Skip to content

fix: security

fix: security #185

Workflow file for this run

name: "CodeQL Advanced"
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
schedule:
- cron: '0 6 * * 1'
jobs:
analyze:
name: Analyze (${{ matrix.language }})
runs-on: ubuntu-latest
timeout-minutes: 30
permissions:
actions: read
contents: read
packages: read
security-events: write
strategy:
fail-fast: false
matrix:
include:
- language: java-kotlin
build-mode: autobuild
- language: javascript-typescript
build-mode: none
steps:
- name: Checkout repository
uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
build-mode: ${{ matrix.build-mode }}
- name: "Gradle: Validate Gradle Wrapper"
uses: gradle/wrapper-validation-action@ccb4328a959376b642e027874838f60f8e596de3
- name: "Gradle: Build"
uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629
env:
GPR_USER: ${{ secrets.GHCR_READONLY_USER }}
GPR_KEY: ${{ secrets.GHCR_READONLY_TOKEN }}
with:
build-root-directory: authority-portal-backend
arguments: build
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: "/language:${{matrix.language}}"