• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# For most projects, this workflow file will not need changing; you simply need
2# to commit it to your repository.
3#
4# You may wish to alter this file to override the set of languages analyzed,
5# or to provide custom queries or build logic.
6#
7# ******** NOTE ********
8# We have attempted to detect the languages in your repository. Please check
9# the `language` matrix defined below to confirm you have the correct set of
10# supported CodeQL languages.
11#
12name: "CodeQL"
13
14on:
15  push:
16    branches: [ "master" ]
17  pull_request:
18    # The branches below must be a subset of the branches above
19    branches: [ "master" ]
20
21concurrency:
22  group: ${{ github.workflow }}-${{ github.ref }}
23  cancel-in-progress: true
24
25jobs:
26  analyze:
27    name: Analyze
28    # Runner size impacts CodeQL analysis time. To learn more, please see:
29    #   - https://gh.io/recommended-hardware-resources-for-running-codeql
30    #   - https://gh.io/supported-runners-and-hardware-resources
31    #   - https://gh.io/using-larger-runners
32    # Consider using larger runners for possible analysis time improvements.
33    runs-on: ubuntu-22.04
34    timeout-minutes: 360
35    permissions:
36      actions: read
37      contents: read
38      security-events: write
39
40    strategy:
41      fail-fast: false
42      matrix:
43        language: [ 'java-kotlin' ]
44        # CodeQL supports [ 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' ]
45        # Use only 'java-kotlin' to analyze code written in Java, Kotlin or both
46        # Use only 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
47        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
48
49    steps:
50      - name: Checkout repository
51        uses: actions/checkout@v4
52
53      - name: Set up JDK 17
54        uses: actions/setup-java@v4
55        with:
56          distribution: 'adopt'
57          java-version: 17
58
59      - uses: gradle/actions/setup-gradle@v3
60
61      # Initializes the CodeQL tools for scanning.
62      - name: Initialize CodeQL
63        uses: github/codeql-action/init@v3
64        with:
65          languages: ${{ matrix.language }}
66          # If you wish to specify custom queries, you can do so here or in a config file.
67          # By default, queries listed here will override any specified in a config file.
68          # Prefix the list here with "+" to use these queries and those in the config file.
69
70          # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
71          # queries: security-extended,security-and-quality
72
73      # ℹ️ Command-line programs to run using the OS shell.
74      # �� See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
75      - name: Build
76        run: |
77          SKIP_ERRORPRONE=true SKIP_JAVADOC=true \
78          ./gradlew assemble testClasses --parallel --stacktrace --no-watch-fs
79
80      - name: Perform CodeQL Analysis
81        uses: github/codeql-action/analyze@v3
82        with:
83          category: "/language:${{matrix.language}}"
84