You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@causeway.apache.org by ah...@apache.org on 2023/03/28 05:43:21 UTC
[causeway] branch master updated: CAUSEWAY-2445: CI: CodeQL testrun
This is an automated email from the ASF dual-hosted git repository.
ahuber pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/causeway.git
The following commit(s) were added to refs/heads/master by this push:
new 796b848f29 CAUSEWAY-2445: CI: CodeQL testrun
796b848f29 is described below
commit 796b848f2957f381f29addb67dcee7efe7c8f8f1
Author: Andi Huber <ah...@apache.org>
AuthorDate: Tue Mar 28 07:43:16 2023 +0200
CAUSEWAY-2445: CI: CodeQL testrun
---
.../workflows/ci-build-artifacts-no-push-maven.yml | 30 +++++++++++++++++++---
1 file changed, 27 insertions(+), 3 deletions(-)
diff --git a/.github/workflows/ci-build-artifacts-no-push-maven.yml b/.github/workflows/ci-build-artifacts-no-push-maven.yml
index d0e141ae4f..5adb910ce5 100644
--- a/.github/workflows/ci-build-artifacts-no-push-maven.yml
+++ b/.github/workflows/ci-build-artifacts-no-push-maven.yml
@@ -10,13 +10,21 @@ on:
- master
- spring6
-permissions:
- contents: read
-
jobs:
build:
name: build-local-no-push
runs-on: ubuntu-latest
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+ strategy:
+ matrix:
+ # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+ # Use only 'java' to analyze code written in Java, Kotlin or both
+ # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
+ # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+ language: [ 'java', 'javascript' ]
env:
# to be shared among all steps of this job
BASELINE: 2.0.0-RC1
@@ -31,6 +39,9 @@ jobs:
# set this to 'deploy' when intent is to push the built packages to a repo
# requires 'secrets' which we don't have yet
MVN_STAGES: install
+
+ # options
+ SKIP_CODE_QL: false
steps:
- uses: actions/checkout@v3
@@ -87,6 +98,19 @@ jobs:
-Denforcer.failFast=true
-e
+ # CodeQL Analysis (https://codeql.github.com/docs/codeql-overview/about-codeql/)
+ - name: Initialize CodeQL
+ if: env.SKIP_CODE_QL != 'true'
+ uses: github/codeql-action/init@v2
+ with:
+ languages: ${{ matrix.language }}
+ - name: Perform CodeQL Analysis
+ if: env.SKIP_CODE_QL != 'true'
+ uses: github/codeql-action/analyze@v2
+ with:
+ category: "/language:${{matrix.language}}"
+
+
# FOR DEBUG USE
# - name: Dump GitHub context
# env: