Skip to content

CodeQL

CodeQL #601

Workflow file for this run

name: CodeQL
on:
push:
paths:
- '**'
branches:
- '**'
schedule:
- cron: '0 0 * * 0'
jobs:
app:
name: App
runs-on: ubuntu-latest
defaults:
run:
working-directory: App
permissions:
actions: read
contents: read
packages: read
security-events: write
steps:
- name: Clone repository
uses: actions/checkout@v4
- name: Setup Java
uses: actions/setup-java@v4
with:
java-version: 17
distribution: temurin
- name: Set Gradle permissions
run: chmod +x gradlew
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: java
source-root: App
tools: latest
- name: Build project
uses: gradle/gradle-build-action@v2
with:
arguments: assembleDebug --scan
build-root-directory: App
cache-disabled: true
- name: Perform CodeQL analysis
uses: github/codeql-action/analyze@v2
service:
name: Service
runs-on: ubuntu-latest
defaults:
run:
working-directory: Service
permissions:
actions: read
contents: read
packages: read
security-events: write
steps:
- name: Clone repository
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: csharp
source-root: Service
- name: Add GitHub Packages source
run: dotnet nuget add source --name github --username ${{ github.repository_owner }} --password ${{ secrets.GITHUB_TOKEN }} --store-password-in-clear-text https://nuget.pkg.github.com/${{ github.repository_owner }}/index.json
- name: Auto-build
uses: github/codeql-action/autobuild@v2
with:
working-directory: Service
- name: Perform CodeQL analysis
uses: github/codeql-action/analyze@v2