Skip to content

Commit 1f94aca

Browse files
Merge pull request #23 from FrameworkComputer/codeql
Run CodeQL and DVL generation on GitHub Actions
2 parents 4e15675 + 95a8363 commit 1f94aca

2 files changed

Lines changed: 60 additions & 0 deletions

File tree

.github/codeql/codeql-config.yml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
# CodeQL configuration for WHCP Windows 11 25H2 certification
2+
# See: https://learn.microsoft.com/en-us/windows-hardware/drivers/devtest/static-tools-and-codeql
3+
disable-default-queries: true
4+
packs:
5+
- microsoft/cpp-queries@0.0.4:codeql-suites/cpp-code-scanning.qls
6+
- microsoft/windows-drivers@1.8.0:windows-driver-suites/recommended.qls

.github/workflows/codeql.yml

Lines changed: 54 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,54 @@
1+
name: "CodeQL Analysis"
2+
3+
on:
4+
push:
5+
paths-ignore:
6+
- '**.md'
7+
- 'LICENSE'
8+
9+
jobs:
10+
codeql:
11+
runs-on: windows-2022
12+
permissions:
13+
security-events: write
14+
steps:
15+
- name: Check out repository code
16+
uses: actions/checkout@v4
17+
18+
- name: Initialize CodeQL
19+
uses: github/codeql-action/init@v4
20+
with:
21+
languages: cpp
22+
# Pin CodeQL CLI version for WHCP Windows 11 25H2 certification
23+
# See: https://learn.microsoft.com/en-us/windows-hardware/drivers/devtest/static-tools-and-codeql
24+
tools: https://github.com/github/codeql-action/releases/download/codeql-bundle-v2.20.1/codeql-bundle-win64.tar.gz
25+
config-file: .github/codeql/codeql-config.yml
26+
27+
- name: Add MSBuild to PATH
28+
uses: microsoft/setup-msbuild@v2
29+
30+
- name: Build solution
31+
run: |
32+
msbuild FrameworkSensors\FrameworkSensors.sln /property:Configuration=Release /property:Platform=x64
33+
34+
- name: Perform CodeQL analysis
35+
uses: github/codeql-action/analyze@v4
36+
with:
37+
output: sarif-results
38+
39+
- name: Upload SARIF file
40+
uses: actions/upload-artifact@v4
41+
with:
42+
name: codeql-sarif
43+
path: sarif-results
44+
45+
- name: Generate DVL
46+
shell: cmd
47+
run: |
48+
"C:\Program Files (x86)\Windows Kits\10\Tools\dvl\dvl.exe" /manualCreate FrameworkSensors X64 /sarifPath sarif-results
49+
50+
- name: Upload DVL
51+
uses: actions/upload-artifact@v4
52+
with:
53+
name: dvl
54+
path: sarif-results/FrameworkSensors.DVL.XML

0 commit comments

Comments
 (0)