This shared library allows Jenkins pipelines to initialize and perform CodeQL analysis on a project. There exists a Jenkins CodeQL plugin, but currently it only supports installing and setting up the CodeQL CLI on a Jenkins agent during a build.
At a high level, the purpose of this library is to perform the following:
- Download CodeQL
- Detect languages of the project
- Run dynamic CodeQL init step
- if (language == compiled)
- Trace the build (set environment variables)
- Run commands in plugin block
- Run finalize and analyze commands on all databases
- Upload results to the project repository
A list of helpful references:
A list of known issues is available on the GitHub issues page of this project.
This section will contain instructions for using the shared library.
Read and understand our contribution guidelines before opening a pull request.