name: "CodeQL Advanced" on: pull_request: branches: - amd-staging push: branches: - amd-staging schedule: - cron: '34 18 * * 5' jobs: analyze: name: Analyze (${{ matrix.language }}) # Runner size impacts CodeQL analysis time. To learn more, please see: # - https://gh.io/recommended-hardware-resources-for-running-codeql # - https://gh.io/supported-runners-and-hardware-resources # - https://gh.io/using-larger-runners (GitHub.com only) # Consider using larger runners or machines with greater resources for possible analysis time improvements. runs-on: ${{ 'ubuntu-latest' }} permissions: # required for all workflows security-events: write # required to fetch internal or private CodeQL packs packages: read # only required for workflows in private repositories actions: read contents: read strategy: fail-fast: false matrix: include: - language: c-cpp build-mode: manual steps: - name: Checkout repository uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v5 with: python-version: '3.12.6' - name: Install CMake run: python3 -m pip install cmake - name: Install Virtualenv run: python3 -m pip install virtualenv - name: Install g++ run: sudo apt-get install -y g++ - name: Install libdrm run: sudo apt-get install -y libdrm-dev - name: Install DOxygen run: sudo apt-get install -y doxygen - name: Install LaTeX run: sudo apt-get install -y texlive - name: Clean old ROCm directories run: | sudo rm -rf /opt/rocm sudo rm -rf /opt/rocm-* # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} queries: security-extended - name: Create build directory run: mkdir -p build - name: Build AMD SMI Library run: | cd build cmake .. make -j $(nproc) - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}"