Skip to content
🔒 CodeQL

Add Lorentz force on dust #7431

Sign in to view logs

Add Lorentz force on dust

Add Lorentz force on dust #7431

Workflow file for this run

.github/workflows/codeql.yml at e263480
name: 🔒 CodeQL
on:
push:
branches: [ "development" ]
pull_request:
branches: [ "development" ]
schedule:
- cron: "27 3 * * 0"
concurrency:
group: ${{ github.ref }}-${{ github.head_ref }}-codeql
cancel-in-progress: true
permissions:
contents: read
jobs:
check-changes:
runs-on: ubuntu-latest
outputs:
code-changed: ${{ steps.changes.outputs.code }}
steps:
- uses: actions/checkout@v6
- uses: dorny/paths-filter@v4
id: changes
with:
filters: |
code:
- 'src/**'
- 'extern/amrex/**'
- 'extern/Microphysics/**'
- 'extern/fmt/**'
- 'extern/grackle_data_files/**'
- 'extern/openPMD-api/**'
- 'extern/yaml-cpp/**'
- 'extern/turbulence/**'
- 'inputs/**'
- 'CMakeLists.txt'
- '**/*.cpp'
- '**/*.c'
- '**/*.hpp'
- '**/*.h'
- '.github/workflows/codeql.yml'
- '.github/workflows/codeql/codeql-config.yml'
analyze:
needs: check-changes
if: ${{ needs.check-changes.outputs.code-changed == 'true' && (github.repository == 'quokka-astro/quokka' || github.event_name != 'schedule') }}
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ python ]
steps:
- name: Checkout
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4.2.2
with:
submodules: true
fetch-depth: 0
- name: Install Packages (C++)
if: ${{ matrix.language == 'cpp' }}
run: |
sudo apt-get update
sudo apt-get install --yes cmake openmpi-bin libopenmpi-dev libhdf5-openmpi-dev
.github/workflows/dependencies/dependencies_ccache.sh
sudo ln -s /usr/local/bin/ccache /usr/local/bin/g++
- name: Set Up Cache
if: ${{ matrix.language == 'cpp' }}
uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
with:
path: ~/.cache/ccache
key: ccache-${{ github.workflow }}-${{ github.job }}-git-${{ github.sha }}
restore-keys: |
ccache-${{ github.workflow }}-${{ github.job }}-git-
- name: Configure (C++)
if: ${{ matrix.language == 'cpp' }}
run: |
cmake -S . -B build \
-DAMReX_SPACEDIM=3 \
-DQUOKKA_PYTHON=OFF \
-DCMAKE_VERBOSE_MAKEFILE=ON \
-DCMAKE_CXX_COMPILER="/usr/local/bin/g++"
- name: Initialize CodeQL
uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v3.29.5
with:
languages: ${{ matrix.language }}
queries: +security-and-quality
config-file: ./.github/workflows/codeql/codeql-config.yml
- name: Build (py)
uses: github/codeql-action/autobuild@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v3.29.5
if: ${{ matrix.language == 'python' }}
- name: Build (C++)
if: ${{ matrix.language == 'cpp' }}
run: |
export CCACHE_COMPRESS=1
export CCACHE_COMPRESSLEVEL=10
export CCACHE_MAXSIZE=30M
ccache -z
cmake --build build -j 4
ccache -s
du -hs ~/.cache/ccache
# Make sure CodeQL has something to do
touch src/main.cpp
export CCACHE_DISABLE=1
cd build
make -j 4
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v3.29.5
with:
category: "/language:${{ matrix.language }}"
# Critical: Always-success job for branch protection
codeql-success:
needs: [check-changes, analyze]
if: always() # Run regardless of analyze job outcome
runs-on: ubuntu-latest
steps:
- name: CodeQL Status
run: |
if [[ "${{ needs.check-changes.outputs.code-changed }}" == "true" ]]; then
if [[ "${{ needs.analyze.result }}" == "success" ]]; then
echo "CodeQL analysis completed successfully"
exit 0
else
echo "CodeQL analysis failed"
exit 1
fi
else
echo "CodeQL analysis skipped - no relevant code changes"
exit 0
fi
save_pr_number:
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
steps:
- name: Save PR number
env:
PR_NUMBER: ${{ github.event.number }}
run: |
echo $PR_NUMBER > pr_number.txt
- uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
with:
name: pr_number
path: pr_number.txt
retention-days: 1