From d2e731f7865c66d5019a1cc9634fa5fc7bf446ac Mon Sep 17 00:00:00 2001
From: Aleksei Babushkin <ocelaiwo@gmail.com>
Date: Tue, 9 Apr 2024 20:18:45 +0300
Subject: [PATCH] [feat] add noDocker runners for CodeQL and Semgrep

---
 scripts/runCodeQLNoDocker.sh  | 13 +++++++++++++
 scripts/runSemgrepNoDocker.sh |  9 +++++++++
 2 files changed, 22 insertions(+)
 create mode 100755 scripts/runCodeQLNoDocker.sh
 create mode 100755 scripts/runSemgrepNoDocker.sh

diff --git a/scripts/runCodeQLNoDocker.sh b/scripts/runCodeQLNoDocker.sh
new file mode 100755
index 000000000..4c61d376b
--- /dev/null
+++ b/scripts/runCodeQLNoDocker.sh
@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+
+echo "Running CodeQL"
+
+benchmark_version=$(scripts/getBenchmarkVersion.sh)
+codeql_version=$($HOME/.local/bin/codeql/codeql --version -q)
+result_file="results/Benchmark_$benchmark_version-CodeQL-v$codeql_version.sarif"
+
+$HOME/.local/bin/codeql/codeql database create owasp-benchmark --language=java --threads=0
+
+$HOME/.local/bin/codeql/codeql database analyze owasp-benchmark java-code-scanning.qls --format=sarifv2.1.0 --threads=0 --output=$result_file
+
+rm -rf owasp-benchmark
diff --git a/scripts/runSemgrepNoDocker.sh b/scripts/runSemgrepNoDocker.sh
new file mode 100755
index 000000000..2e64acd6d
--- /dev/null
+++ b/scripts/runSemgrepNoDocker.sh
@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+echo "Running Semgrep"
+
+benchmark_version=$(scripts/getBenchmarkVersion.sh)
+semgrep_version=$(semgrep --version)
+result_file="results/Benchmark_$benchmark_version-Semgrep-v$semgrep_version.json"
+
+semgrep --config p/security-audit -q --json --include="src/main/java/org/owasp/benchmark/testcode/*.java" -o "$result_file" . > /dev/null