WIP: Feature-test macros + config header! #346
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "CodeQL" | |
on: | |
push: | |
branches: [ "master" ] | |
pull_request: | |
branches: [ "master" ] | |
schedule: | |
- cron: "33 21 * * 6" | |
jobs: | |
analyze: | |
name: Analyze | |
runs-on: ubuntu-latest | |
permissions: | |
actions: read | |
contents: read | |
security-events: write | |
strategy: | |
fail-fast: false | |
matrix: | |
language: [ python, cpp ] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v2 | |
with: | |
languages: ${{ matrix.language }} | |
queries: +security-and-quality | |
# For some reason, this seems to detect neither the configure script or the | |
# CMake setup. | |
# | |
# - name: Autobuild | |
# uses: github/codeql-action/autobuild@v2 | |
# | |
# Instead, we'll have to build manually: | |
- name: Build | |
run: | | |
gcc --version | |
sudo apt-get install -y postgresql | |
sudo service postgresql start | |
sudo su postgres -c "createuser --createdb $(whoami)" | |
createdb "$(whoami)" | |
# Using clang because currently the gcc build fails with an | |
# address sanitizer (asan) link error. | |
./configure --enable-maintainer-mode --enable-audit --disable-documentation --disable-static CXXFLAGS='-O1 -std=c++17' CXX=clang++ | |
make -j4 check | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v2 | |
with: | |
category: "/language:${{ matrix.language }}" |