Skip to content
CodeQL

CodeQL #25

Sign in to view logs

CodeQL

CodeQL #25

Workflow file for this run

.github/workflows/module.codeql.yml at a92c71c
name: "CodeQL"
on:
workflow_dispatch:
## Input: Runner to use
inputs:
runner:
description: "Runner"
type: string
default: "ubuntu-latest"
required: false
## Secrets: API Key
secrets:
BUILDLESS_APIKEY:
description: "Buildless API Key"
required: true
workflow_call:
inputs:
runner:
description: "Runner"
type: string
default: "ubuntu-latest"
required: false
secrets:
BUILDLESS_APIKEY:
description: "Buildless API Key"
required: true
schedule:
- cron: "33 9 * * 0"
permissions:
contents: read
jobs:
analyze:
name: CodeQL
continue-on-error: true
runs-on: ${{ inputs.runner }}
timeout-minutes: 360
permissions:
actions: read
contents: read
security-events: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- name: "Setup: Checkout"
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3
- name: "Setup: JDK 19"
uses: buildjet/setup-java@89ddc594b1d96eada357fc2824610d5d6650f2da # v4
with:
distribution: "adopt-hotspot"
java-version: "19"
- name: "Setup: Initialize CodeQL"
uses: github/codeql-action/init@05963f47d870e2cb19a537396c1f668a348c7d8f # v2
with:
languages: java
- name: "Build: Plugin"
uses: gradle/gradle-build-action@29c0906b64b8fc82467890bfb7a0a7ef34bda89e # v2
id: gradlebuild
continue-on-error: true
env:
CI: true
BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }}
CACHE_ENDPOINT: ${{ vars.CACHE_ENDPOINT_GRADLE || 'https://gradle.less.build/cache/generic/' }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
cache-read-only: false
arguments: |
build
-x test
-x check
- name: "Analsis: CodeQL"
uses: github/codeql-action/analyze@05963f47d870e2cb19a537396c1f668a348c7d8f # v2
continue-on-error: true
with:
category: "/language:java"