Add scripts to run microsoft/AttackSurfaceAnalyzer for the azure-osco… #331
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CodeQL | |
on: | |
push: | |
branches: [main, release/*] | |
schedule: | |
- cron: 30 1 1,15 * * # At 01:30 UTC on the 1st and 15th of every month | |
jobs: | |
analyze: | |
name: Analyze | |
runs-on: ubuntu-latest | |
container: | |
image: ghcr.io/azure/azure-osconfig/ubuntu20.04-amd64 | |
permissions: | |
actions: read | |
contents: read | |
security-events: write | |
strategy: | |
fail-fast: false | |
matrix: | |
# CodeQL language support https://aka.ms/codeql-docs/language-support | |
language: [cpp, csharp] | |
steps: | |
- uses: actions/checkout@v4 | |
if: matrix.language == 'cpp' | |
with: | |
submodules: recursive | |
clean: true | |
- uses: actions/checkout@v4 | |
if: matrix.language == 'csharp' | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v2 | |
with: | |
languages: ${{ matrix.language }} | |
- run: mkdir build | |
if: matrix.language == 'cpp' | |
- name: Generate build | |
if: matrix.language == 'cpp' | |
working-directory: build | |
run: cmake ../src -DCMAKE_build-type=Release -Duse_prov_client=ON -Dhsm_type_symm_key=ON -DCOMPILE_WITH_STRICTNESS=ON -DBUILD_TESTS=OFF -DBUILD_SAMPLES=ON -DBUILD_ADAPTERS=ON -G Ninja | |
- name: Build azure-osconfig | |
if: matrix.language == 'cpp' | |
working-directory: build | |
run: cmake --build . --config Release | |
- name: Setup dotnet | |
if: matrix.language == 'csharp' | |
uses: actions/setup-dotnet@v1 | |
with: | |
dotnet-version: 6.0.x | |
- name: Autobuild | |
if: matrix.language == 'csharp' | |
uses: github/codeql-action/autobuild@v2 | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v2 | |
with: | |
category: '/language:${{matrix.language}}' |