{"id":13809761,"url":"https://github.com/advanced-security/sample-codeql-pipeline-config","last_synced_at":"2025-08-21T11:19:06.952Z","repository":{"id":167175579,"uuid":"629994363","full_name":"advanced-security/sample-codeql-pipeline-config","owner":"advanced-security","description":"Integrate CodeQL into CI/CD pipelines, using the CodeQL CLI Bundle for Automated Code Scanning","archived":false,"fork":false,"pushed_at":"2025-04-21T23:06:06.000Z","size":103,"stargazers_count":19,"open_issues_count":1,"forks_count":11,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-22T00:20:25.690Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/advanced-security.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":"SECURITY.md","support":"SUPPORT.md","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-04-19T12:56:43.000Z","updated_at":"2025-04-21T23:06:11.000Z","dependencies_parsed_at":"2023-12-14T18:46:07.079Z","dependency_job_id":"c92f4b90-0043-4151-ac47-7eb68d4121ae","html_url":"https://github.com/advanced-security/sample-codeql-pipeline-config","commit_stats":null,"previous_names":["advanced-security/sample-codeql-pipeline-config"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/advanced-security/sample-codeql-pipeline-config","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/advanced-security%2Fsample-codeql-pipeline-config","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/advanced-security%2Fsample-codeql-pipeline-config/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/advanced-security%2Fsample-codeql-pipeline-config/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/advanced-security%2Fsample-codeql-pipeline-config/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/advanced-security","download_url":"https://codeload.github.com/advanced-security/sample-codeql-pipeline-config/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/advanced-security%2Fsample-codeql-pipeline-config/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":260834996,"owners_count":23070205,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T02:00:35.650Z","updated_at":"2025-08-21T11:19:06.937Z","avatar_url":"https://github.com/advanced-security.png","language":null,"readme":"# Sample pipeline files for using CodeQL in popular CI/CD systems\n\n\u003e ℹ️ This is an _unofficial_ project created by Field Security Services, and is not officially supported by GitHub.\n\nThis repository shows how to integrate CodeQL into various CI/CD systems, using the CodeQL CLI Bundle for Automated Code Scanning, in example pipeline configuration files.\n\nThese are supplementary to the GitHub.com docs on [setting up CodeQL code scanning in your CI system](https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/about-codeql-code-scanning-in-your-ci-system).\n\nThe CI/CD systems covered here are Jenkins, Azure Pipelines, CircleCI, TravisCI, AWS CodeBuild and DroneCI.\n\nGitHub Actions is natively supported by GitHub Advanced Security, so use the instructions in the [GitHub.com docs to set up CodeQL for your repository](https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/customizing-code-scanning).\n\nFor each CI/CD system a template is provided for both Windows and Linux.\n\nThere are examples/guidance for:\n\n1. automatic builds for compiled languages using the AutoBuilder (with no `--command` flag)\n2. manual builds for compiled languages with a `--command` flag\n3. analysis of interpreted languages (which don't need a build)\n4. (for Azure and Jenkins) an advanced example using indirect build tracing (\"sandwich mode\") wrapped around manually specified build commands\n\n\u003e ℹ️ This is an _unofficial_ project created by Field Security Services, and is not officially supported by GitHub.\n\n## Requirements\n\n\u003e ℹ️ You must be using GitHub Advanced Security to use these pipeline files. If you are not using GitHub Advanced Security, please see the [GitHub Advanced Security website](https://github.com/features/security) for more information.\n\n1. A CI/CD pipeline using one of:\n    * AWS CodeBuild\n    * Azure Pipelines\n    * CircleCI\n    * DroneCI\n    * Jenkins\n    * TravisCI\n2. The [CodeQL Bundle](https://github.com/github/codeql-action/releases) installed in the CI/CD pipeline\n3. [GitHub PAT to push results back to GitHub Advanced Security](https://docs.github.com/en/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system#uploading-results-to-github)\n\n## Usage\n\n1. [Download and install the CodeQL Bundle in your CI system](https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/installing-codeql-cli-in-your-ci-system), testing that it works\n2. Copy the relevant pipeline file from this repository into your repository\n3. [Update the pipeline file with your required settings](https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system/configuring-codeql-cli-in-your-ci-system)\n    * read the [creating CodeQL database documentation for help](https://codeql.github.com/docs/codeql-cli/manual/database-create/)\n    * the [full CodeQL CLI documentation](https://docs.github.com/en/enterprise-cloud@latest/code-security/codeql-cli/using-the-codeql-cli/about-the-codeql-cli) may also be useful\n\n## License\n\nThis project is licensed under the terms of the MIT open source license. Please refer to the [LICENSE](LICENSE) for the full terms.\n\n## Maintainers\n\nSee [CODEOWNERS](CODEOWNERS) for the list of maintainers.\n\n## Support\n\nSee the [SUPPORT](SUPPORT.md) file.\n\n## Background\n\nSee the [CHANGELOG](CHANGELOG.md), [CONTRIBUTING](CONTRIBUTING.md), [SECURITY](SECURITY.md), [SUPPORT](SUPPORT.md), [CODE OF CONDUCT](CODE_OF_CONDUCT.md) and [PRIVACY](PRIVACY.md) files for more information.\n","funding_links":[],"categories":["CodeQL Samples"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadvanced-security%2Fsample-codeql-pipeline-config","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fadvanced-security%2Fsample-codeql-pipeline-config","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadvanced-security%2Fsample-codeql-pipeline-config/lists"}