name: "CodeQL Advanced" on: push: branches: [ "master" ] pull_request: branches: [ "master" ] schedule: - cron: '27 20 * * 0' jobs: analyze: name: Analyze (${{ matrix.language }}) runs-on: ubuntu-latest permissions: security-events: write packages: read actions: read contents: read defaults: run: shell: bash strategy: fail-fast: false matrix: include: - language: c-cpp build-mode: manual steps: - name: Checkout repository uses: actions/checkout@v4 - name: Check for cache id: check-cache run: | if [ -z "${{ runner.os }}-cross-${{ hashFiles('tools/Makefile') }}" ]; then echo "No cache found, cancelling job." exit 1 fi - name: Initialize CodeQL uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} - if: matrix.build-mode == 'manual' shell: bash run: | echo 'If you are using a "manual" build mode for one or more of the' \ 'languages you are analyzing, replace this with the commands to build' \ 'your code, for example:' echo ' make bootstrap' echo ' make release' exit 1 - name: Install Packages run: | sudo apt update sudo apt -y install rustc xorriso mtools genisoimage ovmf nasm doxygen make gcc-mingw-w64-x86-64 gcc-mingw-w64-i686 mingw-w64 build-essential bison flex libgmp3-dev libmpc-dev libmpfr-dev texinfo make --quiet -C tools do_limine make --quiet -C Drivers prepare make --quiet -C Userspace prepare make --quiet -C Kernel prepare - name: Cache cross id: cache-cross uses: actions/cache@v3 with: path: tools/cross key: ${{ runner.os }}-cross-${{ hashFiles('tools/Makefile') }} - name: Build OS run: | make build_userspace make build_drivers make build_kernel make build_userspace - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}"