docker build -t j3ssie/codeql-docker:latest .

docker pull j3ssie/codeql-docker:latest 

# usage ./scripts/run.py -l <language-of-source-code> -s <source-code-folder> [--format=csv] [-o ouput] # simple usage ./scripts/run.py -l go -s /tmp/insecure-project # default output is JSON format so read them with this command cat results/issues.sarif-latest| jq '.runs[].results' # with custom format and output ./scripts/run.py -l javascript -s /tmp/cc/code-scanning-javascript-demo --format=csv -o sample # your output will be store at sample/issues.csv 

# run in the current folder mkdir -p ${PWD}/codeql-result docker run --rm --name codeql-docker -v ${PWD}:/opt/src -v ${PWD}/codeql-result:/opt/results -e "LANGUAGE=javascript" -e "THREADS=5" j3ssie/codeql-docker:latest # simple usage docker run --rm --name codeql-docker -v "/tmp/src:/opt/src" -v "/tmp/local-results:/opt/results" -e "LANGUAGE=go" j3ssie/codeql-docker:latest # more options docker run --rm --name codeql-docker -v "/tmp/src:/opt/src" -v "/tmp/local-results:/opt/results" -e "LANGUAGE=javascript" -e "FORMAT=csv" -e "QS=javascript-security-and-quality.qls" j3ssie/codeql-docker:latest 

# Directly access container with bash shell docker run -it --entrypoint=/bin/bash -t j3ssie/codeql-docker:latest # Copy your code to container docker cp <your-source-cde> <docker-ID>:/opt/src # create DB in this folder /opt/src/db # This might take a while depend on your code codeql database create --language=<language> /opt/src/db -s /opt/src # run analyze # normally query-suites will will be: <language>-security-and-quality.qls codeql database analyze --format=sarif-latest --output=/opt/issues.sarif /opt/src/db <query-suites> # copy the result back to host machine docker cp <docker-ID>:/opt/issues.sarif .

# List all query suites codeql resolve queries # Upgrade DB codeql database upgrade <database>