From c87f3021d45bb310d6736f884852a1a3c8093ad7 Mon Sep 17 00:00:00 2001 From: Simon Engledew Date: Wed, 4 Nov 2020 19:27:29 +0000 Subject: [PATCH] Expand readme to include codeql-path output example Also add example from README into workflow to confirm it is accurate. --- .github/workflows/codeql.yml | 4 ++++ README.md | 16 +++++++++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e5e35000a..5777edbc7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -15,7 +15,11 @@ jobs: steps: - uses: actions/checkout@v2 - uses: ./init + id: init with: languages: javascript config-file: ./.github/codeql/codeql-config.yml + # example from README.md + - name: Print CodeQL Version + run: ${{steps.init.outputs.codeql-path}} version --format=json - uses: ./analyze diff --git a/README.md b/README.md index dab7930b3..e5bc673ff 100644 --- a/README.md +++ b/README.md @@ -125,10 +125,24 @@ By default, this will override any queries specified in a config file. If you wi queries: +, ``` -### CodeQL Path +### Calling CodeQL Directly The `init` action makes the path to CodeQL available as the output `codeql-path`. +With this you can access the `codeql` binary: + + +```yaml +- name: Initialize CodeQL + uses: github/codeql-action/init@v1 + id: init + with: + languages: javascript + +- name: Print CodeQL Version + run: ${{steps.init.outputs.codeql-path}} version --format=json +``` + ## Troubleshooting Read about [troubleshooting code scanning](https://help.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/troubleshooting-code-scanning).