You're reading from Accelerate DevOps with GitHub Enhance software delivery performance with GitHub Issues, Projects, Actions, and Advanced Security

Product type Paperback

Published in Sep 2022

Publisher Packt

ISBN-13 9781801813358

Length 540 pages

Edition 1st Edition

Tools

GitHub

Concepts

DevOps

Author (1):

Michael Kaufmann

View More author details

Table of Contents (31) Chapters

Preface

1. Part 1: Lean Management and Collaboration

2. Chapter 1: Metrics That Matter FREE CHAPTER

3. Chapter 2: Plan, Track, and Visualize Your Work

4. Chapter 3: Teamwork and Collaborative Development

5. Chapter 4: Asynchronous Work: Collaborate from Anywhere

6. Chapter 5: The Influence of Open and Inner Source on Software Delivery Performance

7. Part 2: Engineering DevOps Practices

8. Chapter 6: Automation with GitHub Actions

9. Chapter 7: Running Your Workflows

10. Chapter 8: Managing Dependencies Using GitHub Packages

11. Chapter 9: Deploying to Any Platform

12. Chapter 10: Feature Flags and the Feature Lifecycle

13. Chapter 11: Trunk-Based Development

14. Part 3: Release with Confidence

15. Chapter 12: Shift Left Testing for Increased Quality

16. Chapter 13: Shift-Left Security and DevSecOps

17. Chapter 14: Securing Your Code

18. Chapter 15: Securing Your Deployments

19. Part 4: Software Architecture

20. Chapter 16: Loosely Coupled Architecture and Microservices

21. Chapter 17: Empower Your Teams

22. Part 5: Lean Product Management

23. Chapter 18: Lean Product Development and Lean Startup

24. Chapter 19: Experimentation and A|B Testing

25. Part 6: GitHub for your Enterprise

26. Chapter 20: GitHub – The Home for All Developers

27. Chapter 21: Migrating to GitHub

28. Chapter 22: Organizing Your Teams

29. Chapter 23: Transform Your Enterprise

30. Other Books You May Enjoy

Writing your own CodeQL queries

CodeQL comes with a lot of out-of-the-box queries – especially if you use the security-and-quality suite. But the full power of CodeQL comes if you start to write your own queries. Of course, this is not trivial. CodeQL is a complex query language, and if you look at some of the queries at https://github.com/github/codeql, you'll see that they can get quite complex. But if you know your coding language, it should be quite easy to create some simple queries.

To write CodeQL queries, you need Visual Studio Code (VS Code) and the GitHub CodeQL extension (https://marketplace.visualstudio.com/items?itemName=GitHub.vscode-codeql).

If you have both installed, clone the starter workspace:

$ git clone --recursive https://github.com/github/vscode-codeql-starter.git

Note the --recursive parameter! If you forget it, you have to load the submodules manually:

$ git submodule update --remote

In VSCode, select File | Open Workspace from...

The rest of the chapter is locked

You're reading from Accelerate DevOps with GitHub Enhance software delivery performance with GitHub Issues, Projects, Actions, and Advanced Security

Table of Contents (31) Chapters

Writing your own CodeQL queries

Authors (1)

Personalised recommendations for you

You're reading from Accelerate DevOps with GitHub Enhance software delivery performance with GitHub Issues, Projects, Actions, and Advanced Security

Table of Contents (31) Chapters

Writing your own CodeQL queries

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you