Skip to content

CodeQL Advanced

CodeQL Advanced #20

Workflow file for this run

# Copyright (c) 2024 Marco Fortina
# Distributed under the MIT software license, see the accompanying
# file COPYING or https://www.opensource.org/licenses/mit-license.php.
name: "CodeQL Advanced"
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
schedule:
- cron: '32 13 * * 1'
jobs:
analyze:
name: Analyze (${{ matrix.language }})
runs-on: 'ubuntu-latest'
permissions:
# required for all workflows
security-events: write
# required to fetch internal or private CodeQL packs
packages: read
# only required for workflows in private repositories
actions: read
contents: read
strategy:
fail-fast: false
matrix:
include:
- language: c-cpp
build-mode: manual
steps:
- name: Checkout repository
uses: actions/checkout@v4
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
build-mode: ${{ matrix.build-mode }}
- name: Install build tools
shell: bash
run: |
sudo apt-get install autoconf autoconf-archive autotools-dev automake build-essential cmake git libtool pkg-config
- name: Install dependencies
shell: bash
run: |
sudo apt-get install doxygen libboost-dev libcrypto++-dev
- name: Install Blake3
shell: bash
run: |
git clone https://github.com/BLAKE3-team/BLAKE3.git
cd BLAKE3
git checkout tags/1.5.4
cd c
mkdir build
cd build
cmake ..
make
sudo make install
- name: Install Liboqs
shell: bash
run: |
git clone --recurse-submodules https://github.com/open-quantum-safe/liboqs.git
cd liboqs
git checkout tags/0.11.0
mkdir build
cd build
cmake ..
make
sudo make install
- name: Build C and C++ code
shell: bash
run: |
./autogen.sh
./configure
make
make docs
make test
make distcheck
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{matrix.language}}"