Update [email protected]:j3ssie/codeql-docker.git

Author: j3ssie

Dockerfile

@@ -40,7 +40,7 @@ RUN apt-get update && \
 RUN wget -q -O - https://raw.githubusercontent.com/canha/golang-tools-install-script/master/goinstall.sh | bash
 
 # Install latest codeQL
-ENV CODEQL_HOME /opt/codeql-home
+ENV CODEQL_HOME /root/codeql-home
 
 # Get CodeQL verion
 RUN curl --silent "https://api.github.com/repos/github/codeql-cli-binaries/releases/latest" | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/' > /tmp/codeql_version
@@ -62,12 +62,12 @@ RUN CODEQL_VERSION=$(cat /tmp/codeql_version) && \
     unzip /tmp/codeql_linux.zip -d ${CODEQL_HOME} && \
     rm /tmp/codeql_linux.zip
 
-ENV PATH="${CODEQL_HOME}/codeql:${PATH}"
+ENV PATH="$PATH:${CODEQL_HOME}/codeql:/root/go/bin:/root/.go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+COPY scripts /root/scripts
 
-## Pre-compile our queries to save time later
-# RUN codeql query compile --threads=0 ${CODEQL_HOME}/codeql-repo/*/ql/src/codeql-suites/*.qls
-# RUN codeql query compile --threads=0 ${CODEQL_HOME}/codeql-go-repo/ql/src/codeql-suites/*.qls
+# Pre-compile our queries to save time later
+RUN codeql query compile --threads=0 ${CODEQL_HOME}/codeql-repo/*/ql/src/codeql-suites/*.qls
+RUN codeql query compile --threads=0 ${CODEQL_HOME}/codeql-go-repo/ql/src/codeql-suites/*.qls
 
-ENTRYPOINT /bin/bash
-# ENV PYTHONIOENCODING=utf-8
-# ENTRYPOINT ["python3", "/usr/local/startup_scripts/startup.py"]
+WORKDIR /root/
+ENTRYPOINT ["/root/scripts/run.sh"]

README.md

@@ -20,13 +20,27 @@ docker run -it j3ssie/codeql-docker:latest
 
 ## Usage
 
-### Access container with shell
+### Access container with bash shell
 
 ```shell
-docker run -it -t j3ssie/codeql-docker:latest /bin/bash
+docker run -it --entrypoint=/bin/bash -t j3ssie/codeql-docker:latest /bin/bash
 ```
 
-### Do analyze
+### Run with helper scripts
+
+With `/tmp/src` is your source code and `/tmp/results` is where result store.
+
+> NOTE: make sure /tmp/results folder is exist otherwise no result will be created
+
+```shell
+# simple usage
+docker run --rm --name codeql-docker -v "/tmp/src:/opt/src" -v "/tmp/results:/opt/results" -e "LANGUAGE=go" j3ssie/codeql-docker:latest
+
+# more options
+docker run --rm --name codeql-docker -v "/tmp/src:/opt/src" -v "/tmp/results:/opt/results" -e "LANGUAGE=go" -e "FORMAT=csv" -e "QS=golang-security-and-quality.qls" j3ssie/codeql-docker:latest
+```
+
+### Manual analyze
 
 ```shell
 # Copy your code to container

scripts/analyze.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+
+RED="\033[31m"
+YELLOW="\033[33m"
+GREEN="\033[32m"
+RESET="\033[0m"
+
+print_green() {
+    echo -e "${GREEN}${1}${RESET}"
+}
+
+SRC=/opt/src
+if [ -z $FORMAT ]
+then
+    FORMAT="sarif-latest"
+fi
+
+if [ -z $QS ]
+then
+    QS="$LANGUAGE-security-and-quality.qls"
+fi
+
+if [ -z $OUTPUT ]
+then
+    OUTPUT="/opt/results"
+fi
+DB=$OUTPUT/db
+
+echo "----------------"
+print_green " Language: $LANGUAGE"
+print_green " Query-suites: $QS"
+print_green " Database: $DB"
+print_green " Source: $SRC"
+print_green " Output: $OUTPUT"
+print_green " Format: $FORMAT"
+echo "----------------"
+
+echo -e "Creating DB: codeql database create --language=$LANGUAGE $DB -s $SRC"
+codeql database create --language=$LANGUAGE $DB -s $SRC
+
+echo -e "Start Scanning: codeql database analyze --format=$FORMAT --output=$OUTPUT/issues.$FORMAT $DB $QS"
+codeql database analyze --format=$FORMAT --output=$OUTPUT/issues.$FORMAT $DB $QS