name: CodeQL Analysis (Windows, msys2) on: push: branches: [ "master" ] paths: - src/** - cmake/** - "**/CMakeLists.txt" - "CMakePresets.json" - "!.github/workflows/**" - .github/workflows/codeql_windows_msys2.yml - vcpkg.json - "!**/Makefile*" pull_request: branches: [ "master" ] paths: - src/** - cmake/** - "**/CMakeLists.txt" - "CMakePresets.json" - "!.github/workflows/**" - .github/workflows/codeql_windows_msys2.yml - vcpkg.json - "!**/Makefile*" schedule: - cron: '22 11 * * 0' jobs: analyze-msys2: name: "Analyze (${{ matrix.ui.name }}, ${{ matrix.build.name }}, ${{ matrix.dynarec.name }}, ${{ matrix.environment.msystem }})" runs-on: ${{ matrix.environment.runner }} env: BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory # Directory where build-wrapper output will be placed permissions: actions: read contents: read security-events: write defaults: run: shell: msys2 {0} strategy: fail-fast: true matrix: language: [ 'cpp' ] build: # - name: Regular # preset: regular - name: Debug preset: dev_debug slug: -Debug # - name: Dev # preset: development # slug: -Dev dynarec: - name: ODR new: off slug: -ODR - name: NDR new: on slug: -NDR ui: - name: Qt GUI qt: on static: off slug: -Qt packages: >- qt5-base:p qt5-tools:p vulkan-headers:p environment: # - msystem: MSYS # toolchain: ./cmake/flags-gcc-x86_64.cmake # slug: "-MSYS64" - msystem: MINGW64 prefix: mingw-w64-x86_64 toolchain: ./cmake/flags-gcc-x86_64.cmake slug: "-64" runner: windows-2022 # - msystem: CLANG64 # prefix: mingw-w64-clang-x86_64 # toolchain: ./cmake/llvm-win32-x86_64.cmake # slug: "CLANG64" # runner: windows-2022 # - msystem: UCRT64 # prefix: mingw-w64-ucrt-x86_64 # toolchain: ./cmake/flags-gcc-x86_64.cmake # slug: "UCRT64" # runner: windows-2022 # - msystem: CLANGARM64 # toolchain: ./cmake/flags-gcc-aarch64.cmake # slug: -arm64 # runner: windows-11-arm exclude: - dynarec: new: off environment: msystem: CLANGARM64 steps: - name: Prepare MSYS2 environment uses: msys2/setup-msys2@v2 with: release: true update: true msystem: ${{ matrix.environment.msystem }} pacboy: >- ninja:p cmake:p gcc:p pkgconf:p freetype:p SDL2:p zlib:p libpng:p openal:p rtmidi:p libslirp:p fluidsynth:p libserialport:p ${{ matrix.ui.packages }} openmp:p - name: Checkout repository uses: actions/checkout@v4 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis # - name: Install Build Wrapper # uses: SonarSource/sonarqube-scan-action/install-build-wrapper@v5 - name: Initialize CodeQL uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} config-file: ./.github/codeql/codeql-config.yml - name: Configure CMake run: >- cmake -G Ninja -S . -B build --preset ${{ matrix.build.preset }} --toolchain ${{ matrix.environment.toolchain }} -D NEW_DYNAREC=${{ matrix.dynarec.new }} -D CMAKE_INSTALL_PREFIX=./build/artifacts -D QT=${{ matrix.ui.qt }} -D STATIC_BUILD=${{ matrix.ui.static }} # - name: Build # run: | # .sonar/build-wrapper-win-x86/build-wrapper-win-x86-64.exe --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} cmake --build build - name: Build run: cmake --build build - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" - name: SonarQube Scan # if: matrix.build.preset == 'dev_debug' && matrix.dynarec.new == 'on' && matrix.ui.qt == 'on' && env.SONAR_TOKEN != '' if: 0 uses: SonarSource/sonarqube-scan-action@v5 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # SONAR_ROOT_CERT: ${{ secrets.SONAR_ROOT_CERT }} with: # Consult https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/scanners/sonarscanner/ for more information and options args: > --define sonar.cfamily.compile-commands=build/compile_commands.json