From a80ec754658fc19dd55243619dc41bcb36fda2b6 Mon Sep 17 00:00:00 2001 From: ReenigneArcher <42013603+ReenigneArcher@users.noreply.github.com> Date: Sat, 7 Jun 2025 17:19:04 -0400 Subject: [PATCH] ci(codeql): use no build mode (#3943) --- .codeql-prebuild-cpp-Linux.sh | 11 ----- .codeql-prebuild-cpp-Windows.sh | 59 ----------------------- .codeql-prebuild-cpp-macOS.sh | 32 ------------- .github/workflows/codeql.yml | 85 ++++++++++++++------------------- 4 files changed, 36 insertions(+), 151 deletions(-) delete mode 100644 .codeql-prebuild-cpp-Linux.sh delete mode 100644 .codeql-prebuild-cpp-Windows.sh delete mode 100644 .codeql-prebuild-cpp-macOS.sh diff --git a/.codeql-prebuild-cpp-Linux.sh b/.codeql-prebuild-cpp-Linux.sh deleted file mode 100644 index f0d03bb2..00000000 --- a/.codeql-prebuild-cpp-Linux.sh +++ /dev/null @@ -1,11 +0,0 @@ -# install dependencies for C++ analysis -set -e - -chmod +x ./scripts/linux_build.sh -./scripts/linux_build.sh --skip-package --ubuntu-test-repo - -# Delete CUDA -rm -rf ./build/cuda - -# skip autobuild -echo "skip_autobuild=true" >> "$GITHUB_OUTPUT" diff --git a/.codeql-prebuild-cpp-Windows.sh b/.codeql-prebuild-cpp-Windows.sh deleted file mode 100644 index b860c9e8..00000000 --- a/.codeql-prebuild-cpp-Windows.sh +++ /dev/null @@ -1,59 +0,0 @@ -# install dependencies for C++ analysis -set -e - -# update pacman -pacman --noconfirm -Syu - -gcc_version="14.2.0-3" - -broken_deps=( - "mingw-w64-ucrt-x86_64-gcc" - "mingw-w64-ucrt-x86_64-gcc-libs" -) - -tarballs="" -for dep in "${broken_deps[@]}"; do - tarball="${dep}-${gcc_version}-any.pkg.tar.zst" - - # download and install working version - wget https://repo.msys2.org/mingw/ucrt64/${tarball} - - tarballs="${tarballs} ${tarball}" -done - -# install broken dependencies -if [ -n "$tarballs" ]; then - pacman -U --noconfirm ${tarballs} -fi - -# install dependencies -dependencies=( - "git" - "mingw-w64-ucrt-x86_64-cmake" - "mingw-w64-ucrt-x86_64-cppwinrt" - "mingw-w64-ucrt-x86_64-curl-winssl" - "mingw-w64-ucrt-x86_64-MinHook" - "mingw-w64-ucrt-x86_64-miniupnpc" - "mingw-w64-ucrt-x86_64-nlohmann-json" - "mingw-w64-ucrt-x86_64-nodejs" - "mingw-w64-ucrt-x86_64-nsis" - "mingw-w64-ucrt-x86_64-onevpl" - "mingw-w64-ucrt-x86_64-openssl" - "mingw-w64-ucrt-x86_64-opus" - "mingw-w64-ucrt-x86_64-toolchain" -) - -pacman -Syu --noconfirm --ignore="$(IFS=,; echo "${broken_deps[*]}")" "${dependencies[@]}" - -# build -mkdir -p build -cmake \ - -B build \ - -G Ninja \ - -S . \ - -DBUILD_DOCS=OFF \ - -DBUILD_WERROR=ON -ninja -C build - -# skip autobuild -echo "skip_autobuild=true" >> "$GITHUB_OUTPUT" diff --git a/.codeql-prebuild-cpp-macOS.sh b/.codeql-prebuild-cpp-macOS.sh deleted file mode 100644 index a21a69c3..00000000 --- a/.codeql-prebuild-cpp-macOS.sh +++ /dev/null @@ -1,32 +0,0 @@ -# install dependencies for C++ analysis -set -e - -# setup homebrew for x86_64 -/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" -eval "$(/usr/local/bin/brew shellenv)" - -# install dependencies -dependencies=( - "cmake" - "miniupnpc" - "ninja" - "node" - "openssl@3" - "opus" - "pkg-config" -) -brew install "${dependencies[@]}" - -# build -mkdir -p build -cmake \ - -B build \ - -G Ninja \ - -S . \ - -DBOOST_USE_STATIC=OFF \ - -DBUILD_DOCS=OFF \ - -DBUILD_WERROR=ON -ninja -C build - -# skip autobuild -echo "skip_autobuild=true" >> "$GITHUB_OUTPUT" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c9949dd3..24a4945e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -39,13 +39,23 @@ jobs: uses: actions/github-script@v7 with: script: | - // CodeQL supports ['cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift'] - // Use only 'java' to analyze code written in Java, Kotlin or both - // Use only 'javascript' to analyze code written in JavaScript, TypeScript or both + // CodeQL supports the following: + // ['actions', 'c', 'cpp', 'csharp', 'go', 'java', 'javascript', 'kotlin', 'python', 'ruby', 'swift'] + // Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support - const supported_languages = ['cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift'] + const supported_languages = [ + 'cpp', + 'csharp', + 'go', + 'java', + 'javascript', + 'python', + 'ruby', + 'swift', + ] const remap_languages = { + 'c': 'cpp', 'c++': 'cpp', 'c#': 'csharp', 'kotlin': 'java', @@ -73,7 +83,8 @@ jobs: "category": "/language:actions", "language": "actions", "name": "actions", - "os": "ubuntu-latest" + "os": "ubuntu-latest", + "build-mode": "none", }); } @@ -94,8 +105,6 @@ jobs: let osList = ['ubuntu-latest']; if (normalizedKey === 'swift') { osList = ['macos-latest']; - } else if (normalizedKey === 'cpp') { - osList = ['macos-latest', 'ubuntu-latest', 'windows-latest']; } for (let os of osList) { // set name for matrix @@ -103,8 +112,21 @@ jobs: // set category for matrix let category = `/language:${normalizedKey}` - if (normalizedKey === 'cpp') { - category = `/language:cpp-${os.split('-')[0]}` + let build_mode = 'none'; + + // Set build mode based on language + switch (normalizedKey) { + case 'csharp': + build_mode = 'autobuild' + break + case 'go': + build_mode = 'autobuild' + break + case 'java': + build_mode = 'autobuild' + break + default: + build_mode = 'none' } // add to matrix @@ -112,7 +134,8 @@ jobs: "category": category, "language": normalizedKey, "name": name, - "os": os + "os": os, + "build-mode": build_mode, }) } } @@ -140,9 +163,6 @@ jobs: analyze: name: Analyze (${{ matrix.name }}) if: needs.languages.outputs.continue == 'true' - defaults: - run: - shell: ${{ matrix.os == 'windows-latest' && 'msys2 {0}' || 'bash' }} env: GITHUB_CODEQL_BUILD: true needs: languages @@ -154,35 +174,13 @@ jobs: strategy: fail-fast: false matrix: ${{ fromJson(needs.languages.outputs.matrix) }} - timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} + timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 60 }} steps: - - name: Maximize build space - if: >- - runner.os == 'Linux' && - matrix.language == 'cpp' - uses: easimon/maximize-build-space@v10 - with: - root-reserve-mb: 30720 - remove-dotnet: ${{ (matrix.language == 'csharp' && 'false') || 'true' }} - remove-android: 'true' - remove-haskell: 'true' - remove-codeql: 'false' - remove-docker-images: 'true' - - name: Checkout repository uses: actions/checkout@v4 with: submodules: recursive - - name: Setup msys2 - if: >- - runner.os == 'Windows' && - matrix.language == 'cpp' - uses: msys2/setup-msys2@v2 - with: - msystem: ucrt64 - update: true - # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v3 @@ -200,22 +198,11 @@ jobs: - build - node_modules - third-party - - # Pre autobuild - # create a file named .codeql-prebuild-${{ matrix.language }}-${{ runner.os }}.sh in the root of your repository - - name: Prebuild - id: prebuild - run: | - # check if prebuild script exists - filename=".codeql-prebuild-${{ matrix.language }}-${{ runner.os }}.sh" - if [ -f "./${filename}" ]; then - echo "Running prebuild script: ${filename}" - ./${filename} - fi + build-mode: ${{ matrix.build-mode || 'none' }} # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). - name: Autobuild - if: steps.prebuild.outputs.skip_autobuild != 'true' + if: matrix.build-mode == 'autobuild' uses: github/codeql-action/autobuild@v3 - name: Perform CodeQL Analysis