From e7f4ef0de22fd4bba2078d14b2a64f2a4d068ba0 Mon Sep 17 00:00:00 2001 From: Vicente Adolfo Bolea Sanchez Date: Wed, 3 May 2023 13:05:00 -0400 Subject: [PATCH] add codeql workflow --- .github/workflows/everything.yml | 54 +++++++++++++++++++ .../ci-ubuntu20.04-gcc8-serial-codeql.cmake | 35 ++++++++++++ 2 files changed, 89 insertions(+) create mode 100644 scripts/ci/cmake/ci-ubuntu20.04-gcc8-serial-codeql.cmake diff --git a/.github/workflows/everything.yml b/.github/workflows/everything.yml index 680f0c5e8b..a34d758595 100644 --- a/.github/workflows/everything.yml +++ b/.github/workflows/everything.yml @@ -492,6 +492,60 @@ jobs: - name: Test run: /opt/adios2/source/testing/contract/${{ matrix.code }}/test.sh +####################################### +# Code analysis builds +####################################### + + analyze: + needs: [format, git_checks] + name: CodeQL + runs-on: ubuntu-latest + container: + image: 'ghcr.io/ornladios/adios2:ci-spack-ubuntu20.04-gcc8' + env: + GH_YML_JOBNAME: ubuntu20.04-gcc8-serial-codeql + GH_YML_BASE_OS: Linux + GH_YML_MATRIX_OS: ubuntu20.04 + GH_YML_MATRIX_COMPILER: gcc8 + GH_YML_MATRIX_PARALLEL: serial + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'cpp' ] + + steps: + - uses: actions/checkout@v3 + with: + path: gha + - uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.sha }} + path: source + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + config: | + paths-ignore: + - source/thirdparty/ + - name: Setup + run: gha/scripts/ci/gh-actions/linux-setup.sh + - name: Update + run: gha/scripts/ci/gh-actions/run.sh update + - name: Configure + run: gha/scripts/ci/gh-actions/run.sh configure + - name: Build + run: gha/scripts/ci/gh-actions/run.sh build + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{matrix.language}}" + ####################################### # Workaround for skipping matrix jobs ####################################### diff --git a/scripts/ci/cmake/ci-ubuntu20.04-gcc8-serial-codeql.cmake b/scripts/ci/cmake/ci-ubuntu20.04-gcc8-serial-codeql.cmake new file mode 100644 index 0000000000..2e2855cb92 --- /dev/null +++ b/scripts/ci/cmake/ci-ubuntu20.04-gcc8-serial-codeql.cmake @@ -0,0 +1,35 @@ +set(ENV{CC} gcc) +set(ENV{CXX} g++) +set(ENV{FC} gfortran) + +execute_process( + COMMAND "python3-config" "--prefix" + OUTPUT_VARIABLE PY_ROOT + OUTPUT_STRIP_TRAILING_WHITESPACE) + +set(dashboard_cache " +ADIOS2_USE_BZip2:BOOL=ON +ADIOS2_USE_Blosc:BOOL=ON +ADIOS2_USE_DataMan:BOOL=ON +ADIOS2_USE_Fortran:BOOL=ON +ADIOS2_USE_HDF5:BOOL=ON +ADIOS2_USE_MPI:BOOL=OFF +ADIOS2_USE_Python:BOOL=ON +ADIOS2_USE_SZ:BOOL=ON +ADIOS2_USE_ZeroMQ:STRING=ON +ADIOS2_USE_ZFP:BOOL=ON + +Python_ROOT_DIR:PATH=${PY_ROOT} +Python_FIND_STRATEGY:STRING=LOCATION +Python_FIND_FRAMEWORK:STRING=FIRST + +CMAKE_C_COMPILER_LAUNCHER=ccache +CMAKE_CXX_COMPILER_LAUNCHER=ccache +CMAKE_C_FLAGS:STRING=-Wall +CMAKE_CXX_FLAGS:STRING=-Wall +CMAKE_Fortran_FLAGS:STRING=-Wall +") + +set(CTEST_CMAKE_GENERATOR "Ninja") +list(APPEND CTEST_UPDATE_NOTES_FILES "${CMAKE_CURRENT_LIST_FILE}") +include(${CMAKE_CURRENT_LIST_DIR}/ci-common.cmake)