diff --git a/scripts/unix/analyze_security.sh b/scripts/unix/analyze_security.sh index fd327c2..6a3e494 100755 --- a/scripts/unix/analyze_security.sh +++ b/scripts/unix/analyze_security.sh @@ -58,7 +58,7 @@ else fi print_yellow "\nRunning the Quality and Security rules on the project" -docker run --rm --name codeql-container -v ${inputfile}:/opt/src -v ${outputfile}:/opt/results -e CODEQL_CLI_ARGS=database\ analyze\ /opt/results/source_db\ --format=sarifv2\ --output=/opt/results/issues.sarif\ ${language}-security-and-quality.qls mcr.microsoft.com/cstsectools/codeql-container +docker run --rm --name codeql-container -v ${inputfile}:/opt/src -v ${outputfile}:/opt/results -e CODEQL_CLI_ARGS=database\ analyze\ /opt/results/source_db\ --format=sarifv2.1.0\ --output=/opt/results/issues.sarif\ ${language}-security-and-quality.qls mcr.microsoft.com/cstsectools/codeql-container if [ $? -eq 0 ] then print_green "\nQuery execution successful" @@ -67,4 +67,4 @@ else exit 3 fi -[ $? -eq 0 ] && print_yellow "The results are saved at ${2}/issues.sarif" \ No newline at end of file +[ $? -eq 0 ] && print_yellow "The results are saved at ${2}/issues.sarif" diff --git a/scripts/unix/run_ql_suite.sh b/scripts/unix/run_ql_suite.sh index eebe17e..c696231 100755 --- a/scripts/unix/run_ql_suite.sh +++ b/scripts/unix/run_ql_suite.sh @@ -60,7 +60,7 @@ else fi print_yellow "\nRunning the ${qlpack} ql pack rules on the project" -docker run --rm --name codeql-container -v ${inputfile}:/opt/src -v ${outputfile}:/opt/results -e CODEQL_CLI_ARGS=database\ analyze\ /opt/results/source_db\ --format=sarifv2\ --output=/opt/results/issues.sarif\ ${language}-${qlpack}.qls mcr.microsoft.com/cstsectools/codeql-container +docker run --rm --name codeql-container -v ${inputfile}:/opt/src -v ${outputfile}:/opt/results -e CODEQL_CLI_ARGS=database\ analyze\ /opt/results/source_db\ --format=sarifv2.1.0\ --output=/opt/results/issues.sarif\ ${language}-${qlpack}.qls mcr.microsoft.com/cstsectools/codeql-container if [ $? -eq 0 ] then print_green "\nQuery execution successful" @@ -69,4 +69,4 @@ else exit 3 fi -[ $? -eq 0 ] && print_yellow "The results are saved at ${2}/issues.sarif" \ No newline at end of file +[ $? -eq 0 ] && print_yellow "The results are saved at ${2}/issues.sarif" diff --git a/scripts/windows/analyze_security.bat b/scripts/windows/analyze_security.bat index ecc47b2..0977d95 100644 --- a/scripts/windows/analyze_security.bat +++ b/scripts/windows/analyze_security.bat @@ -38,7 +38,7 @@ if %errorlevel% GTR 0 ( ) call :print_yellow "Running the Quality and Security rules on the project" -start /W /B docker run --rm --name codeql-container -v "%inputfile%:/opt/src" -v "%outputfile%:/opt/results" -e CODEQL_CLI_ARGS="database analyze /opt/results/source_db --format=sarifv2 --output=/opt/results/issues.sarif %language%-security-and-quality.qls" mcr.microsoft.com/cstsectools/codeql-container +start /W /B docker run --rm --name codeql-container -v "%inputfile%:/opt/src" -v "%outputfile%:/opt/results" -e CODEQL_CLI_ARGS="database analyze /opt/results/source_db --format=sarifv2.1.0 --output=/opt/results/issues.sarif %language%-security-and-quality.qls" mcr.microsoft.com/cstsectools/codeql-container if %errorlevel% GTR 0 ( call :print_red "Failed to run the query on the database" exit /b %errorlevel% diff --git a/scripts/windows/run_ql_suite.bat b/scripts/windows/run_ql_suite.bat index bd93ee3..1e59bd8 100644 --- a/scripts/windows/run_ql_suite.bat +++ b/scripts/windows/run_ql_suite.bat @@ -39,7 +39,7 @@ if %errorlevel% GTR 0 ( ) call :print_yellow "Running the %qlpack% ql pack rules on the project" -start /W /B docker run --rm --name codeql-container -v "%inputfile%:/opt/src" -v "%outputfile%:/opt/results" -e CODEQL_CLI_ARGS="database analyze /opt/results/source_db --format=sarifv2 --output=/opt/results/issues.sarif %language%-%qlpack%.qls" mcr.microsoft.com/cstsectools/codeql-container +start /W /B docker run --rm --name codeql-container -v "%inputfile%:/opt/src" -v "%outputfile%:/opt/results" -e CODEQL_CLI_ARGS="database analyze /opt/results/source_db --format=sarifv2.1.0 --output=/opt/results/issues.sarif %language%-%qlpack%.qls" mcr.microsoft.com/cstsectools/codeql-container if %errorlevel% GTR 0 ( call :print_red "Failed to run the query on the database" exit /b %errorlevel%