From 04c60386cdeffa21f2349b1b1d88399bde1af65d Mon Sep 17 00:00:00 2001 From: Kirill Kovalev Date: Thu, 14 Nov 2024 11:57:27 +0300 Subject: [PATCH 1/4] Enable manual build --- .github/workflows/codeql-analysis.yml | 31 +++++++++++++-------------- 1 file changed, 15 insertions(+), 16 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 641b49f8..b299cd11 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -45,7 +45,7 @@ jobs: matrix: include: - language: csharp - build-mode: autobuild + build-mode: manual # CodeQL supports the following values keywords for 'language': 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' # Use `c-cpp` to analyze code written in C, C++ or both # Use 'java-kotlin' to analyze code written in Java, Kotlin or both @@ -71,21 +71,20 @@ jobs: # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs # queries: security-extended,security-and-quality - # If the analyze step fails for one of the languages you are analyzing with - # "We were unable to automatically build your code", modify the matrix above - # to set the build mode to "manual" for that language. Then modify this step - # to build your code. - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - - if: matrix.build-mode == 'manual' - shell: bash - run: | - echo 'If you are using a "manual" build mode for one or more of the' \ - 'languages you are analyzing, replace this with the commands to build' \ - 'your code, for example:' - echo ' make bootstrap' - echo ' make release' - exit 1 + # Custom manual build steps for C# using dotnet + - if: matrix.build-mode == 'manual' && matrix.language == 'csharp' + name: Install .NET + uses: actions/setup-dotnet@v3 + with: + dotnet-version: '9.x' # Adjust if you're using a different .NET version + + - if: matrix.build-mode == 'manual' && matrix.language == 'csharp' + name: Restore dependencies + run: dotnet restore + + - if: matrix.build-mode == 'manual' && matrix.language == 'csharp' + name: Build the code + run: dotnet build --no-restore - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 From e04ebfe2dc2c748c0d4e30d9c09cbbb1f9d10e85 Mon Sep 17 00:00:00 2001 From: Kirill Kovalev Date: Thu, 14 Nov 2024 12:18:52 +0300 Subject: [PATCH 2/4] Update setup-dotnet action --- .github/workflows/codeql-analysis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index b299cd11..54b60f24 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -45,7 +45,7 @@ jobs: matrix: include: - language: csharp - build-mode: manual + build-mode: autobuild # CodeQL supports the following values keywords for 'language': 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' # Use `c-cpp` to analyze code written in C, C++ or both # Use 'java-kotlin' to analyze code written in Java, Kotlin or both @@ -74,7 +74,7 @@ jobs: # Custom manual build steps for C# using dotnet - if: matrix.build-mode == 'manual' && matrix.language == 'csharp' name: Install .NET - uses: actions/setup-dotnet@v3 + uses: actions/setup-dotnet@v4 with: dotnet-version: '9.x' # Adjust if you're using a different .NET version From 5c43c3161ebd1f12835342fec1fb665ca5469a2b Mon Sep 17 00:00:00 2001 From: Kirill Kovalev Date: Thu, 14 Nov 2024 12:18:52 +0300 Subject: [PATCH 3/4] Update setup-dotnet action --- .github/workflows/codeql-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index b299cd11..0341eb12 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -74,7 +74,7 @@ jobs: # Custom manual build steps for C# using dotnet - if: matrix.build-mode == 'manual' && matrix.language == 'csharp' name: Install .NET - uses: actions/setup-dotnet@v3 + uses: actions/setup-dotnet@v4 with: dotnet-version: '9.x' # Adjust if you're using a different .NET version From 5716bc5f16210ee3c23de628b558b289b4295593 Mon Sep 17 00:00:00 2001 From: Kirill Kovalev Date: Thu, 14 Nov 2024 12:23:44 +0300 Subject: [PATCH 4/4] Switch to manual building mode --- .github/workflows/codeql-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 54b60f24..0341eb12 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -45,7 +45,7 @@ jobs: matrix: include: - language: csharp - build-mode: autobuild + build-mode: manual # CodeQL supports the following values keywords for 'language': 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' # Use `c-cpp` to analyze code written in C, C++ or both # Use 'java-kotlin' to analyze code written in Java, Kotlin or both