зеркало из
1
0
Форкнуть 0
codeql-learninglab-actions/codeql-learninglab-check
Xavier RENE-CORAIL eaf74bbb45 Debug DB upgrade failure 2020-08-28 12:36:00 -07:00
..
package Debug DB upgrade failure 2020-08-28 12:36:00 -07:00
Dockerfile Update Dockerfile 2020-08-21 16:21:30 -07:00
README.md Replace Semmle/ql with GitHub/codeql 2020-07-31 17:52:27 +02:00
publish.sh Update publish.sh 2020-08-24 17:49:49 -07:00

README.md

🐳 codeql-learninglab-check

This is the docker image used as the base for query-checking actions used by CodeQL Learning Lab courses, and it is published to GitHub Packages.

Usage

For instructions on how to use this docker image, please see Creating your own course in the main README.

Architecture / Components

This docker image bundles a number of elements:

  • Dependency: Some debian packages, importantly including Node v12.
  • Dependency: The CodeQL CLI binaries from codeql-cli-binaries
  • Dependency: A checkout of the GitHub/codeql repository, pinned to a specific version.
  • The core action JavaScript/TypeScript code from package/, and all its NPM dependencies.

Updating the CodeQL dependencies

You will want to make sure that the versions of the CodeQL CLI and GitHub/codeql are compatible.

  • Updating the CodeQL CLI: Modify the URL for the CLI in Dockerfile.
  • Updating the GitHub/codeql repo: Update the RUN git checkout <ref> line in Dockerfile to a git sha / reference that is compatible with the version of the CodeQL CLI that is in use.

Releasing

After making changes to any of the elements of this docker image, including the source code in package/, for courses to make use of these changes you need to make a release.

This repository has a GitHub Actions workflow configured on pushes to master to automatically publish the image using the script publish.sh. It will check to see if an image has already been published for the current version, and if not it will build and publish the image automatically. So to publish a new version, simply change the IMAGE_VERSION variable in publish.sh, and push to master.

Note: it's probably best to avoid publishing to latest so that courses have to specify an explicit as their base images, so that courses won't break unexpectedly with breaking changes to this image

Updating downstream dependencies

Once you have updated this base image, you probably want to also update a number of the courses to use this updated image.

See the main CONTRIBUTING.md file for more info.