RAM override argument pass-through to CodeQL CLI by bbbates · Pull Request #19 · advanced-security/codeql-bundle · GitHub
Skip to content

RAM override argument pass-through to CodeQL CLI#19

Open
bbbates wants to merge 3 commits into
advanced-security:mainfrom
bbbates:main
Open

RAM override argument pass-through to CodeQL CLI#19
bbbates wants to merge 3 commits into
advanced-security:mainfrom
bbbates:main

Conversation

@bbbates

@bbbates bbbates commented Jun 15, 2026

Copy link
Copy Markdown
Contributor

Add support to the codeql-bundle tool for overriding the amount of RAM used by the codeql CLI bundle commands.

  • The CodeQL CLI bundle commands accept the -M/--ram arguments to override the amount of heap space used when packaging bundles.
  • This change allows the codeql-bundle tool to pass-through an override amount to the underlying codeql cli bundle commands
  • Also ensure the same threads arg is used when bundling a pack as the number of threads used when creating a pack

@bbbates bbbates requested a review from a team as a code owner June 15, 2026 04:12
@hugo-syn

Copy link
Copy Markdown

…message for when changing ram usage for pack bundling vs pack creating
@bbbates

bbbates commented Jun 18, 2026

Copy link
Copy Markdown
Contributor Author

Hey, would you be able to mirror this on the advanced-security/codeql-bundle-action ? I tried to use it but got a RAM error: image

Good call out - I don't use the action myself, I use a different CI/CD tool for the bundling process, so I won't be able to test out the change. Are you able to create a PR against that repo (once this PR is merged and released)?

@hugo-syn

Copy link
Copy Markdown

Yes sure, what tool are you using ? It's my first time using the tool but the bundling time is huge like 3h is it normal? Would it be possible to improve this ?

@bbbates

bbbates commented Jun 19, 2026

Copy link
Copy Markdown
Contributor Author

Yes sure, what tool are you using ? It's my first time using the tool but the bundling time is huge like 3h is it normal? Would it be possible to improve this ?

Just another cloud-based CI/CD tool, nothing special. I download the codeql-bundle python package using pip and run the build in a py venv. We did have to bump up the specs for the build agents to accommodate the codeql-bundle builds.
A new package build can take us upwards of 4.5 hours, with precompilation 😢 . If you skip pre-compilation altogether, you can get a bundle build done in a couple of hours, but you end up with a bundle that's almost unusable because the queries need to be compiled on the fly and that can take 30m to an hour, depending on other factors.
Unfortunately I don't see any other way to easily package and distribute the custom queries and codeql libraries we have, and enforce their use. I'd love to hear some other suggestions!

@hugo-syn

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants