mbg
commented
1 month ago Hi @Pabloo-ss 👋🏻
Thanks for the question. Firstly, for Go, we do not support builds with Bazel. That is because Bazel does not use the ordinary Go build tooling (i.e. go build) under the hood when building Go applications. Unfortunately it is not straightforward to add support for the way that Bazel builds Go projects. We monitor how much demand there is for this and may look into adding support in the future, but we do not currently have any plans to work on this.
For Java, we do support Bazel-based builds and have an example in our documentation:
# Navigate to the Bazel workspace.
# Before building, remove cached objects
# and stop all running Bazel server processes.
bazel clean --expunge
# Build using the following Bazel flags, to help CodeQL detect the build:
# `--spawn_strategy=local`: build locally, instead of using a distributed build
# `--nouse_action_cache`: turn off build caching, which might prevent recompilation of source code
# `--noremote_accept_cached`, `--noremote_upload_local_results`: avoid using a remote cache
# `--disk_cache=`: avoid using a disk cache. Note that a disk cache is no longer considered a remote cache as of Bazel 6.
codeql database create new-database --language=<language> \
--command='bazel build --spawn_strategy=local --nouse_action_cache --noremote_accept_cached --noremote_upload_local_results --disk_cache= //path/to/package:target'
# After building, stop all running Bazel server processes.
# This ensures future build commands start in a clean Bazel server process
# without CodeQL attached.
bazel shutdown
Pabloo-ss
Description of the issue
I am trying to use code scanning in two of my projects (a Java and a Go app), both using bazel as building tool. I set manual as build-mode and write the building command:
The problems I encountered are:
What I want to know if codeQL (and therefore GH code scanning) works properly when bazel comes into play? Does it need additional set up?
Thanks in advance!!