jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-26 05:02:55 -05:00
Code Issues Projects Releases Wiki Activity
Files
4008de0e4f584657dd46b1d28fef00aaeff50721
docs/data/reusables/code-scanning/codeql-runner-analyze-example.md
mc 7e002e6008 Code scanning: replace deprecated --github-auth flag with new --github-auth-stdin flag (#19466) 
* replace deprecated flag with new flag

* rework liquid versioning in article

* update flag descriptions to latest

* fix table formatting

* more table formatting

* Apply suggestions from code review

Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>

* address latest review comments

* version new flag for GHES 3.1+ only

* fix list numbeting

Co-authored-by: Andrew Eisenberg <aeisenberg@github.com>
2021-05-24 09:17:08 +01:00

3.5 KiB
Raw Blame History

  1. Populate the {% data variables.product.prodname_codeql %} databases, analyze them, and upload the results to {% data variables.product.product_name %}. The results will appear in the Security tab for your repository. {% if currentVersion ver_lt "enterprise-server@3.1" %}

    $ /path/to-runner/codeql-runner-linux analyze --repository octo-org/example-repo
    --github-url {% data variables.command_line.git_url_example %} --github-auth TOKEN
    --commit 5b6a3078b31dc346e5ce7b86837d6abbe7a18bbd --ref refs/heads/my-branch
> Finalizing database creation
> ...
> POST /repos/octo-org/example-repo/code-scanning/sarifs - 202 in 786ms
> Successfully uploaded results

{% else %}

```shell
$ echo "$TOKEN" | /path/to-runner/codeql-runner-linux analyze --repository octo-org/example-repo
    --github-url {% data variables.command_line.git_url_example %} --github-auth-stdin
    --commit 5b6a3078b31dc346e5ce7b86837d6abbe7a18bbd --ref refs/heads/my-branch
> Finalizing database creation
> ...
> POST /repos/octo-org/example-repo/code-scanning/sarifs - 202 in 786ms
> Successfully uploaded results
```

{% endif %} 2. To upload {% data variables.product.prodname_code_scanning %} results as pull request checks, specify the pull request using the --ref flag. We recommend setting up the {% data variables.product.prodname_codeql_runner %} so that it runs on the pull_request webhook event. {% if currentVersion ver_lt "enterprise-server@3.1" %}

```shell
$ /path/to-runner/codeql-runner-linux analyze --repository octo-org/example-repo
    --github-url {% data variables.command_line.git_url_example %} --github-auth TOKEN
    --commit 1dc7a1346e5ce7b86835b68bbda3078b37d6abbe --ref refs/pull/123/merge
> Finalizing database creation
> ...
> POST /repos/octo-org/example-repo/code-scanning/sarifs - 202 in 786ms
> Successfully uploaded results
```

{% else %}

```shell
$ echo "$TOKEN" | /path/to-runner/codeql-runner-linux analyze --repository octo-org/example-repo
    --github-url {% data variables.command_line.git_url_example %} --github-auth-stdin
    --commit 1dc7a1346e5ce7b86835b68bbda3078b37d6abbe --ref refs/pull/123/merge
> Finalizing database creation
> ...
> POST /repos/octo-org/example-repo/code-scanning/sarifs - 202 in 786ms
> Successfully uploaded results
```

{% endif %}

{% if currentVersion ver_lt "enterprise-server@3.1" %} For more information about viewing {% data variables.product.prodname_code_scanning %} alerts, see "Triaging code scanning alerts in pull requests" and "Managing code scanning alerts for your repository." {% else %} For more information about viewing {% data variables.product.prodname_code_scanning %} alerts, see "Triaging code scanning alerts in pull requests" and "Managing code scanning alerts for your repository." {% endif %}

Reference in New Issue View Git Blame Copy Permalink