-
Notifications
You must be signed in to change notification settings - Fork 47
52 lines (50 loc) · 1.57 KB
/
msvc-analysis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
name: msvc analysis
on:
pull_request:
branches:
- '**'
paths-ignore:
- '**/*.md'
jobs:
# We use the presence of the sonar token to detect if the PR comes from a fork
condition-check:
runs-on: ubuntu-latest
outputs:
ok: ${{ steps.check-secrets.outputs.ok }}
steps:
- name: Secret guard
id: check-secrets
run: |
if [ ! -z "${{ secrets.SONAR_TOKEN }}" ]; then
echo "ok=true" >> $GITHUB_OUTPUT
fi
vs2022:
needs:
- condition-check
runs-on: windows-2022
steps:
- name: Git checkout
uses: actions/checkout@v4
with:
submodules: 'recursive'
- name: Generate solution (release-x64)
run: python3 make.py -ci -compiler vs2022 -config Release -cpu x64
- name: Run MSVC Code Analysis
uses: microsoft/[email protected]
id: run-analysis
with:
cmakeBuildDirectory: ${{ github.workspace }}/build
buildConfiguration: Release
ruleset: NativeRecommendedRules.ruleset
ignoredPaths: ${{ github.workspace }}/external
- name: Upload SARIF to GitHub
# Can only upload SARIF if we don't come from a fork
if: ${{ needs.condition-check.outputs.ok == 'true' }}
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ${{ steps.run-analysis.outputs.sarif }}
- name: Upload SARIF as an Artifact
uses: actions/upload-artifact@v4
with:
name: sarif-file
path: ${{ steps.run-analysis.outputs.sarif }}