Skip to content

btnguyen2k/codeql-container

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

33 Commits
.github
.github
 
 
scripts
scripts
 
 
Dockerfile
Dockerfile
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
RELEASE-NOTES.md
RELEASE-NOTES.md
 
 

Repository files navigation

codeql-container

License Actions Status Release

This project aims at making it easier to start using GitHub CodeQL by packaging CodeQL CLI together with precompiled CodeQL queries in a Docker image.

You can build our own Docker image from the provided Dockerfile or use the prebuilt image to start using CodeQL CLI and run queries on your projects without installing it on your local machine.

Usage

Start running CodeQL queries on your project with a single command:

$ docker run --rm -v "<source-code-directory>:/opt/src" -v "<results-directory>:/opt/results" btnguyen2k/codeql-container <command> [options]

Input/Output directories

  • source-code-directory: The directory containing the source code to scan, must map this directory to the container's /opt/src directory.
  • results-directory: The directory to store the scan results, must map this directory to the container's /opt/results directory.

Commands

Command Description
help Print the help information and exit
security Run the security and quality analyzing query pack
security-extended Run the security analyzing extended query pack
scan Run the standard code scanning query pack

Options

Option Required Default Value Description
-l=language or --language=language true The programming language of the source code to scan, for example --language=java
-o=format or --output=format false sarif-latest The output format of the scan results, for example --output=csv
--override false Override the results directory if it is not empty

Example:

$ docker run -it --rm -v "$(pwd):/opt/src" -v "/tmp:/opt/results" btnguyen2k/codeql-container security --override --language=go --output=csv

Credits

This project draws inspiration from the microsoft/codeql-container repository and incorporates insights from travisgosselin's comment.

License

This project is licensed under the MIT License - see the LICENSE.md file for details.

Support and Contribution

Feel free to create pull requests or issues to report bugs or suggest new features. Please search the existing issues before filing new issues to avoid duplicates. For new issues, file your bug or feature request as a new issue.

If you find this project useful, please start it.

About

GitHub CodeQL packaged and precompiled in a container.

Resources

Readme

License

MIT license
Activity

Stars

16 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases 1

v0.1.0 Latest
Jan 8, 2024

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages