CodeQL Advanced #21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CodeQL Advanced" | |
| on: | |
| # manual triggering allowed: | |
| workflow_dispatch: | |
| # currently disable any other automatic triggering: | |
| #push: | |
| # branches: [ "main" ] | |
| #pull_request: | |
| # branches: [ "main" ] | |
| #schedule: | |
| # - cron: '45 15 * * 5' | |
| env: | |
| BUILD_TYPE: Release | |
| OPENIA_BIN_DIR: ${{github.workspace}}/bin | |
| VTK_CMAKE_OPTIONS: -DBUILD_SHARED_LIBS=ON -DVTK_BUILD_EXAMPLES=OFF -DVTK_BUILD_TESTING=OFF -DVTK_LEGACY_REMOVE:BOOL=ON -DVTK_MODULE_ENABLE_VTK_GUISupportQt:STRING=YES -DVTK_MODULE_ENABLE_VTK_GUISupportQtSQL:STRING=NO -DVTK_MODULE_ENABLE_VTK_RenderingQt:STRING=YES -DVTK_MODULE_ENABLE_VTK_ViewsQt:STRING=YES -DVTK_MODULE_ENABLE_VTK_RenderingContextOpenGL2:STRING=YES | |
| # optional: -DVTK_SMP_IMPLEMENTATION_TYPE:STRING=${VTK_SMP_TYPE} | |
| # Qt: -DQt6_DIR:PATH=${Qt6_DIR} -DQt6WidgetsTools_DIR:PATH=${Qt6_DIR}WidgetsTools -DQt6CoreTools_DIR:PATH=${Qt6_DIR}CoreTools -DQt6GuiTools_DIR:PATH=${Qt6_DIR}GuiTools | |
| # Compiler: -DCMAKE_CXX_COMPILER:FILEPATH=${CMAKE_CXX_COMPILER} -DCMAKE_C_COMPILER:FILEPATH=${CMAKE_C_COMPILER} | |
| ITK_CMAKE_OPTIONS: -DBUILD_SHARED_LIBS=ON -DBUILD_TESTING:BOOL=OFF -DITK_USE_GPU:BOOL=OFF -DITK_USE_64BITS_IDS:BOOL=ON -DModule_ITKReview:BOOL=ON -DModule_HigherOrderAccurateGradient:BOOL=ON -DModule_SplitComponents:BOOL=ON -DModule_ITKVtkGlue:BOOL=On | |
| OPENIA_CMAKE_OPTIONS: -DopeniA_CUDA_ENABLED:BOOL=OFF -DModule_CommonImageFilters:BOOL=ON -DModule_FeatureCharacteristics:BOOL=ON -DModule_MetaFilters:BOOL=ON -DModule_Metrics:BOOL=ON -DModule_Segmentation:BOOL=ON -DModule_Surfaces:BOOL=ON -DModule_4DCT:BOOL=ON -DModule_BoneThickness:BOOL=ON -DModule_CompVis:BOOL=ON -DModule_DynamicVolumeLines:BOOL=ON -DModule_FeatureAnalyzer:BOOL=ON -DModule_FeatureAnalyzerComputation:BOOL=ON -DModule_FeatureScout:BOOL=ON -DModule_FiAKEr:BOOL=ON -DModule_FilterPreview:BOOL=ON -DModule_FoamCharacterization:BOOL=ON -DModule_FuzzyFeatureTracking:BOOL=ON -DModule_GEMSe:BOOL=ON -DModule_InSpectr:BOOL=ON -DModule_Labelling:BOOL=ON -DModule_NModalTF:BOOL=ON -DModule_Remote:BOOL=ON -DModule_TripleHistogramTF:BOOL=ON -DModule_Uncertainty:BOOL=ON -DModule_VolumePlayer:BOOL=ON | |
| jobs: | |
| # cannot do as separate job - then it would not be accessible (unless via artifacts) | |
| # build_vtk: | |
| # name: Build VTK | |
| # runs-on: ${{ matrix.os }} | |
| # strategy: | |
| # matrix: | |
| # os: [windows-latest, macOS-13, macOS-14] | |
| # steps: | |
| analyze: | |
| name: Analyze (${{ matrix.language }}) | |
| # needs: [build_vtk] | |
| runs-on: 'ubuntu-latest' | |
| permissions: | |
| # required for all workflows | |
| security-events: write | |
| # required to fetch internal or private CodeQL packs | |
| packages: read | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - language: c-cpp | |
| build-mode: manual | |
| - language: javascript-typescript | |
| build-mode: none | |
| steps: | |
| ################################################################## | |
| # open_iA | |
| - name: Checkout open_iA | |
| uses: actions/checkout@v4 | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: ${{ matrix.language }} | |
| build-mode: ${{ matrix.build-mode }} | |
| dependency-caching: true | |
| - name: Qt install | |
| # see https://github.com/marketplace/actions/install-qt for details | |
| uses: jurplel/install-qt-action@v4 | |
| with: | |
| version: '6.8.1' | |
| modules: 'qtcharts qthttpserver qtwebsockets' | |
| setup-python: false | |
| ################################################################## | |
| # VTK | |
| - if: matrix.build-mode == 'manual' | |
| name: Check cache for VTK build | |
| id: cache-vtk | |
| uses: actions/cache@v4 | |
| with: | |
| path: vtk-9.4.1 | |
| key: ${{ runner.os }}-vtk-9.4.1 | |
| - if: ${{ (matrix.build-mode == 'manual' && steps.cache-vtk.outputs.cache-hit != 'true') }} | |
| name: VTK download, extract, configure, build, install | |
| run: | | |
| sudo apt update && sudo apt install libopenmpi-dev libopengl-dev libglx-dev libglw-dev | |
| mkdir -p ${{github.workspace}}/vtk | |
| curl https://vtk.org/files/release/9.4/VTK-9.4.1.tar.gz --output ${{github.workspace}}/vtk/src-9.4.1.tar.gz | |
| cd ${{github.workspace}}/vtk | |
| tar -xvzf src-9.4.1.tar.gz | |
| mkdir bin-9.4.1 | |
| cd bin-9.4.1 | |
| cmake -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} ${{env.VTK_CMAKE_OPTIONS}} -DCMAKE_INSTALL_PREFIX=${{github.workspace}}/vtk-9.4.1 ../VTK-9.4.1 | |
| cmake --build . --config ${{env.BUILD_TYPE}} -j 4 | |
| cmake --install . --config ${{env.BUILD_TYPE}} | |
| cd ../.. | |
| du -sh vtk | |
| rm -r vtk | |
| ls -al vtk-9.4.1 | |
| du -sh vtk-9.4.1 | |
| df -h | |
| ################################################################## | |
| # ITK | |
| - if: matrix.build-mode == 'manual' | |
| name: Check cache for ITK build | |
| id: cache-itk | |
| uses: actions/cache@v4 | |
| with: | |
| path: itk-5.4.0 | |
| key: ${{ runner.os }}-itk-5.4.0 | |
| - if: ${{ (matrix.build-mode == 'manual' && steps.cache-itk.outputs.cache-hit != 'true') }} | |
| name: ITK download, extract, configure, build, install (potentially use cached version) | |
| run: | | |
| mkdir -p ${{github.workspace}}/itk | |
| # redirects to some objects.githubusercontent.com URL - use -L to allow for that! | |
| curl -L https://github.com/InsightSoftwareConsortium/ITK/releases/download/v5.4.0/InsightToolkit-5.4.0.tar.gz --output ${{github.workspace}}/itk/src-5.4.0.tar.gz | |
| cd ${{github.workspace}}/itk | |
| tar -xvzf src-5.4.0.tar.gz | |
| mkdir bin-5.4.0 | |
| cd bin-5.4.0 | |
| cmake -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} ${{env.ITK_CMAKE_OPTIONS}} -DVTK_DIR:PATH=${{github.workspace}}/vtk-9.4.1/lib/cmake/vtk-9.4 -DCMAKE_INSTALL_PREFIX=${{github.workspace}}/itk-5.4.0 ../InsightToolkit-5.4.0 | |
| cmake --build . --config ${{env.BUILD_TYPE}} -j 4 | |
| cmake --install . --config ${{env.BUILD_TYPE}} | |
| cd ../.. | |
| du -sh itk | |
| rm -r itk | |
| ls -al itk-5.4.0 | |
| du -sh itk-5.4.0 | |
| df -h | |
| - if: matrix.build-mode == 'manual' | |
| name: open_iA install dependencies | |
| run: sudo apt update && sudo apt install npm | |
| # vtk dependencies (again to be installed, when we make vtk a cached thing): libopenmpi-dev libopengl-dev libglx-dev libglw-dev | |
| # dependencies stated in superbuild: libgl1-mesa-dev libxt-dev libxt-dev libxcursor-dev libsdl2-dev | |
| # VR: libboost-dev libopenvr-dev libopenxr-dev | |
| # OpenCL: ocl-icd-opencl-dev opencl-headers opencl-clhpp-headers | |
| # clang: clang libomp-dev | |
| # if: runner.os == 'Linux' only runs on ubuntu currently anyway | |
| - if: matrix.build-mode == 'manual' | |
| name: open_iA build | |
| shell: bash | |
| run: | | |
| cmake -B ${{env.OPENIA_BIN_DIR}} -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} ${{env.OPENIA_CMAKE_OPTIONS}} -DITK_DIR=${{github.workspace}}/itk-5.4.0/lib/cmake/ITK-5.4 . | |
| cmake --build ${{env.OPENIA_BIN_DIR}} --config ${{env.BUILD_TYPE}} -j 4 | |
| df -h | |
| #exit 1 | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 | |
| with: | |
| category: "/language:${{matrix.language}}" |