mirror of
https://github.com/vacp2p/linea-monorepo.git
synced 2026-01-07 22:54:08 -05:00
55 lines
1.4 KiB
YAML
55 lines
1.4 KiB
YAML
name: CodeQL
|
|
|
|
on:
|
|
workflow_call:
|
|
|
|
jobs:
|
|
analyze:
|
|
name: Analyze
|
|
runs-on: gha-runner-scale-set-ubuntu-22.04-amd64-med
|
|
permissions:
|
|
actions: read
|
|
contents: read
|
|
security-events: write
|
|
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
language: [ 'go', 'java-kotlin', 'javascript-typescript', 'actions', 'python' ]
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Initialize CodeQL
|
|
uses: github/codeql-action/init@v3
|
|
with:
|
|
languages: ${{ matrix.language }}
|
|
queries: security-extended,security-and-quality
|
|
|
|
- name: Setup Java
|
|
if: matrix.language == 'java-kotlin'
|
|
uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b #v4.5.0
|
|
with:
|
|
distribution: temurin
|
|
java-version: 21
|
|
|
|
- name: Autobuild
|
|
if: matrix.language != 'github-actions'
|
|
uses: github/codeql-action/autobuild@v3
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets._GITHUB_TOKEN_RELEASE_ACCESS }}
|
|
|
|
- name: Perform CodeQL Analysis
|
|
uses: github/codeql-action/analyze@v3
|
|
with:
|
|
category: "/language:${{matrix.language}}"
|
|
output: sarif-results
|
|
|
|
- name: Upload CodeQL Results
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: codeql-results-${{ matrix.language }}
|
|
path: sarif-results
|
|
retention-days: 1
|