Merge pull request #3 from GitHubSecurityLab/go_packs

Combine GoLang QLPacks

Author: Alvaro Muñoz

.github/workflows/build.yml

@@ -12,13 +12,10 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        # language: [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby', 'swift' ]
-        language: [ 'java' ]
+        language: [ 'java', 'go' ]
 
     steps:
       - uses: actions/checkout@v3
-        # with:
-        #   submodules: true
 
       # Conditionally run actions based on files modified by PR, feature branch or pushed commits
       - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50
@@ -75,7 +72,6 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        # language: [ 'csharp', 'java', 'javascript' ]
         language: [ 'java' ]
 
     steps:
@@ -104,8 +100,36 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ github.token }}
         run: |
-          codeql pack install "${{ matrix.language }}/ext/"
-          codeql pack install "${{ matrix.language }}/ext-library-sources/"
-          codeql pack create "${{ matrix.language }}/ext/"
-          codeql pack create "${{ matrix.language }}/ext-library-sources/"
+          gh extension install github/gh-codeql
+          gh codeql pack install "${{ matrix.language }}/ext/"
+          gh codeql pack create "${{ matrix.language }}/ext/"
+
+  library-sources:
+    runs-on: ubuntu-latest
+    
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'java' ]
+
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          submodules: true
+
+      - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50
+        id: changes
+        with:
+          filters: |
+            src:
+              - '${{ matrix.language }}/ext-library-sources/**'
+
+      - name: Install CodeQL
+        if: steps.changes.outputs.src == 'true'
+        env:
+          GITHUB_TOKEN: ${{ github.token }}
+        run: |
+          gh extension install github/gh-codeql
+          gh codeql pack install "${{ matrix.language }}/ext-library-sources/"
+          gh codeql pack create "${{ matrix.language }}/ext-library-sources/"
 

codeql-workspace.yml

@@ -1,2 +1,3 @@
 provide:
 - java/**/qlpack.yml
+- go/**/qlpack.yml

go/ext/codeql-pack.lock.yml

@@ -0,0 +1,4 @@
+---
+lockVersion: 1.0.0
+dependencies: {}
+compiled: false

go/ext/generated/.gitkeep

@@ -0,0 +1,10 @@
+library: true
+name: githubsecuritylab/codeql-go-extensions
+version: 0.0.1
+extensionTargets:
+  codeql/go-all: '*'
+  codeql/go-queries: '*'
+  githubsecuritylab/codeql-go-queries: '*'
+dataExtensions:
+  - manual/*.yml
+  - generated/*.yml

go/ext/manual/.gitkeep

@@ -0,0 +1,16 @@
+---
+lockVersion: 1.0.0
+dependencies:
+  codeql/dataflow:
+    version: 0.0.3
+  codeql/go-all:
+    version: 0.6.4
+  codeql/mad:
+    version: 0.1.4
+  codeql/ssa:
+    version: 0.1.4
+  codeql/tutorial:
+    version: 0.1.4
+  codeql/util:
+    version: 0.1.4
+compiled: false