Skip to content

Commit 57fb8af

Browse files
jackgkafatyjackgkafaty
committed
AIO Build
1 parent 7da78d5 commit 57fb8af

File tree

1 file changed

+202
-0
lines changed

1 file changed

+202
-0
lines changed

.github/workflows/CodeQL_AIO_Examples.yml

Lines changed: 202 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,202 @@
1+
name: CodeQL_AIO_ContainerizedApp
2+
on:
3+
push:
4+
branches: [ main ]
5+
6+
pull_request:
7+
branches: [main]
8+
9+
jobs:
10+
Container_Example01_JavaScript:
11+
runs-on: "Ubuntu-latest"
12+
permissions:
13+
actions: read
14+
contents: read
15+
security-events: write
16+
17+
strategy:
18+
fail-fast: false
19+
matrix:
20+
language: [javascript]
21+
22+
container:
23+
image: node:18
24+
options: --user root
25+
26+
steps:
27+
- name: Checkout repository
28+
uses: actions/checkout@v3
29+
30+
- name: Set safe directory
31+
run: |
32+
git config --global --add safe.directory /__w/CodeQL_containerizedApp/CodeQL_containerizedApp/
33+
34+
# Initializes the CodeQL tools for scanning.
35+
- name: Initialize CodeQL
36+
uses: github/codeql-action/init@v2
37+
with:
38+
languages:
39+
${{ matrix.language }}
40+
# If you wish to specify custom queries, you can do so here or in a config file.
41+
# By default, queries listed here will override any specified in a config file.
42+
# Prefix the list here with "+" to use these queries and those in the config file.
43+
44+
# For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
45+
# queries: security-extended,security-and-quality
46+
47+
- name: NPM Installation
48+
working-directory: /__w/CodeQL_containerizedApp/CodeQL_containerizedApp/Example01_JavaScript/
49+
run: |
50+
npm i -g typescript ts-node && \
51+
npm install --omit=dev --unsafe-perm && \
52+
npm dedupe && \
53+
rm -rf frontend/node_modules && \
54+
rm -rf frontend/.angular && \
55+
rm -rf frontend/src/assets && \
56+
mkdir logs && \
57+
chown -R 65532 logs && \
58+
chgrp -R 0 ftp/ frontend/dist/ logs/ data/ i18n/ && \
59+
chmod -R g=u ftp/ frontend/dist/ logs/ data/ i18n/ && \
60+
rm data/chatbot/botDefaultTrainingData.json || true && \
61+
rm ftp/legal.md || true && \
62+
rm i18n/*.json || true
63+
64+
- name: Perform CodeQL Analysis
65+
uses: github/codeql-action/analyze@v2
66+
67+
Container_Example02_Java:
68+
needs: Container_Example01_JavaScript
69+
runs-on: "Ubuntu-latest"
70+
permissions:
71+
actions: read
72+
contents: read
73+
security-events: write
74+
75+
strategy:
76+
fail-fast: false
77+
matrix:
78+
language: [Java]
79+
80+
container:
81+
image: openjdk:8
82+
options: --user root
83+
84+
steps:
85+
- name: Checkout repository
86+
uses: actions/checkout@v3
87+
88+
- name: Set safe directory
89+
run: |
90+
git config --global --add safe.directory /__w/CodeQL_containerizedApp/CodeQL_containerizedApp/
91+
92+
- name: Install dependencies
93+
working-directory: /__w/CodeQL_containerizedApp/CodeQL_containerizedApp/Example02_Java/
94+
run: |
95+
apt-get update && \
96+
apt-get install build-essential maven default-jdk cowsay netcat -y && \
97+
update-alternatives --config javac
98+
99+
- name: Initialize CodeQL
100+
uses: github/codeql-action/init@v2
101+
with:
102+
languages: ${{ matrix.language }}
103+
104+
- name: Build with Maven
105+
working-directory: /__w/CodeQL_containerizedApp/CodeQL_containerizedApp/Example02_Java/
106+
run: |
107+
mvn -B package --file pom.xml
108+
109+
- name: Perform CodeQL Analysis
110+
uses: github/codeql-action/analyze@v2
111+
112+
Container_Example03_Csharp:
113+
needs: [Container_Example01_JavaScript, Container_Example02_Java]
114+
runs-on: "Ubuntu-latest"
115+
permissions:
116+
actions: read
117+
contents: read
118+
security-events: write
119+
120+
strategy:
121+
fail-fast: false
122+
matrix:
123+
language: [csharp]
124+
125+
container:
126+
image: mcr.microsoft.com/dotnet/aspnet:7.0
127+
#options: --cpu 2
128+
129+
steps:
130+
- name: Checkout repository
131+
uses: actions/checkout@v3
132+
133+
- name: Initialize CodeQL
134+
uses: github/codeql-action/init@v2
135+
with:
136+
languages: ${{ matrix.language }}
137+
138+
- name: Install dependencies
139+
run: |
140+
apt-get update && apt-get upgrade -y --no-install-recommends && \
141+
apt-get install -y wget && \
142+
apt-get install -y curl
143+
144+
- name: Setup .NET
145+
uses: actions/setup-dotnet@v3
146+
with:
147+
dotnet-version: 7.0.x
148+
149+
- name: Build with dotnet
150+
working-directory: /__w/CodeQL_containerizedApp/CodeQL_containerizedApp/Example03_Csharp/WebGoatCore/
151+
run: dotnet build WebGoatCore.csproj
152+
153+
# - name: Autobuild
154+
# uses: github/codeql-action/autobuild@v2
155+
156+
- name: Perform CodeQL Analysis
157+
uses: github/codeql-action/analyze@v2
158+
159+
Container_Example04_DockerBuild_and_Scan:
160+
needs: [Container_Example01_JavaScript, Container_Example02_Java, Container_Example03_Csharp]
161+
name: Analyze
162+
runs-on: "Ubuntu-latest"
163+
permissions:
164+
actions: read
165+
contents: read
166+
security-events: write
167+
168+
strategy:
169+
fail-fast: false
170+
matrix:
171+
language: [ 'python' ]
172+
173+
container:
174+
image: jkafaty/codeql-dockerapp-example
175+
options: --user root
176+
177+
steps:
178+
179+
- name: Checkout repository
180+
uses: actions/checkout@v3
181+
182+
- name: Fix permissions and Install Python3
183+
run: |
184+
chown root:root -R /github/home/ && \
185+
chmod 777 -R /github/home/ && \
186+
chown root:root -R /__w/_actions/github/codeql-action/ && \
187+
chmod 777 -R /__w/_actions/github/codeql-action/ && \
188+
apt-get update && apt-get install -y python3 python3-pip
189+
190+
- name: Initialize CodeQL
191+
uses: github/codeql-action/init@v2
192+
with:
193+
languages: ${{ matrix.language }}
194+
195+
- name: Autobuild
196+
uses: github/codeql-action/autobuild@v2
197+
198+
- name: Perform CodeQL Analysis
199+
uses: github/codeql-action/analyze@v2
200+
201+
202+

0 commit comments

Comments
 (0)