Skip to content
CodeQL Security Analysis

release v2.1.0 #87

Sign in to view logs

release v2.1.0

release v2.1.0 #87

Workflow file for this run

.github/workflows/codeql.yml at 85f6912
name: "CodeQL Security Analysis"
on:
push:
branches: [ main, develop ]
pull_request:
branches: [ main, develop ]
schedule:
# Run at 2:30 AM UTC every Monday
- cron: '30 2 * * 1'
workflow_dispatch:
jobs:
analyze:
name: Analyze (${{ matrix.language }})
runs-on: ubuntu-latest
timeout-minutes: 360
permissions:
security-events: write
contents: read
actions: read
strategy:
fail-fast: false
matrix:
include:
- language: c-cpp
build-mode: manual
- language: go
build-mode: autobuild
- language: python
build-mode: manual
- language: java-kotlin
build-mode: manual
- language: csharp
build-mode: manual
steps:
- name: Checkout repository
uses: actions/checkout@v6
with:
submodules: recursive
- name: Initialize CodeQL
uses: github/codeql-action/init@v4
with:
languages: ${{ matrix.language }}
config-file: ./.github/codeql/codeql-config.yml
queries: +security-extended,security-and-quality
- name: Build C/C++ Code
if: matrix.language == 'c-cpp'
run: |
sudo apt-get update
sudo apt-get install -y cmake build-essential
# Build and install main library
mkdir -p build
cd build
cmake -DCMAKE_BUILD_TYPE=Release ..
make -j$(nproc)
sudo make install
sudo ldconfig
cd ..
# Build C++ bindings
mkdir -p bindings/cpp/build
cd bindings/cpp/build
cmake -DCMAKE_BUILD_TYPE=Release ..
make -j$(nproc)
- name: Build Python Bindings
if: matrix.language == 'python'
run: |
sudo apt-get update
sudo apt-get install -y cmake build-essential python3-dev python3-pip
# Build and install main library first
mkdir -p build
cd build
cmake -DCMAKE_BUILD_TYPE=Release ..
make -j$(nproc)
sudo make install
sudo ldconfig
cd ..
# Build Python bindings
cd bindings/python
pip3 install --upgrade pip setuptools wheel
pip3 install cython numpy
pip3 install -e .
- name: Setup Java
if: matrix.language == 'java-kotlin'
uses: actions/setup-java@v5
with:
distribution: 'temurin'
java-version: '17'
- name: Build Java Bindings
if: matrix.language == 'java-kotlin'
run: |
sudo apt-get update
sudo apt-get install -y cmake build-essential
# Build and install main library first
mkdir -p build
cd build
cmake -DCMAKE_BUILD_TYPE=Release ..
make -j$(nproc)
sudo make install
sudo ldconfig
cd ..
# Build Java bindings with JNI
cd bindings/java
mkdir -p build
cd build
cmake -DCMAKE_BUILD_TYPE=Release ..
make -j$(nproc)
cd ..
# Build Java code with Gradle
chmod +x gradlew
./gradlew build -x test
- name: Setup .NET
if: matrix.language == 'csharp'
uses: actions/setup-dotnet@v4
with:
dotnet-version: '8.0.x'
- name: Build C# Bindings
if: matrix.language == 'csharp'
run: |
sudo apt-get update
sudo apt-get install -y cmake build-essential
# Build and install main library first
mkdir -p build
cd build
cmake -DCMAKE_BUILD_TYPE=Release ..
make -j$(nproc)
sudo make install
sudo ldconfig
cd ..
# Build C# native wrapper
cd bindings/csharp
mkdir -p build
cd build
cmake -DCMAKE_BUILD_TYPE=Release ..
make -j$(nproc)
cd ..
# Build C# project
dotnet restore LibLpm.sln
dotnet build LibLpm.sln --configuration Release --no-restore
- name: Autobuild
if: matrix.language == 'go'
uses: github/codeql-action/autobuild@v4
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v4
with:
category: "/language:${{ matrix.language }}"
summary:
name: Analysis Summary
runs-on: ubuntu-latest
needs: analyze
if: always()
steps:
- name: Check status
run: |
echo "CodeQL analysis completed"
echo "Status: ${{ needs.analyze.result }}"