Description of the issue
Hi! 👋 So I'm trying out codeQL for some of my projects - it works great for simple builds (e.g., Python) but I'm hitting issues for more complex builds (e.g., c++). Most of the examples expect an action (within or outside a container) that perform the build after codeql init, and then running codeql analyze. The setups that I have are either:
- building a base container of the code directly in the action to use later e.g., here
- using a pre-built base container to run tests or perform other scanning e.g.,here or here
The build is pretty complex - and yes this is pretty crappy that it doesn't work with one nice make / cmake command, but this project is really old and I don't have much control over that. So I can't easily do any of the suggestions in the examples. What I'd like to be able to do is either:
- Be able to point codeql at some directory in the container (even without git)
- build a container in one job, and then easily use it as a container base in the next step (in practice this does not work, it cannot find the reference. Saving to an artifact to load doesn't help us because we already need the reference.
Even if we could push a temporary container, per the issue (1) I don't think it would work! So I'm opening an issue hoping we can discuss some options. I'm wondering if either there could be support at more easily running codeql directly on a directory I specify in a container (how does it find files?) or providing a base container that has everything ready to go that I could somehow integrate with an automated build. Thanks for your help - let me know if you want to see or discuss anything in particular!
Description of the issue
Hi! 👋 So I'm trying out codeQL for some of my projects - it works great for simple builds (e.g., Python) but I'm hitting issues for more complex builds (e.g., c++). Most of the examples expect an action (within or outside a container) that perform the build after codeql init, and then running codeql analyze. The setups that I have are either:
The build is pretty complex - and yes this is pretty crappy that it doesn't work with one nice make / cmake command, but this project is really old and I don't have much control over that. So I can't easily do any of the suggestions in the examples. What I'd like to be able to do is either:
Even if we could push a temporary container, per the issue (1) I don't think it would work! So I'm opening an issue hoping we can discuss some options. I'm wondering if either there could be support at more easily running codeql directly on a directory I specify in a container (how does it find files?) or providing a base container that has everything ready to go that I could somehow integrate with an automated build. Thanks for your help - let me know if you want to see or discuss anything in particular!