You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@causeway.apache.org by ah...@apache.org on 2023/03/28 05:43:21 UTC

[causeway] branch master updated: CAUSEWAY-2445: CI: CodeQL testrun

This is an automated email from the ASF dual-hosted git repository.

ahuber pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/causeway.git


The following commit(s) were added to refs/heads/master by this push:
     new 796b848f29 CAUSEWAY-2445: CI: CodeQL testrun
796b848f29 is described below

commit 796b848f2957f381f29addb67dcee7efe7c8f8f1
Author: Andi Huber <ah...@apache.org>
AuthorDate: Tue Mar 28 07:43:16 2023 +0200

    CAUSEWAY-2445: CI: CodeQL testrun
---
 .../workflows/ci-build-artifacts-no-push-maven.yml | 30 +++++++++++++++++++---
 1 file changed, 27 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci-build-artifacts-no-push-maven.yml b/.github/workflows/ci-build-artifacts-no-push-maven.yml
index d0e141ae4f..5adb910ce5 100644
--- a/.github/workflows/ci-build-artifacts-no-push-maven.yml
+++ b/.github/workflows/ci-build-artifacts-no-push-maven.yml
@@ -10,13 +10,21 @@ on:
       - master
       - spring6
 
-permissions:
-  contents: read
-
 jobs:
   build:
     name: build-local-no-push
     runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    strategy:
+      matrix:
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Use only 'java' to analyze code written in Java, Kotlin or both
+        # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support  
+        language: [ 'java', 'javascript' ]
     env:
       # to be shared among all steps of this job
       BASELINE: 2.0.0-RC1
@@ -31,6 +39,9 @@ jobs:
       # set this to 'deploy' when intent is to push the built packages to a repo
       # requires 'secrets' which we don't have yet
       MVN_STAGES: install
+      
+      # options
+      SKIP_CODE_QL: false
 
     steps:
     - uses: actions/checkout@v3
@@ -87,6 +98,19 @@ jobs:
           -Denforcer.failFast=true
           -e
 
+    # CodeQL Analysis (https://codeql.github.com/docs/codeql-overview/about-codeql/)
+    - name: Initialize CodeQL
+      if: env.SKIP_CODE_QL != 'true' 
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+    - name: Perform CodeQL Analysis
+      if: env.SKIP_CODE_QL != 'true'
+      uses: github/codeql-action/analyze@v2
+      with:
+        category: "/language:${{matrix.language}}"
+           
+
 # FOR DEBUG USE
 #   - name: Dump GitHub context
 #     env: