2 # GitHub Workflow for CodeQL Analysis
4 # Copyright (c) Microsoft Corporation.
6 # SPDX-License-Identifier: BSD-2-Clause-Patent
27 # https://crontab.guru/#20_23_*_*_4
37 security-events: write
49 "IntelFsp2WrapperPkg",
56 "SourceLevelDebugPkg",
59 "UnitTestFrameworkPkg"]
62 - name: Checkout repository
63 uses: actions/checkout@v3
65 # Initializes the CodeQL tools for scanning.
66 - name: Initialize CodeQL
67 uses: github/codeql-action/init@v2
70 # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
71 # Learn more about CodeQL language support at https://codeql.github.com/docs/codeql-overview/supported-languages-and-frameworks/
72 config-file: ./.github/codeql/codeql-config.yml
73 # Note: Add new queries to codeql-config.yml file as they are enabled.
75 - name: Install/Upgrade pip Modules
76 run: pip install -r pip-requirements.txt --upgrade
79 run: stuart_setup -c .pytool/CISettings.py -t DEBUG -a IA32,X64 TOOL_CHAIN_TAG=VS2019
82 run: stuart_update -c .pytool/CISettings.py -t DEBUG -a IA32,X64 TOOL_CHAIN_TAG=VS2019
84 - name: Build Tools From Source
85 run: python BaseTools/Edk2ToolsBuild.py -t VS2019
88 run: stuart_ci_build -c .pytool/CISettings.py -p ${{ matrix.package }} -t DEBUG -a IA32,X64 TOOL_CHAIN_TAG=VS2019
90 - name: Perform CodeQL Analysis
91 uses: github/codeql-action/analyze@v2