Skip to content

Support for Clang/LLVM Compiler #305

Support for Clang/LLVM Compiler

Support for Clang/LLVM Compiler #305

Workflow file for this run

name: "CodeQL"
on:
workflow_dispatch:
push:
branches: [ develop ]
paths:
- 'CMSIS/Core/**'
- 'CMSIS/Core_A/**'
- 'CMSIS/CoreValidation/**'
- 'Device/ARM/**'
pull_request:
branches: [ develop ]
paths:
- '.github/workflows/codeql-analysis.yml'
- 'CMSIS/Core/**'
- 'CMSIS/Core_A/**'
- 'CMSIS/CoreValidation/**'
- 'Device/ARM/**'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
env:
CMSIS_PACK_ROOT: /tmp/.packs-${{ github.run_id }}
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Install build dependencies
run: |
sudo apt install gcc-arm-none-eabi ninja-build cmake
- name: Cache pack folder
id: cache-packs
uses: actions/cache@v3
with:
key: packs-${{ github.run_id }}
restore-keys: |
packs-
path: /tmp/.packs-${{ github.run_id }}
- name: Install CMSIS-Toolbox
run: |
wget https://github.com/Open-CMSIS-Pack/cmsis-toolbox/releases/download/1.5.0/cmsis-toolbox.sh
chmod +x cmsis-toolbox.sh
sudo ./cmsis-toolbox.sh <<EOI
/opt/ctools
$CMSIS_PACK_ROOT
$(dirname $(which arm-none-eabi-gcc 2>/dev/null))
EOI
echo "/opt/ctools/bin" >> $GITHUB_PATH
echo "cpackget : $(which cpackget)"
echo "csolution: $(which csolution)"
echo "cbuild : $(which cbuild)"
- name: Initialize packs folder
if: steps.cache-packs.outputs.cache-hit != 'true'
run: cpackget init https://www.keil.com/pack/index.pidx
- name: Update pack index
if: steps.cache-packs.outputs.cache-hit == 'true'
run: cpackget update-index
- name: Install build.py requirements
run: pip install -r requirements.txt
working-directory: CMSIS/CoreValidation/Project
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: cpp
queries: security-and-quality
- name: Build projects
working-directory: CMSIS/CoreValidation/Project
run: |
pip install -r requirements.txt
cpackget add -a -f cpacklist.txt
python build.py --verbose -c GCC -d "CM[047]*" -d "CM[23]3*" -o low build || echo "Something failed!"
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2