name: "CodeQL"

on:
  workflow_dispatch:
  schedule:
    - cron: '0 3 * * *'

jobs:
  analyze:
    name: Analyze
    runs-on: ubuntu-latest
    permissions: write-all
    steps:
    - name: Install deps
      run: sudo apt-get install bison flex libreadline-dev tcl-dev libffi-dev

    - name: Checkout repository
      uses: actions/checkout@v4
      with:
       submodules: true
       ssh-key: ${{ secrets.SSH_PRIVATE_KEY }}
    - name: Initialize CodeQL
      uses: github/codeql-action/init@v3
      with:
        languages: cpp
        queries: security-extended,security-and-quality

    - name: Build Verific
      run: cd verific/tclmain && make -j6

    - name: Build Yosys
      run: make yosys -j6 ENABLE_PYOSYS=0 ENABLE_CCACHE=0 ENABLE_EDITLINE=0

    - name: Perform CodeQL Analysis
      uses: github/codeql-action/analyze@v3