Skip to content
CodeQL Lint (Go, No Security Alerts)

feat(ci): test 52 upgrade #12

Sign in to view logs

feat(ci): test 52 upgrade

feat(ci): test 52 upgrade #12

Workflow file for this run

.github/workflows/52.yml at 8a9f619
name: CodeQL Lint (Go, No Security Alerts)
on:
pull_request:
types: [opened, synchronize, reopened]
permissions:
contents: read
jobs:
codeql-lint:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- uses: actions/setup-go@v5
with:
go-version: 1.22
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
id: codeql-init
with:
db-location: ./tests/simapp/codeql-db
token: ${{ secrets.GITHUB_TOKEN }}
languages: go
source-root: ./tests/simapp
build-mode: manual
packs: skip-mev/cosmos-52-ql
- name: Build (Make Install)
working-directory: ./tests/simapp
run: |
go build ./connectd/...
- name: Analyze
working-directory: ./tests/simapp
run: |
echo $PWD
ls $PWD
${{ steps.codeql-init.outputs.codeql-path }} database finalize \
codeql-db/go
${{ steps.codeql-init.outputs.codeql-path }} database analyze \
--format=sarif-latest \
--output=codeql-results.sarif \
codeql-db/go \
skip-mev/cosmos-52-ql
- name: Install jq
uses: dcarbone/[email protected]
- name: Annotate code with findings
working-directory: ./tests/simapp
run: |
set -eoux pipefail
cat codeql-results.sarif
issues=$(jq -r '
.runs[].results[] |
. as $r |
($r.locations[0].physicalLocation.artifactLocation.uri | select(. != null)) as $file |
($r.locations[0].physicalLocation.region.startLine | select(. != null)) as $line |
($r.message.text | gsub("[\r\n]"; " ")) as $msg |
[$file, $line, $msg] | @tsv
' codeql-results.sarif )
while IFS=$'\t' read -r file line msg; do
file="${file#file://}"
echo "::warning file=$file,line=$line::$msg"
done <<< "$issues"