Versioned CodeQL and CodeQL CLI container.
See CodeQL CLI Manual for commands.
# Using uncompiled base
docker pull ghcr.io/nealfennimore/codeql:latest
# Using compiled language (cpp, csharp, csv, go, html, java, javascript, properties, python, xml supported)
docker pull ghcr.io/nealfennimore/codeql:javascript
docker pull ghcr.io/nealfennimore/codeql:go
docker pull ghcr.io/nealfennimore/codeql:cppIf you prefer to build locally instead of using a precompiled image
docker build . \
--build-arg CLI_VERSION=2.7.0 \
--build-arg CODE_LANGUAGE=$CODE_LANGUAGE \
--tag ghcr.io/nealfennimore/codeql:$CODE_LANGUAGETo drop to shell to work with codeql directly
docker run --rm -it \
-v ~/code/db:/tmp/db \
-v ~/code/src:/tmp/src \
-v ~/code/output:/tmp/output \
ghcr.io/nealfennimore/codeql:$CODE_LANGUAGE bash
# Then proceed to create database for the language:
codeql database create --language=$CODE_LANGUAGE --source-root /tmp/src /tmp/db
# Analyze source code and generate report:
codeql database analyze /tmp/db $CODE_LANGUAGE-lgtm.qls --format=sarif-latest --output=/tmp/output/results.sarifdocker run --rm -it \
-v ~/code/db:/tmp/db \
-v ~/code/src:/tmp/src \
ghcr.io/nealfennimore/codeql:$CODE_LANGUAGE \
codeql database create --language=$CODE_LANGUAGE --source-root /tmp/src /tmp/dbdocker run --rm -it \
-v ~/code/db:/tmp/db \
-v ~/code/src:/tmp/src \
-v ~/code/output:/tmp/output \
ghcr.io/nealfennimore/codeql:$CODE_LANGUAGE \
codeql database analyze /tmp/db $CODE_LANGUAGE-lgtm.qls \ # Analyze with default query suites
--format=sarif-latest \
--output=/tmp/output/results.sarif