Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/advanced-security/codeql-docker
CodeQL Docker image
https://github.com/advanced-security/codeql-docker
Last synced: 2 months ago
JSON representation
CodeQL Docker image
- Host: GitHub
- URL: https://github.com/advanced-security/codeql-docker
- Owner: advanced-security
- License: mit
- Created: 2021-06-28T17:36:27.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2022-06-27T13:09:35.000Z (over 2 years ago)
- Last Synced: 2024-04-14T11:43:00.469Z (6 months ago)
- Language: Shell
- Size: 23.4 KB
- Stars: 5
- Watchers: 1
- Forks: 6
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
- awesome-codeql - codeql-docker - CodeQL Docker image (CodeQL Containers)
README
# codeql-docker
CodeQL Docker image build on Ubuntu latest Docker image
## Building Image
The install script will find and install the latest CodeQL bundle which contains the current version of the CLI and queries.
```bash
docker build -t organization/codeql .
```
## Running
##### Dropping into shell
```bash
docker run -it -v $PWD:/workspace geekmasher/codeql
```
### Example Analysis
```bash
# Create database
codeql database create database_name --language=javascript
# Run analysis
codeql database analyze database_name \
--format "sarif-latest" \
--output "codeql-results.json" \
javascript-code-scanning.qls
# Upload results to GitHub
codeql github upload-results --repository= \
--ref=$GIT_REF \
--commit=$GIT_HASH \
--sarif="codeql-results.json"
```
### Aliases
In the `~/.bashrc` there is a number of values and functions that hopefully will make it a lot easier to use CodeQL CLI.
This isn't required and can be removed in the `Dockerfile`.