Skip to content

Add a CodeQL extractor for SAP CAP cds files #158

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 24 commits into from
Nov 19, 2024
Merged

Add a CodeQL extractor for SAP CAP cds files #158

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
5b68a82
Add a CodeQL SAP CAP cds extractor
lcartey Oct 16, 2024
d519169
Add a hook for the JavaScript extractor for running CDS analysis
lcartey Oct 16, 2024
ab23d31
Add a compile-cds.sh which uses the CDS extractor
lcartey Oct 16, 2024
8eb5eb3
Update Code Scanning workflow to use the CDS extractor
lcartey Oct 16, 2024
d6b85d6
Fix naming of compile-cds.sh
lcartey Oct 16, 2024
db37677
Index the .cds files themselves
lcartey Oct 16, 2024
82f33b3
Set CODEQL_DIST in the action workflow
lcartey Oct 16, 2024
554cc40
Use build-mode:autobuild to see if we can get the right env vars in play
lcartey Oct 16, 2024
80cbdc0
Export database location for later use
lcartey Oct 16, 2024
2f04e96
Fix added quote
lcartey Oct 16, 2024
47e028e
Fix name of env var
lcartey Oct 16, 2024
52af6be
Synchronize path of CodeQL database
lcartey Oct 16, 2024
37997b3
index-files.sh: fix bug in export of LGTM_INDEX_FILETYPES variable
lcartey Nov 13, 2024
1ef0be1
Install the CDS toolkit in each relevant directory
lcartey Nov 14, 2024
ed24668
Adjust the inclusion/exclusion for cds
lcartey Nov 14, 2024
e1c1ee6
Fix `find` command exec argument quoting
lcartey Nov 14, 2024
ab2428a
Improve commenting
lcartey Nov 14, 2024
e4086d2
Re-enable json extraction
lcartey Nov 18, 2024
7544dbc
Honour the paths-ignore (but not paths) config var
lcartey Nov 18, 2024
4e3be55
Correct inverted condition
lcartey Nov 18, 2024
3a8c077
Fix grep command on LGTM_INDEX_FILTERS
lcartey Nov 19, 2024
41fec32
Improve logging for filter settings
lcartey Nov 19, 2024
3701318
Fixup quoting of newlines
lcartey Nov 19, 2024
c16f2f0
Merge branch 'main' into lcartey/cds-extractor
jeongsoolee09 Nov 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 15 additions & 23 deletions .github/workflows/code_scanning.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,6 @@ on:
- cron: '39 12 * * 2'
workflow_dispatch:

env:
LGTM_INDEX_XML_MODE: all
LGTM_INDEX_FILETYPES: ".json:JSON\n.cds:JSON"

jobs:
analyze-javascript:
name: Analyze
Expand All @@ -37,40 +33,36 @@ jobs:
mv $dir .github/codeql/extensions/$dir
done

- name: Ensure presence of cds shell command
run: |
if ! command -v cds &> /dev/null
then
npm install -g @sap/cds-dk
fi

# Compile .cds files to .cds.json files.
- name: Compile CAP CDS files
run: |
for cds_file in $(find . -type f \( -iname '*.cds' \) -print)
do
echo "I am compiling $cds_file"
cds compile $cds_file \
-2 json \
-o "$cds_file.json" \
--locations
done

- name: Extract CodeQL bundle version from qlt.conf.json
run: |
echo "BUNDLE_VERSION=$(jq .CodeQLCLIBundle qlt.conf.json -r)" >> $GITHUB_ENV

- name: Initialize CodeQL
id: initialize-codeql
uses: github/codeql-action/init@v3
env:
# Add our custom extractor to the CodeQL search path
CODEQL_ACTION_EXTRA_OPTIONS: '{"database":{"init":["--search-path","${{ github.workspace }}/extractors"]}}'
with:
languages: javascript
config-file: ./.github/codeql/codeql-config.yaml
db-location: ${{ runner.temp }}/codeql-database
tools: https://github.com/github/codeql-action/releases/download/${{env.BUNDLE_VERSION}}/codeql-bundle-linux64.tar.gz
debug: true

- name: Run CDS extractor
shell: bash
run: |
export CODEQL_DIST="$(dirname "${{ steps.initialize-codeql.outputs.codeql-path }}")"
export CODEQL_EXTRACTOR_JAVASCRIPT_WIP_DATABASE="${{ runner.temp }}/codeql-database/javascript"
${{ github.workspace }}/scripts/compile-cds.sh

- name: Perform CodeQL Analysis
id: analyze
uses: github/codeql-action/analyze@v3
env:
LGTM_INDEX_XML_MODE: all
LGTM_INDEX_FILETYPES: ".json:JSON"

- name: Setup Python
uses: actions/setup-python@v5
Expand Down
Loading