You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@inlong.apache.org by do...@apache.org on 2022/07/12 02:41:40 UTC

[inlong] branch master updated: [INLONG-2440][CI] Add a workflow to Scan InLong common vulnerabilities (#4372)

This is an automated email from the ASF dual-hosted git repository.

dockerzhang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/inlong.git


The following commit(s) were added to refs/heads/master by this push:
     new f04f9abef [INLONG-2440][CI] Add a workflow to Scan InLong common vulnerabilities (#4372)
f04f9abef is described below

commit f04f9abef9f88cc5d01942c416a3665a22ed257f
Author: Charles Zhang <do...@apache.org>
AuthorDate: Tue Jul 12 10:41:35 2022 +0800

    [INLONG-2440][CI] Add a workflow to Scan InLong common vulnerabilities (#4372)
    
    Co-authored-by: Yuanhao Ji <ji...@apache.org>
---
 .github/workflows/codeql_analysis.yml | 69 +++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)

diff --git a/.github/workflows/codeql_analysis.yml b/.github/workflows/codeql_analysis.yml
new file mode 100644
index 000000000..54c10fbb3
--- /dev/null
+++ b/.github/workflows/codeql_analysis.yml
@@ -0,0 +1,69 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+name: InLong Vulnerabilities Scan
+
+on: [ push, pull_request ]
+
+jobs:
+  analyze:
+    name: Analyze by CodeQL
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'java' ]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+
+      # build project
+      - name: Set up JDK
+        uses: actions/setup-java@v3
+        with:
+          java-version: 8
+          distribution: adopt
+
+      - name: Cache Maven packages
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.m2/repository
+            !~/.m2/repository/org/apache/inlong
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+
+      - name: Build with Maven
+        run: mvn --batch-mode --update-snapshots -e -V clean install -DskipTests
+        env:
+          CI: false
+
+      # Perform CodeQL Analysis
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2