blob: ff63a60665f08c6e872d8af198abd7825818c14e [file] [log] [blame]
name: Run CodeQL Analysis
description: Run and upload CodeQL Analysis
inputs:
language:
description: "language for codeql analysis"
required: true
runs:
using: "composite"
steps:
- name: Perform CodeQL Analysis
if: ${{ inputs.run-codeql }}
uses: github/codeql-action/analyze@v2
with:
category: "/language:${{ inputs.language }}"
upload: False
output: sarif-results
- name: filter-sarif
if: ${{ inputs.run-codeql }}
uses: advanced-security/filter-sarif@v1
with:
patterns: |
-**/third_party/**
-**/scripts/**
input: "sarif-results/${{ inputs.language }}.sarif"
output: "sarif-results/${{ inputs.language }}.sarif"
- name: Upload SARIF
if: ${{ inputs.run-codeql }}
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: "sarif-results/${{ inputs.language }}.sarif"
- name: Upload loc as a Build Artifact
if: ${{ inputs.run-codeql }}
uses: actions/upload-artifact@v2.2.0
with:
name: sarif-results
path: sarif-results
retention-days: 1