Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update the CodeQL workflow #22

Merged
merged 4 commits into from
May 13, 2024
Merged

Update the CodeQL workflow #22

merged 4 commits into from
May 13, 2024

Conversation

mcdonnnj
Copy link
Member

@mcdonnnj mcdonnnj commented May 10, 2024
edited
Loading

🗣 Description

This pull request updates the CodeQL workflow to reflect updates done in other skeleton projects.

Note

This pull request is built on top of #19 so you can see just this pull request's changes in this comparison.

💭 Motivation and context

In addition to spreading the diagnostics job love and GHA runner hardening it was important to make sure the base configuration aligned with what's used in other projects (like cisagov/skeleton-python-library).

🧪 Testing

Automated tests pass.

✅ Pre-approval checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All new and existing tests pass.

@mcdonnnj mcdonnnj added improvement This issue or pull request will add or improve functionality, maintainability, or ease of use github-actions Pull requests that update GitHub Actions code test This issue or pull request adds or otherwise modifies test code labels May 10, 2024
@mcdonnnj mcdonnnj self-assigned this May 10, 2024
@mcdonnnj mcdonnnj added this pull request to the merge queue May 13, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to invalid changes in the merge commit May 13, 2024
@mcdonnnj mcdonnnj added this pull request to the merge queue May 13, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to invalid changes in the merge commit May 13, 2024
@mcdonnnj mcdonnnj force-pushed the improvement/update_codeql_workflow branch from 6076975 to 93ade6e Compare May 13, 2024 19:03
@mcdonnnj mcdonnnj added the kraken 🐙 This pull request is ready to merge during the next Lineage Kraken release label May 13, 2024
@mcdonnnj mcdonnnj added this pull request to the merge queue May 13, 2024
@mcdonnnj mcdonnnj removed this pull request from the merge queue due to a manual request May 13, 2024
@mcdonnnj
Add a diagnostics job to the CodeQL workflow
e3381b1 
This mirrors the diagnostics job in the `build` workflow.
@mcdonnnj
Use step-security/harden-runner in the Analyze job
34a7da5 
Since this Action should be used in every job we need to use it here.
@mcdonnnj
Remove unnecessary quotes in the CodeQL job
0227a71
@mcdonnnj
Add a disabled ignore directive for github/codeql-action
4dabc52 
Once enabled downstream this will ensure that downstream projects will
receive updates to this dependency from the upstream skeleton (which
will get updated by dependabot) instead of in the downstream
repository.
@mcdonnnj mcdonnnj force-pushed the improvement/update_codeql_workflow branch from b27a28a to 4dabc52 Compare May 13, 2024 21:33
@mcdonnnj mcdonnnj added this pull request to the merge queue May 13, 2024
Merged via the queue into develop with commit 862d289 May 13, 2024
17 checks passed
@mcdonnnj mcdonnnj deleted the improvement/update_codeql_workflow branch May 13, 2024 21:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dav3r dav3r dav3r approved these changes

@jsf9k jsf9k jsf9k approved these changes

@felddy felddy Awaiting requested review from felddy felddy is a code owner

@jasonodoom jasonodoom Awaiting requested review from jasonodoom

Assignees

@mcdonnnj mcdonnnj

Labels
github-actions Pull requests that update GitHub Actions code improvement This issue or pull request will add or improve functionality, maintainability, or ease of use kraken 🐙 This pull request is ready to merge during the next Lineage Kraken release test This issue or pull request adds or otherwise modifies test code
Projects
Skeleton Maintenance
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mcdonnnj @jsf9k @dav3r