autoconf automake bison dvipng epstool fig2dev \
            flex g++ gcc gfortran gnuplot-x11 gperf gzip icoutils \
            libarpack2-dev libblas-dev libcurl4-gnutls-dev libfftw3-dev \
            libfltk1.3-dev libfontconfig1-dev libfreetype6-dev \
            libgl1-mesa-dev libgl2ps-dev libglpk-dev libgraphicsmagick++1-dev \
            libhdf5-dev liblapack-dev libosmesa6-dev libpcre3-dev \
            libqhull-dev libqscintilla2-qt5-dev libqrupdate-dev \
            libreadline-dev librsvg2-bin libsndfile1-dev libsuitesparse-dev \
            libsundials-dev libtool libxft-dev make openjdk-8-jdk \
            perl portaudio19-dev pstoedit qtbase5-dev qttools5-dev \
            qttools5-dev-tools rapidjson-dev rsync tar zlib1g-dev

      - name: bootstrap
        run: ./bootstrap

      - name: configure
        run: |
          mkdir .build
          cd .build && ../configure \
            CPPFLAGS="-I/usr/include/hdf5/serial -I/usr/include/suitesparse" \
            LDFLAGS="-L/usr/lib/$(dpkg-architecture -qDEB_HOST_MULTIARCH)/hdf5/serial" \
            --disable-docs

      - name: initialize CodeQL
        # Initialize the CodeQL tools for scanning.
        uses: github/codeql-action/init@v2
        with:
          languages: ${{ matrix.language }}
          # If you wish to specify custom queries, you can do so here or in a config file.
          # By default, queries listed here will override any specified in a config file.
          # Prefix the list here with "+" to use these queries and those in the config file.
          # queries: ./path/to/local/query, your-org/your-repo/queries@main

      - name: build
        run: make -C ./.build all -j2 V=1

      - name: perform CodeQL analysis
        uses: github/codeql-action/analyze@v2


  windows:
    name: CodeQL analysis (Windows)
    runs-on: windows-2019

    defaults:
      run:
        # Use MSYS2 as default shell
        shell: msys2 {0}

    strategy:
      fail-fast: false
      matrix:
        # Override automatic language detection by changing the below list
        # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
        language: ['cpp']
        # Learn more...
        # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
        msystem: ['MINGW64']
        include:
          - msystem: 'MINGW64'
            target-prefix: 'mingw-w64-x86_64'
            target-triplet: 'x86_64-w64-mingw32'

    env:
      CHERE_INVOKING: 1
      TARGET_TRIPLET:  ${{ matrix.target-triplet }}
      # perl uses cmd shell by default
      PERL5SHELL: bash -l -c

    steps:
      - uses: msys2/setup-msys2@v2
        with:
          update: true

          # Use pre-installed version to save disc space on partition with source.
          # We need that space for building.
          release: false

          # The packages are listed in (alphabetically sorted) blocks:
          # The first block is for mandatory dependencies.
          # The second block is for optional dependencies needed when building from a release tarball.
          # The third block is for additional dependencies needed when building from a repository checkout.
          install: >-
            base-devel
            ${{ matrix.target-prefix }}-autotools
            ${{ matrix.target-prefix }}-toolchain
            ${{ matrix.target-prefix }}-lapack
            ${{ matrix.target-prefix }}-openblas
            ${{ matrix.target-prefix }}-pcre

            ${{ matrix.target-prefix }}-arpack
            ${{ matrix.target-prefix }}-curl
            ${{ matrix.target-prefix }}-fftw
            ${{ matrix.target-prefix }}-fltk
            ${{ matrix.target-prefix }}-gl2ps
            ${{ matrix.target-prefix }}-glpk
            ${{ matrix.target-prefix }}-ghostscript
            ${{ matrix.target-prefix }}-gnuplot
            ${{ matrix.target-prefix }}-graphicsmagick
            ${{ matrix.target-prefix }}-hdf5
            ${{ matrix.target-prefix }}-libsndfile
            ${{ matrix.target-prefix }}-portaudio
            ${{ matrix.target-prefix }}-qhull
            ${{ matrix.target-prefix }}-qrupdate
            ${{ matrix.target-prefix }}-qscintilla
            ${{ matrix.target-prefix }}-qt5
            ${{ matrix.target-prefix }}-rapidjson
            ${{ matrix.target-prefix }}-suitesparse
            ${{ matrix.target-prefix }}-sundials

            git
            ${{ matrix.target-prefix }}-ccache
            ${{ matrix.target-prefix }}-icoutils
            ${{ matrix.target-prefix }}-librsvg
            texinfo

          msystem: ${{ matrix.msystem }}

      - name: checkout repository
        uses: actions/checkout@v3

      - name: bootstrap
        run: ./bootstrap

      - name: configure
        # configure sometimes hangs while compiling 32bit Fortran.
        # It should take much less than 30 minutes. Cancel the step if it takes longer.
        timeout-minutes: 30
        # FIXME: Fix building with Java support. Override JAVA_HOME for now.
        # FIXME: How do we get a working TeX environment in MSYS2? Disable building the documentation for now.
        # Linking with ncurses fails. Use termcap library instead.
        run: |
          mkdir .build
          cd .build && ../configure \
            JAVA_HOME="" \
            --disable-docs \
            ac_cv_search_tputs=-ltermcap

      - name: initialize CodeQL
        # Initialize the CodeQL tools for scanning.
        uses: github/codeql-action/init@v2
        with:
          languages: ${{ matrix.language }}
          # If you wish to specify custom queries, you can do so here or in a config file.
          # By default, queries listed here will override any specified in a config file.
          # Prefix the list here with "+" to use these queries and those in the config file.
          # queries: ./path/to/local/query, your-org/your-repo/queries@main

      - name: build
        # Spawning processes seems to have a big overhead on this platform.
        # Use a somewhat larger number of parallel processes to compensate for that.
        run: make -C ./.build all -j8 V=1

      - name: perform CodeQL analysis
        uses: github/codeql-action/analyze@v2