AIO Build Default Runners

jackgkafaty · jackgkafaty · commit d945f65dc78c · 2023-06-30T15:01:21.000-04:00
diff --git a/.github/workflows/CodeQL_AIO_Larger_Runner_Examples.yml b/.github/workflows/CodeQL_AIO_Larger_Runner_Examples.yml
@@ -1,7 +1,7 @@
 name: CodeQL_AIO_Larger_Runner_Example.yml 
 on:
-  push:
-    branches: [ main ]
+  #push:
+   # branches: [ main ]
 
   pull_request:
     branches: [main]
diff --git a/.github/workflows/CodeQL_AIO_Native_Runner_Example.yml b/.github/workflows/CodeQL_AIO_Native_Runner_Example.yml
@@ -0,0 +1,174 @@
+name: CodeQL_AIO_Larger_Runner_Example.yml 
+on:
+  push:
+    branches: [ main ]
+
+  pull_request:
+    branches: [main]
+
+jobs:
+  Container_Example01_JavaScript:
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [javascript]
+
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+     # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages:
+            ${{ matrix.language }}
+            # If you wish to specify custom queries, you can do so here or in a config file.
+            # By default, queries listed here will override any specified in a config file.
+            # Prefix the list here with "+" to use these queries and those in the config file.
+
+            # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+            # queries: security-extended,security-and-quality
+
+      - name: NPM Installation
+        working-directory: /Example01_JavaScript/
+        run: |
+          npm i -g typescript ts-node && \
+          npm install --omit=dev --unsafe-perm && \
+          npm dedupe && \
+          rm -rf frontend/node_modules && \
+          rm -rf frontend/.angular && \
+          rm -rf frontend/src/assets && \
+          mkdir logs && \
+          chown -R 65532 logs && \
+          chgrp -R 0 ftp/ frontend/dist/ logs/ data/ i18n/ && \
+          chmod -R g=u ftp/ frontend/dist/ logs/ data/ i18n/ && \
+          rm data/chatbot/botDefaultTrainingData.json || true && \
+          rm ftp/legal.md || true && \
+          rm i18n/*.json || true
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+
+  Container_Example02_Java:
+    needs: Container_Example01_JavaScript
+    runs-on: Ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [Java]
+
+    container:
+      image: openjdk:8
+      options: --cpus 5 --user root
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Install dependencies
+        working-directory: /Example02_Java/
+        run: |
+          apt-get update && \
+          apt-get install build-essential maven default-jdk cowsay netcat -y && \
+          update-alternatives --config javac
+          
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+
+      - name: Build with Maven
+        working-directory: /Example02_Java/
+        run: |
+          mvn -B package --file pom.xml
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+
+  Container_Example03_Csharp:
+    needs: [Container_Example01_JavaScript, Container_Example02_Java]
+    runs-on: windows-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [csharp]
+
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+
+      - name: Install dependencies
+        run: |
+          apt-get update && apt-get upgrade -y --no-install-recommends && \
+          apt-get install -y wget && \
+          apt-get install -y curl
+
+      - name: Setup .NET
+        uses: actions/setup-dotnet@v3
+        with:
+          dotnet-version: 7.0.x
+
+      - name: Build with dotnet
+        working-directory: /Example03_Csharp/WebGoatCore/
+        run: dotnet build WebGoatCore.csproj
+
+      # - name: Autobuild
+      #   uses: github/codeql-action/autobuild@v2
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+        
+  Container_Example04_DockerBuild_and_Scan:
+    needs: [Container_Example01_JavaScript, Container_Example02_Java, Container_Example03_Csharp]
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'python' ]
+    
+    steps:   
+    
+      - name: Checkout repository
+        uses: actions/checkout@v3   
+    
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+           languages: ${{ matrix.language }}
+             
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+    
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+    
