Skip to content

advanced-security/codeql-docker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
.github
.github
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
aliases.sh
aliases.sh
 
 
install.sh
install.sh
 
 

Repository files navigation

codeql-docker

CodeQL Docker image build on Ubuntu latest Docker image

Building Image

The install script will find and install the latest CodeQL bundle which contains the current version of the CLI and queries.

docker build -t organization/codeql .

Running

Dropping into shell
docker run -it  -v $PWD:/workspace geekmasher/codeql

Example Analysis

# Create database
codeql database create database_name --language=javascript

# Run analysis
codeql database analyze database_name \
    --format "sarif-latest" \
    --output "codeql-results.json" \
    javascript-code-scanning.qls

# Upload results to GitHub
codeql github upload-results --repository=<repository-name> \
      --ref=$GIT_REF \
      --commit=$GIT_HASH \
      --sarif="codeql-results.json"

Aliases

In the ~/.bashrc there is a number of values and functions that hopefully will make it a lot easier to use CodeQL CLI. This isn't required and can be removed in the Dockerfile.

About

CodeQL Docker image

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

5 stars

Watchers

1 watching

Forks

8 forks
Report repository

Releases 8

codeql-bundle-20220311 Latest
Mar 17, 2022
+ 7 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages