137 lines
3.7 KiB
YAML
137 lines
3.7 KiB
YAML
name: CodeQL Analysis (macos)
|
|
|
|
on:
|
|
|
|
push:
|
|
branches: [ "master" ]
|
|
paths:
|
|
- src/**
|
|
- cmake/**
|
|
- "**/CMakeLists.txt"
|
|
- "CMakePresets.json"
|
|
- "!.github/workflows/**"
|
|
- .github/workflows/codeql_macos.yml
|
|
- vcpkg.json
|
|
- "!**/Makefile*"
|
|
|
|
pull_request:
|
|
branches: [ "master" ]
|
|
paths:
|
|
- src/**
|
|
- cmake/**
|
|
- "**/CMakeLists.txt"
|
|
- "CMakePresets.json"
|
|
- "!.github/workflows/**"
|
|
- .github/workflows/codeql_macos.yml
|
|
- vcpkg.json
|
|
- "!**/Makefile*"
|
|
|
|
schedule:
|
|
- cron: '22 11 * * 0'
|
|
|
|
jobs:
|
|
|
|
analyze-macos13-x86_64:
|
|
|
|
name: "Analyze (${{ matrix.ui.name }}, ${{ matrix.build.name }}, ${{ matrix.dynarec.name }}, x86_64)"
|
|
|
|
runs-on: macos-13
|
|
|
|
env:
|
|
BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory # Directory where build-wrapper output will be placed
|
|
|
|
permissions:
|
|
actions: read
|
|
contents: read
|
|
security-events: write
|
|
|
|
strategy:
|
|
fail-fast: true
|
|
matrix:
|
|
language: [ 'cpp' ]
|
|
build:
|
|
# - name: Regular
|
|
# preset: regular
|
|
- name: Debug
|
|
preset: dev_debug
|
|
slug: -Debug
|
|
# - name: Dev
|
|
# preset: development
|
|
# slug: -Dev
|
|
dynarec:
|
|
- name: ODR
|
|
new: off
|
|
slug: -ODR
|
|
- name: NDR
|
|
new: on
|
|
slug: -NDR
|
|
ui:
|
|
- name: SDL GUI
|
|
qt: off
|
|
- name: Qt GUI
|
|
qt: on
|
|
slug: -Qt
|
|
packages: >-
|
|
qt@5
|
|
|
|
steps:
|
|
- name: Install dependencies
|
|
run: >-
|
|
brew install
|
|
sdl2
|
|
rtmidi
|
|
openal-soft
|
|
fluidsynth
|
|
libslirp
|
|
vde
|
|
libserialport
|
|
${{ matrix.ui.packages }}
|
|
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
|
|
|
|
- name: Install Build Wrapper
|
|
uses: SonarSource/sonarqube-scan-action/install-build-wrapper@v5
|
|
|
|
- name: Initialize CodeQL
|
|
uses: github/codeql-action/init@v3
|
|
with:
|
|
languages: ${{ matrix.language }}
|
|
config-file: ./.github/codeql/codeql-config.yml
|
|
|
|
- name: Configure CMake
|
|
run: >-
|
|
cmake -G Ninja -S . -B build --preset ${{ matrix.build.preset }}
|
|
--toolchain ./cmake/flags-gcc-x86_64.cmake
|
|
-D NEW_DYNAREC=${{ matrix.dynarec.new }}
|
|
-D CMAKE_INSTALL_PREFIX=./build/artifacts
|
|
-D QT=${{ matrix.ui.qt }}
|
|
-D Qt5_ROOT=$(brew --prefix qt@5)
|
|
-D Qt5LinguistTools_ROOT=$(brew --prefix qt@5)
|
|
-D OpenAL_ROOT=$(brew --prefix openal-soft)
|
|
-D LIBSERIALPORT_ROOT=$(brew --prefix libserialport)
|
|
|
|
- name: Build
|
|
run: |
|
|
build-wrapper-macosx-x86 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} cmake --build build
|
|
|
|
- name: Perform CodeQL Analysis
|
|
uses: github/codeql-action/analyze@v3
|
|
with:
|
|
category: "/language:${{matrix.language}}"
|
|
|
|
- name: SonarQube Scan
|
|
# if: matrix.build.preset == 'dev_debug' && matrix.dynarec.new == 'on' && matrix.ui.qt == 'on' && env.SONAR_TOKEN != ''
|
|
if: 0
|
|
uses: SonarSource/sonarqube-scan-action@v5
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
|
# SONAR_ROOT_CERT: ${{ secrets.SONAR_ROOT_CERT }}
|
|
with:
|
|
# Consult https://docs.sonarsource.com/sonarqube-server/latest/analyzing-source-code/scanners/sonarscanner/ for more information and options
|
|
args: >
|
|
--define sonar.cfamily.compile-commands=build/compile_commands.json
|