From edd0a49db85b06e7a18711ca1487ec8018d82011 Mon Sep 17 00:00:00 2001 From: Amna Shafiq <91342046+MainaisGud@users.noreply.github.com> Date: Mon, 12 Jun 2023 13:07:00 +0500 Subject: [PATCH 1/5] Create SAusingCodeQL.yml --- .github/workflows/SAusingCodeQL.yml | 1 + 1 file changed, 1 insertion(+) create mode 100644 .github/workflows/SAusingCodeQL.yml diff --git a/.github/workflows/SAusingCodeQL.yml b/.github/workflows/SAusingCodeQL.yml new file mode 100644 index 0000000..792d600 --- /dev/null +++ b/.github/workflows/SAusingCodeQL.yml @@ -0,0 +1 @@ +# From ea4845c1b841ae0149dd5d0dcf85806ed8e02779 Mon Sep 17 00:00:00 2001 From: Amna Shafiq <91342046+MainaisGud@users.noreply.github.com> Date: Mon, 12 Jun 2023 13:07:31 +0500 Subject: [PATCH 2/5] Add files via upload --- .github/workflows/CI.yml | 31 +++++++++++++++++++++++ .github/workflows/SAusingCodeql.yml | 39 +++++++++++++++++++++++++++++ 2 files changed, 70 insertions(+) create mode 100644 .github/workflows/CI.yml create mode 100644 .github/workflows/SAusingCodeql.yml diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml new file mode 100644 index 0000000..5e15875 --- /dev/null +++ b/.github/workflows/CI.yml @@ -0,0 +1,31 @@ +name: CI + +on: + push: + branches: + - main + pull_request: + branches: + - main + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: 3.9 + + - name: Run black + run: black --check . + + - name: Publish artifacts + uses: actions/upload-artifact@v2 + with: + name: package + path: dist/ diff --git a/.github/workflows/SAusingCodeql.yml b/.github/workflows/SAusingCodeql.yml new file mode 100644 index 0000000..8105d99 --- /dev/null +++ b/.github/workflows/SAusingCodeql.yml @@ -0,0 +1,39 @@ +name: CodeQL Analysis + +on: + push: + branches: + - main + pull_request: + branches: + - main + +jobs: + analyze: + name: Analyze code + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: python + + - name: Build CodeQL database + run: | + codeql database create --language=python --source-root=. --name=my-database + codeql database analyze --database=my-database --output=results.sarif + - name: Publish findings as comment + run: | + echo "Code scan findings summary:" + cat results.sarif | jq -r '.runs[].tool.driver.runs[].results[].message.text' | awk '!seen[$0]++' | sed -E -e 's/(.)/\1 /g' -e 's/^/ - /' | sed -E ':a;N;$!ba;s/\r{0,1}\n/\\n/g' | sed -E 's/"/\\"/g' > comment.txt + gh issue comment --body-file comment.txt + + + - name: Upload CodeQL results + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: results.sarif From 09a2a8195b25b69531019c1c9668c9207be92402 Mon Sep 17 00:00:00 2001 From: Amna Shafiq <91342046+MainaisGud@users.noreply.github.com> Date: Mon, 12 Jun 2023 13:08:01 +0500 Subject: [PATCH 3/5] Delete SAusingCodeQL.yml --- .github/workflows/SAusingCodeQL.yml | 1 - 1 file changed, 1 deletion(-) delete mode 100644 .github/workflows/SAusingCodeQL.yml diff --git a/.github/workflows/SAusingCodeQL.yml b/.github/workflows/SAusingCodeQL.yml deleted file mode 100644 index 792d600..0000000 --- a/.github/workflows/SAusingCodeQL.yml +++ /dev/null @@ -1 +0,0 @@ -# From cbae41b9d333fb7a47df7770b0aa658bdef03188 Mon Sep 17 00:00:00 2001 From: Amna Shafiq <91342046+MainaisGud@users.noreply.github.com> Date: Mon, 12 Jun 2023 13:08:24 +0500 Subject: [PATCH 4/5] Update CI.yml --- .github/workflows/CI.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/CI.yml b/.github/workflows/CI.yml index 5e15875..5b7b0b6 100644 --- a/.github/workflows/CI.yml +++ b/.github/workflows/CI.yml @@ -3,10 +3,10 @@ name: CI on: push: branches: - - main + - master pull_request: branches: - - main + - master jobs: build: From 4d0cd0ae0dcc4e7638b0e95b66b93e25f137fb33 Mon Sep 17 00:00:00 2001 From: Amna Shafiq <91342046+MainaisGud@users.noreply.github.com> Date: Mon, 12 Jun 2023 13:08:56 +0500 Subject: [PATCH 5/5] Update SAusingCodeql.yml --- .github/workflows/SAusingCodeql.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/SAusingCodeql.yml b/.github/workflows/SAusingCodeql.yml index 8105d99..07bef40 100644 --- a/.github/workflows/SAusingCodeql.yml +++ b/.github/workflows/SAusingCodeql.yml @@ -3,10 +3,10 @@ name: CodeQL Analysis on: push: branches: - - main + - master pull_request: branches: - - main + - master jobs: analyze: